Razer93 utworzono 23 czerwca 2010 utworzono 23 czerwca 2010 (edytowane) Witam mam problem gdy uruchomię komputer wszystko jest ok lecz po czasie komputer zaczyna się zawieszać i jak wchodzę w menedżera zadań Windows potem w procesy i mam po 800 procesów run32dll.exe . Myślę że jest to problem związany z tym proszę o szybką pomoc o to jak to wygląda : http://img94.imageshack.us/img94/313/beztytuukcu.png 1
RainG3 komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Hmm... Sam nie wiem ,ale powiem Ci ,że dzieje się tak dlatego ,że mało ,który CPU wytrzyma tyle procesów i się zwiesza [color="#FF0000"]// Co ten post wnosi do tematu? Nie spamuj. Następnym razem polecą ostrzeżenia. // Cyp[/color]
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Na początek log z OTL: http://www.forumpc.pl/index.php?showtopic=104338 Sprawdzimy komputer pod względem obecności szkodliwego oprogramowania(wirusów). Format to ostateczność walczymy do końca.
Razer93 komentarz 23 czerwca 2010 Autor komentarz 23 czerwca 2010 [log]OTL logfile created on: 2010-06-23 21:47:45 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 4 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,55 Gb Total Space | 19,69 Gb Free Space | 26,42% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KIMAK Current User Name: Kimak Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-20 13:06:42 | 000,339,503 | ---- | M] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe PRC - [2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\system\run32dll.exe PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-04-12 11:43:47 | 000,215,128 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe PRC - [2009-12-22 01:57:28 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2009-12-14 21:50:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009-10-06 16:34:04 | 018,750,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-08-17 03:03:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-08-16 09:37:35 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-08-06 20:24:06 | 000,068,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\word\Office12\GrooveMonitor.exe PRC - [2008-01-29 11:16:28 | 002,150,400 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe PRC - [2006-03-02 14:00:00 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-11-16 12:57:55 | 002,207,744 | ---- | M] (Gadu-Gadu Sp. z oo) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe MOD - [2009-11-28 03:05:31 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2009-09-25 07:58:06 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 15:16:27 | 012,897,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-03-26 18:17:57 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\word\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-23 21:20:20 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-04-12 11:43:56 | 000,139,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2010-01-23 13:25:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-01-03 00:15:08 | 003,059,824 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2009-12-18 14:56:47 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH) DRV - [2009-12-18 14:56:47 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330) DRV - [2009-12-18 14:56:47 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS) DRV - [2009-12-10 16:56:16 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2009-10-10 09:04:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-10-10 09:04:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-10-06 18:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-08-17 00:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-08-15 19:48:37 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-08-05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-06-20 11:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-08-02 18:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr) DRV - [2007-04-03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) DRV - [2007-04-03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex) DRV - [2007-04-03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) DRV - [2007-04-03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) DRV - [2007-04-03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm) DRV - [2007-04-03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl) DRV - [2007-04-03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006-01-04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2002-10-15 15:48:46 | 000,012,964 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbfilter.sys -- (kbfilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15510&l=dis IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314 FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1 FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-23 21:21:27 | 000,000,000 | ---D | M] [2010-04-02 20:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions [2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions [2010-04-02 21:03:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-02 21:05:42 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2010-04-02 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\nasanightlaunch@example.com [2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-08-29 17:51:18 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll [2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll [2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-15 10:29:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [GrooveMonitor] C:\word\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe (Trend Micro Inc) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [run32d] C:\WINDOWS\system\run32dll.exe () O4 - HKLM..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo) O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe () O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Steam] c:\program files\steam\steam.exe () O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\Kimak\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\word\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\word\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\word\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-15 16:25:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{74de429a-544c-11df-81a0-001fd00d9f59}\Shell\AutoRun\command - "" = H:\Launcher.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-23 21:04:00 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-06-23 20:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-22 11:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Pcsx2 [2010-06-20 12:47:34 | 000,339,503 | ---- | C] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe [2010-06-19 20:13:22 | 000,000,000 | ---D | C] -- C:\wbu [2010-06-19 12:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Achmed The Dead Terrorist [2010-06-19 12:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\play 4 fun not 4 life_by Kolba515 [2010-06-19 09:46:24 | 000,000,000 | ---D | C] -- C:\PCSX2 24.12.2009 [2010-06-18 13:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\pcsx2 [2010-06-18 13:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\PCSX2 24.12.2009 [2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\plugins [2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\bios [2010-06-16 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\KeyLogger [2010-06-15 10:30:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-15 10:11:21 | 000,000,000 | ---D | C] -- C:\ComboFix [2010-06-14 21:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Valve [2010-06-11 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-06-01 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations [2010-05-30 00:04:02 | 000,000,000 | ---D | C] -- C:\ezio [2010-05-28 21:21:53 | 000,000,000 | ---D | C] -- C:\Sys [2010-05-26 13:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\THQ [2010-05-24 16:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Hitman Blood Money [2010-05-24 16:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean [2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-05-17 20:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-05-12 20:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\KONAMI [2010-05-10 19:17:54 | 000,000,000 | ---D | C] -- C:\zc [2010-05-10 15:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\4A Games [2010-05-10 15:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\4A Games [2010-05-09 13:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Set [2010-05-09 13:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Tunngle [2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle [2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle [2010-05-08 20:40:10 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2010-05-07 23:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2010-05-07 23:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-05-05 17:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\storage [2010-04-29 20:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-04-29 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-04-29 20:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010-04-29 20:39:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-04-29 20:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-04-29 20:38:31 | 000,000,000 | ---D | C] -- C:\word [2010-04-29 20:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-04-29 20:37:58 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-04-25 12:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Command and Conquer 4 [2010-04-25 12:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4 [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-23 21:47:58 | 000,000,559 | ---- | M] () -- C:\WINDOWS\DFC.INI [2010-06-23 21:46:41 | 000,249,502 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-06-23 21:46:39 | 000,013,722 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-23 21:46:39 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-23 21:46:39 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Automatic maintenance.job [2010-06-23 21:46:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-23 21:46:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-23 21:37:11 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-23 21:22:14 | 000,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-06-23 21:22:13 | 000,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-06-23 21:20:20 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-06-23 20:06:03 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\RegCleaner.lnk [2010-06-23 20:00:28 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-23 19:44:19 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Kimak\NTUSER.DAT [2010-06-23 19:44:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kimak\ntuser.ini [2010-06-23 13:30:44 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\bez tytułu.bmp [2010-06-22 20:47:17 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat [2010-06-20 13:17:42 | 000,025,955 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\1a.jpg [2010-06-20 13:08:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\trdl [2010-06-20 13:08:45 | 000,015,360 | ---- | M] () -- C:\WINDOWS\wsc.p1 [2010-06-20 13:08:45 | 000,015,360 | ---- | M] () -- C:\WINDOWS\trdl.p1 [2010-06-20 13:08:45 | 000,014,080 | ---- | M] () -- C:\WINDOWS\trdl.p2 [2010-06-20 13:08:45 | 000,010,240 | ---- | M] () -- C:\WINDOWS\linkinfo.p1 [2010-06-20 13:08:45 | 000,008,981 | ---- | M] () -- C:\WINDOWS\wsc.p2 [2010-06-20 13:08:45 | 000,005,285 | ---- | M] () -- C:\WINDOWS\linkinfo.p2 [2010-06-20 13:08:45 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System\run32dll.p2 [2010-06-20 13:08:45 | 000,000,640 | ---- | M] () -- C:\WINDOWS\rcx.dat [2010-06-20 13:08:45 | 000,000,084 | ---- | M] () -- C:\WINDOWS\rcx.ini [2010-06-20 13:08:45 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini [2010-06-20 13:06:42 | 000,339,503 | ---- | M] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe [2010-06-20 13:06:37 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System\run32dll.p1 [2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\wsock32.dll [2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\Program Files\wsock32.dll [2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\Program Files\Common Files\wsock32.dll [2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\System\run32dll.exe [2010-06-19 23:18:41 | 000,319,945 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\1274816994_o.jpg [2010-06-19 23:07:47 | 000,000,153 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\noavatar.png [2010-06-19 12:00:03 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\xx.jpeg [2010-06-19 09:46:41 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PSCX2.lnk [2010-06-15 19:05:46 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk [2010-06-15 18:18:03 | 000,069,904 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-15 18:13:58 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-15 11:01:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-06-15 10:30:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-15 10:29:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-06-15 10:02:47 | 000,503,536 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-15 10:02:47 | 000,444,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-15 10:02:47 | 000,090,408 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-15 10:02:46 | 001,124,360 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-15 10:02:46 | 000,072,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-14 21:20:14 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk [2010-06-14 21:20:14 | 000,001,587 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Dedicated Server.lnk [2010-06-14 16:24:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-06-13 23:27:00 | 000,044,631 | ---- | M] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg [2010-06-07 10:51:11 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Garena.lnk [2010-06-07 10:41:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk [2010-06-06 20:27:09 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk [2010-06-06 20:27:09 | 000,001,572 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Half-Life.lnk [2010-06-06 20:27:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk [2010-06-06 20:27:09 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk [2010-06-06 20:27:09 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk [2010-06-06 20:27:09 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk [2010-06-06 20:27:09 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk [2010-06-06 20:27:09 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk [2010-06-06 20:27:09 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Pro Evolution Soccer 2010.lnk [2010-06-06 20:27:09 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk [2010-06-06 20:27:09 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk [2010-06-06 20:27:09 | 000,000,504 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk [2010-06-06 20:27:09 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Progamy.lnk [2010-06-06 20:27:09 | 000,000,351 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk [2010-06-01 22:40:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-05-30 13:06:36 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx [2010-05-26 20:02:15 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\apache.dll [2010-05-17 21:44:32 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-09 13:23:22 | 000,001,751 | ---- | M] () -- C:\Documents and Set.key [2010-05-09 13:23:22 | 000,000,426 | ---- | M] () -- C:\Documents and Set.pub [2010-05-09 03:26:31 | 003,171,364 | -H-- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-05-09 03:04:59 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-04 19:12:43 | 000,006,688 | ---- | M] () -- C:\WINDOWS\movexe.exe [2010-05-04 18:13:15 | 000,000,203 | ---- | M] () -- C:\Documents and Settings\Kimak\default.pls [2010-04-28 21:05:51 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\SI.bin [2010-04-26 22:48:47 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-23 21:22:14 | 000,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-06-23 21:22:13 | 000,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-06-23 20:06:03 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\RegCleaner.lnk [2010-06-23 13:30:44 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\bez tytułu.bmp [2010-06-20 13:17:42 | 000,025,955 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\1a.jpg [2010-06-20 12:46:04 | 000,024,341 | ---- | C] () -- C:\wsock32.dll [2010-06-20 12:46:03 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System\run32dll.exe [2010-06-20 12:46:03 | 000,000,640 | ---- | C] () -- C:\WINDOWS\rcx.dat [2010-06-20 12:46:03 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini [2010-06-19 23:18:40 | 000,319,945 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\1274816994_o.jpg [2010-06-19 23:07:47 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\noavatar.png [2010-06-19 12:00:03 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\xx.jpeg [2010-06-19 09:46:41 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PSCX2.lnk [2010-06-15 19:05:46 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk [2010-06-15 11:01:24 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-06-14 21:20:14 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk [2010-06-14 21:20:14 | 000,001,587 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Dedicated Server.lnk [2010-06-14 16:24:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-06-13 23:26:59 | 000,044,631 | ---- | C] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg [2010-06-07 10:51:11 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Garena.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk [2010-06-06 20:27:09 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk [2010-06-06 20:27:09 | 000,001,572 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Half-Life.lnk [2010-06-06 20:27:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk [2010-06-06 20:27:09 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk [2010-06-06 20:27:09 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk [2010-06-06 20:27:09 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk [2010-06-06 20:27:09 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk [2010-06-06 20:27:09 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk [2010-06-06 20:27:09 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Pro Evolution Soccer 2010.lnk [2010-06-06 20:27:09 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk [2010-06-06 20:27:09 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk [2010-06-06 20:27:09 | 000,000,504 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk [2010-06-06 20:27:09 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Progamy.lnk [2010-06-06 20:27:09 | 000,000,351 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk [2010-05-30 13:06:36 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx [2010-05-26 16:51:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\apache.dll [2010-05-09 13:23:22 | 000,001,751 | ---- | C] () -- C:\Documents and Set.key [2010-05-09 13:23:22 | 000,000,426 | ---- | C] () -- C:\Documents and Set.pub [2010-05-08 20:40:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2010-05-04 19:12:43 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe [2010-04-28 21:05:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin [2010-04-26 22:48:25 | 000,007,432 | ---- | C] () -- C:\Documents and Settings\Kimak\sss.txt [2010-04-26 22:46:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-24 19:09:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\trdl.dll [2010-03-24 19:09:04 | 000,000,084 | ---- | C] () -- C:\WINDOWS\rcx.ini [2010-03-16 17:44:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-02-19 09:42:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2009-12-29 10:48:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-12-23 21:10:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI [2009-12-16 22:46:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2009-12-10 16:38:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-11-12 16:05:12 | 000,000,134 | ---- | C] () -- C:\WINDOWS\w5win.ini [2009-11-12 09:10:07 | 000,035,005 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2009-11-02 19:56:00 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini [2009-11-01 17:33:07 | 000,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2009-10-28 23:21:31 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2009-10-23 18:21:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-10-23 18:21:42 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-10-23 18:21:42 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-10-23 18:21:41 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-10-23 18:21:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-10-10 09:04:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-10-10 09:04:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-09-10 18:48:19 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2009-08-22 20:28:48 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-08-18 16:31:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-08-16 09:38:16 | 000,139,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-08-15 19:48:36 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-08-15 16:38:03 | 000,000,559 | ---- | C] () -- C:\WINDOWS\DFC.INI [2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2009-12-29 13:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-06-23 09:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-10-15 15:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BC [2009-10-31 02:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cabela's Outdoor Adventures Saves [2010-01-12 18:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-08-15 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-26 09:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-12-27 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy [2010-03-17 20:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-22 16:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-08-18 02:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-06-19 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-20 22:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-01-14 15:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-05-08 20:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle [2010-05-24 14:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-08-27 15:33:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} [2010-01-14 15:51:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2009-09-14 18:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\.ZMatrix [2009-12-23 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Atari [2010-06-01 15:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations [2010-05-24 16:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean [2010-04-03 08:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Capcom [2010-04-17 10:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command & Conquer 3 Wojny o tyberium [2010-04-25 21:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4 [2009-08-15 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Lite [2010-01-03 00:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Pro [2009-10-14 13:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Dark Sector [2010-03-20 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Gadu-Gadu 10 [2010-01-26 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Imperium Romanum [2010-06-15 10:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\ipla [2009-08-17 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mount&Blade [2010-01-17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Nowe Gadu-Gadu [2009-08-18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\OpenFM [2010-02-19 10:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\PhotoFiltre [2010-03-22 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Prison Break [2010-01-03 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Razer [2009-12-10 21:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Samsung [2009-11-30 15:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\SPORE [2009-08-27 15:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\TuneUp Software [2010-05-17 20:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle [2010-03-14 00:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Ubisoft [2009-09-27 22:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Utherverse [2010-06-13 10:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\uTorrent [2009-12-27 17:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\vghd [2010-01-05 21:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Vso [2010-01-16 03:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2010-03-25 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\TuneUp Software [2010-06-23 21:46:39 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic maintenance.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 < End of report >[/log] [color="#FF0000"] // Przenoszę // Cyp[/color]
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Infekcja. Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :Processes explorer.exe :OTL PRC - [2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\system\run32dll.exe SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01) O4 - HKLM..\Run: [run32d] C:\WINDOWS\system\run32dll.exe () :Files C:\WINDOWS\system\run32dll.exe C:\WINDOWS\System\run32dll.p1 C:\wsock32.dll C:\Program Files\wsock32.dll C:\Program Files\Common Files\wsock32.dll C:\WINDOWS\wsc.p1 C:\WINDOWS\trdl.p1 C:\WINDOWS\trdl.p2 C:\WINDOWS\linkinfo.p1 C:\WINDOWS\wsc.p2 C:\WINDOWS\linkinfo.p2 C:\WINDOWS\System\run32dll.p2 C:\WINDOWS\rcx.dat C:\WINDOWS\rcx.ini C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini C:\WINDOWS\ne__H_ck.exe :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.
Razer93 komentarz 23 czerwca 2010 Autor komentarz 23 czerwca 2010 [log]All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Process run32dll.exe killed successfully! Error: No service named appdrvrem01) Application Driver Auto Removal Service (01 was found to stop! Service\Driver key appdrvrem01) Application Driver Auto Removal Service (01 not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\run32d deleted successfully. C:\WINDOWS\system\run32dll.exe moved successfully. ========== FILES ========== File\Folder C:\WINDOWS\system\run32dll.exe not found. C:\WINDOWS\System\run32dll.p1 moved successfully. C:\wsock32.dll moved successfully. C:\Program Files\wsock32.dll moved successfully. C:\Program Files\Common Files\wsock32.dll moved successfully. C:\WINDOWS\wsc.p1 moved successfully. C:\WINDOWS\trdl.p1 moved successfully. C:\WINDOWS\trdl.p2 moved successfully. C:\WINDOWS\linkinfo.p1 moved successfully. C:\WINDOWS\wsc.p2 moved successfully. C:\WINDOWS\linkinfo.p2 moved successfully. C:\WINDOWS\System\run32dll.p2 moved successfully. C:\WINDOWS\rcx.dat moved successfully. C:\WINDOWS\rcx.ini moved successfully. C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini moved successfully. C:\WINDOWS\ne__H_ck.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Kimak ->Temp folder emptied: 45352851 bytes ->Temporary Internet Files folder emptied: 3726269 bytes ->Java cache emptied: 16049286 bytes ->FireFox cache emptied: 71266571 bytes ->Flash cache emptied: 102028 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2866202 bytes %systemroot%\System32 .tmp files removed: 6444756 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 266742 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 139,00 mb OTL by OldTimer - Version 3.2.7.0 log created on 06232010_223301 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\42CDFD51d01 not found! C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\58861B70d01 moved successfully. File\Folder C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\CBB0EA65d01 not found! C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\XUL.mfl moved successfully. Registry entries deleted on Reboot...[/log] Już CHYBA wszystko jest dobrze mam jeden proces run32dll.exe. Jesiona jak nauczyłeś się to tak przerabiać i odczytywać wirusy z tego OTL ?
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Dodałeś log usuwania, potrzeby jest nowy log taki jak tworzyłeś za pierwszym razem. Nauczyłem się tego przez google i jeszcze raz google.
Razer93 komentarz 23 czerwca 2010 Autor komentarz 23 czerwca 2010 [log]OTL logfile created on: 2010-06-23 22:53:59 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 4 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,55 Gb Total Space | 22,53 Gb Free Space | 30,22% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KIMAK Current User Name: Kimak Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-23 19:37:59 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-06-23 19:37:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\word\Office12\GrooveMonitor.exe PRC - [2008-01-29 11:16:28 | 002,150,400 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe PRC - [2006-03-02 14:00:00 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (All) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2010-04-12 11:43:47 | 000,215,128 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB) SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-03-26 18:17:57 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-02-07 20:09:24 | 000,170,992 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2009-12-14 21:50:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-11-11 20:35:51 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-08-17 03:03:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2009-08-16 09:37:35 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-06-10 08:31:55 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2009-02-09 12:22:08 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC) SRV - [2009-02-09 12:22:08 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\word\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008-07-07 22:33:22 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008-06-20 19:42:21 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Rozpoznawanie lokalizacji w sieci (NLA) SRV - [2007-11-28 10:27:24 | 000,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2007-06-27 18:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-08-24 23:30:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN) SRV - [2006-03-02 14:00:00 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2006-03-02 14:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2006-03-02 14:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2006-03-02 14:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2006-03-02 14:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) SRV - [2006-03-02 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2006-03-02 14:00:00 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2006-03-02 14:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2006-03-02 14:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2006-03-02 14:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2006-03-02 14:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2006-03-02 14:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2006-03-02 14:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2006-03-02 14:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2006-03-02 14:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService) SRV - [2006-03-02 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2006-03-02 14:00:00 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2006-03-02 14:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) SRV - [2006-03-02 14:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2006-03-02 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2006-03-02 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2006-03-02 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2006-03-02 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2006-03-02 14:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver) SRV - [2006-03-02 14:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2006-03-02 14:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2006-03-02 14:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2006-03-02 14:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc) SRV - [2006-03-02 14:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2006-03-02 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC) SRV - [2006-03-02 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2006-03-02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2006-03-02 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2006-03-02 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2006-03-02 14:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2006-03-02 14:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2006-03-02 14:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2006-03-02 14:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2006-03-02 14:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc) SRV - [2006-03-02 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2006-03-02 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Zasilacz awaryjny (UPS) SRV - [2006-03-02 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2006-03-02 14:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt) SRV - [2006-03-02 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2006-03-02 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2006-03-02 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2006-03-02 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2006-03-02 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2005-05-03 12:58:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004-08-04 00:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra) DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled | Running] -- -- (klmouflt) DRV - File not found [File_System | Disabled | Running] -- -- (KLIF) DRV - File not found [Kernel | Disabled | Running] -- -- (klbg) DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u) DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GarenaPEngine) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray) DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint) DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x) DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m) DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk) DRV - [2010-04-12 11:43:56 | 000,139,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2010-01-23 13:25:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-01-05 21:31:08 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin) DRV - [2010-01-03 00:15:08 | 003,059,824 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2009-12-24 12:19:13 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2009-12-18 14:56:47 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH) DRV - [2009-12-18 14:56:47 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330) DRV - [2009-12-18 14:56:47 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS) DRV - [2009-12-10 16:56:16 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-10-20 16:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2009-10-10 09:04:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-10-10 09:04:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-10-06 18:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-08-17 00:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-08-15 19:48:37 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-06-22 13:34:52 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD) DRV - [2009-04-28 22:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2008-12-11 13:57:21 | 000,333,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2008-10-24 13:10:42 | 000,453,632 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2008-08-14 11:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2008-08-05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-06-20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2008-06-20 11:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-08-02 18:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr) DRV - [2007-04-03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) DRV - [2007-04-03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex) DRV - [2007-04-03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) DRV - [2007-04-03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) DRV - [2007-04-03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm) DRV - [2007-04-03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl) DRV - [2007-04-03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006-08-24 21:26:02 | 000,038,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb) DRV - [2006-03-02 14:00:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2006-03-02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs) DRV - [2006-03-02 14:00:00 | 000,209,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2006-03-02 14:00:00 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI) DRV - [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS) DRV - [2006-03-02 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2006-03-02 14:00:00 | 000,176,512 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2006-03-02 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2006-03-02 14:00:00 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio) DRV - [2006-03-02 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat) DRV - [2006-03-02 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD) DRV - [2006-03-02 14:00:00 | 000,134,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2006-03-02 14:00:00 | 000,125,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk) DRV - [2006-03-02 14:00:00 | 000,124,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr) DRV - [2006-03-02 14:00:00 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2006-03-02 14:00:00 | 000,107,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup) DRV - [2006-03-02 14:00:00 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2006-03-02 14:00:00 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport) DRV - [2006-03-02 14:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2006-03-02 14:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr) DRV - [2006-03-02 14:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2006-03-02 14:00:00 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs) DRV - [2006-03-02 14:00:00 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial) DRV - [2006-03-02 14:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs) DRV - [2006-03-02 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2006-03-02 14:00:00 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2006-03-02 14:00:00 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap) DRV - [2006-03-02 14:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2006-03-02 14:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2006-03-02 14:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr) DRV - [2006-03-02 14:00:00 | 000,041,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2006-03-02 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2006-03-02 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm) DRV - [2006-03-02 14:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy) DRV - [2006-03-02 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2006-03-02 14:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2006-03-02 14:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips) DRV - [2006-03-02 14:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2006-03-02 14:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2006-03-02 14:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2006-03-02 14:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2006-03-02 14:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs) DRV - [2006-03-02 14:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem) DRV - [2006-03-02 14:00:00 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2006-03-02 14:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc) DRV - [2006-03-02 14:00:00 | 000,024,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2006-03-02 14:00:00 | 000,023,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2006-03-02 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP) DRV - [2006-03-02 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2006-03-02 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2006-03-02 14:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2006-03-02 14:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs) DRV - [2006-03-02 14:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr) DRV - [2006-03-02 14:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2006-03-02 14:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2006-03-02 14:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum) DRV - [2006-03-02 14:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2006-03-02 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k) DRV - [2006-03-02 14:00:00 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2006-03-02 14:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tunmp.sys -- (tunmp) DRV - [2006-03-02 14:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2006-03-02 14:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2006-03-02 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2006-03-02 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC) DRV - [2006-03-02 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2006-03-02 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2006-03-02 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2006-03-02 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb) DRV - [2006-03-02 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2006-03-02 14:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm) DRV - [2006-03-02 14:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload) DRV - [2006-03-02 14:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd) DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\beep.sys -- (Beep) DRV - [2006-03-02 14:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\null.sys -- (Null) DRV - [2006-01-04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2005-10-28 03:24:30 | 000,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2005-10-28 03:24:29 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2005-10-28 03:24:28 | 000,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-04 02:35:34 | 000,058,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2004-08-04 00:44:40 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2004-08-04 00:38:02 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid) DRV - [2004-08-04 00:34:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI) DRV - [2004-08-03 23:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2004-08-03 23:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2004-08-03 23:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2004-08-03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2004-08-03 23:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2004-08-03 23:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2004-08-03 23:08:38 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci) DRV - [2004-08-03 23:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2004-08-03 23:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2004-08-03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2004-08-03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic) DRV - [2004-08-03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint) DRV - [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2004-08-03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2004-08-03 22:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2004-08-03 22:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM) DRV - [2004-08-03 22:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2004-08-03 22:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2002-10-15 15:48:46 | 000,012,964 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbfilter.sys -- (kbfilter) DRV - [2001-10-26 16:56:44 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde) DRV - [2001-10-26 16:47:28 | 000,036,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp) DRV - [2001-08-17 23:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) DRV - [2001-08-17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV - [2001-08-17 21:52:30 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15510&l=dis IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.4 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314 FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1 [2010-04-02 20:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions [2010-04-02 20:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions [2010-04-02 21:03:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-02 21:05:42 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66} [2010-04-02 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\nasanightlaunch@example.com [2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-23 19:37:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-12-14 21:50:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2010-06-23 19:37:51 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2010-06-23 19:37:51 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2007-04-10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll [2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-12-14 21:50:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009-08-29 17:51:18 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll [2010-06-23 19:37:53 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL [2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll [2009-12-21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-04-01 19:33:11 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-15 10:29:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [GrooveMonitor] C:\word\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe () O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe () O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\Kimak\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\word\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\word\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\word\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-15 16:25:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{74de429a-544c-11df-81a0-001fd00d9f59}\Shell\AutoRun\command - "" = H:\Launcher.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-23 22:53:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-06-23 22:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\asd [2010-06-23 22:33:01 | 000,000,000 | ---D | C] -- C:\_OTL [2010-06-23 20:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner [2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-19 20:13:22 | 000,000,000 | ---D | C] -- C:\wbu [2010-06-19 12:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Achmed The Dead Terrorist [2010-06-19 09:46:24 | 000,000,000 | ---D | C] -- C:\PCSX2 24.12.2009 [2010-06-18 13:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\pcsx2 [2010-06-18 13:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\PCSX2 24.12.2009 [2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\plugins [2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\bios [2010-06-16 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\KeyLogger [2010-06-15 10:30:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-06-15 10:11:21 | 000,000,000 | ---D | C] -- C:\ComboFix [2010-06-14 21:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Valve [2010-06-11 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-06-01 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations [2010-05-30 00:04:02 | 000,000,000 | ---D | C] -- C:\ezio [2010-05-28 21:21:53 | 000,000,000 | ---D | C] -- C:\Sys [2010-05-26 13:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\THQ [2010-05-24 16:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Hitman Blood Money [2010-05-24 16:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean [2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-05-17 20:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-05-12 20:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\KONAMI [2010-05-10 19:17:54 | 000,000,000 | ---D | C] -- C:\zc [2010-05-10 15:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\4A Games [2010-05-10 15:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\4A Games [2010-05-09 13:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Set [2010-05-09 13:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Tunngle [2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle [2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle [2010-05-08 20:40:10 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2010-05-07 23:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2010-05-07 23:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-05-05 17:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\storage [2010-04-29 20:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010-04-29 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-04-29 20:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010-04-29 20:39:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-04-29 20:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-04-29 20:38:31 | 000,000,000 | ---D | C] -- C:\word [2010-04-29 20:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-04-29 20:37:58 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-04-25 12:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Command and Conquer 4 [2010-04-25 12:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-23 22:54:04 | 000,000,559 | ---- | M] () -- C:\WINDOWS\DFC.INI [2010-06-23 22:39:34 | 000,249,502 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-06-23 22:38:43 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-23 22:38:43 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Automatic maintenance.job [2010-06-23 22:38:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-23 22:38:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-23 22:37:30 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Kimak\NTUSER.DAT [2010-06-23 22:37:30 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kimak\ntuser.ini [2010-06-23 22:37:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-23 21:46:39 | 000,013,722 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-23 21:22:03 | 000,000,977 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Kaspersky Internet Security 2010.lnk [2010-06-23 20:00:28 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-06-22 20:47:17 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat [2010-06-20 13:08:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\trdl [2010-06-15 19:05:46 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk [2010-06-15 18:18:03 | 000,069,904 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-15 18:13:58 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-15 11:01:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-06-15 10:30:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-06-15 10:29:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-06-15 10:02:47 | 000,503,536 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-15 10:02:47 | 000,444,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-15 10:02:47 | 000,090,408 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-15 10:02:46 | 001,124,360 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-15 10:02:46 | 000,072,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-14 21:20:14 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk [2010-06-14 16:24:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-06-13 23:27:00 | 000,044,631 | ---- | M] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg [2010-06-07 10:41:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk [2010-06-06 20:27:09 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk [2010-06-06 20:27:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk [2010-06-06 20:27:09 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk [2010-06-06 20:27:09 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk [2010-06-06 20:27:09 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk [2010-06-06 20:27:09 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk [2010-06-06 20:27:09 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk [2010-06-06 20:27:09 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk [2010-06-06 20:27:09 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk [2010-06-06 20:27:09 | 000,000,504 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk [2010-06-06 20:27:09 | 000,000,351 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk [2010-06-01 22:40:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-05-30 13:06:36 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx [2010-05-26 20:02:15 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\apache.dll [2010-05-17 21:44:32 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-09 13:23:22 | 000,001,751 | ---- | M] () -- C:\Documents and Set.key [2010-05-09 13:23:22 | 000,000,426 | ---- | M] () -- C:\Documents and Set.pub [2010-05-09 03:26:31 | 003,171,364 | -H-- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-05-09 03:04:59 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-04 19:12:43 | 000,006,688 | ---- | M] () -- C:\WINDOWS\movexe.exe [2010-05-04 18:13:15 | 000,000,203 | ---- | M] () -- C:\Documents and Settings\Kimak\default.pls [2010-04-28 21:05:51 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\SI.bin [2010-04-26 22:48:47 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-23 21:22:03 | 000,000,977 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Kaspersky Internet Security 2010.lnk [2010-06-15 19:05:46 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk [2010-06-15 11:01:24 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-06-14 21:20:14 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk [2010-06-14 16:24:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-06-13 23:26:59 | 000,044,631 | ---- | C] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk [2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk [2010-06-06 20:27:09 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk [2010-06-06 20:27:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk [2010-06-06 20:27:09 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk [2010-06-06 20:27:09 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk [2010-06-06 20:27:09 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk [2010-06-06 20:27:09 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk [2010-06-06 20:27:09 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk [2010-06-06 20:27:09 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk [2010-06-06 20:27:09 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk [2010-06-06 20:27:09 | 000,000,504 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk [2010-06-06 20:27:09 | 000,000,351 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk [2010-05-30 13:06:36 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx [2010-05-26 16:51:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\apache.dll [2010-05-09 13:23:22 | 000,001,751 | ---- | C] () -- C:\Documents and Set.key [2010-05-09 13:23:22 | 000,000,426 | ---- | C] () -- C:\Documents and Set.pub [2010-05-08 20:40:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2010-05-04 19:12:43 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe [2010-04-28 21:05:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin [2010-04-26 22:48:25 | 000,007,432 | ---- | C] () -- C:\Documents and Settings\Kimak\sss.txt [2010-04-26 22:46:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-24 19:09:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\trdl.dll [2010-03-16 17:44:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-02-19 09:42:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2009-12-29 10:48:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-12-23 21:10:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI [2009-12-16 22:46:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2009-12-10 16:38:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-11-12 16:05:12 | 000,000,134 | ---- | C] () -- C:\WINDOWS\w5win.ini [2009-11-12 09:10:07 | 000,035,005 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2009-11-02 19:56:00 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini [2009-11-01 17:33:07 | 000,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2009-10-28 23:21:31 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2009-10-23 18:21:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-10-23 18:21:42 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-10-23 18:21:42 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-10-23 18:21:41 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-10-23 18:21:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-10-10 09:04:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-10-10 09:04:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-09-10 18:48:19 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2009-08-22 20:28:48 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-08-18 16:31:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-08-16 09:38:16 | 000,139,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-08-15 19:48:36 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-08-15 16:38:03 | 000,000,559 | ---- | C] () -- C:\WINDOWS\DFC.INI [2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [color=#E56717]========== LOP Check ==========[/color] [2009-12-29 13:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-06-23 09:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-10-15 15:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BC [2009-10-31 02:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cabela's Outdoor Adventures Saves [2010-01-12 18:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-08-15 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-26 09:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-12-27 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy [2010-03-17 20:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-22 16:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-08-18 02:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2010-06-19 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-20 22:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-01-14 15:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-05-08 20:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle [2010-05-24 14:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-08-27 15:33:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} [2010-01-14 15:51:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2009-09-14 18:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\.ZMatrix [2009-12-23 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Atari [2010-06-01 15:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations [2010-05-24 16:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean [2010-04-03 08:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Capcom [2010-04-17 10:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command & Conquer 3 Wojny o tyberium [2010-04-25 21:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4 [2009-08-15 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Lite [2010-01-03 00:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Pro [2009-10-14 13:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Dark Sector [2010-03-20 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Gadu-Gadu 10 [2010-01-26 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Imperium Romanum [2010-06-15 10:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\ipla [2009-08-17 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mount&Blade [2010-01-17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Nowe Gadu-Gadu [2009-08-18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\OpenFM [2010-02-19 10:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\PhotoFiltre [2010-03-22 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Prison Break [2010-01-03 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Razer [2009-12-10 21:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Samsung [2009-11-30 15:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\SPORE [2009-08-27 15:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\TuneUp Software [2010-05-17 20:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle [2010-03-14 00:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Ubisoft [2009-09-27 22:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Utherverse [2010-06-13 10:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\uTorrent [2009-12-27 17:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\vghd [2010-01-05 21:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Vso [2010-06-23 22:38:43 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic maintenance.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 < End of report >[/log]
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753 Usuwasz wszystko co znajdzie program, a raport pokazuje na forum.
Razer93 komentarz 25 czerwca 2010 Autor komentarz 25 czerwca 2010 [log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4239 Windows 5.1.2600 Dodatek Service Pack 4 Internet Explorer 6.0.2900.2180 2010-06-25 22:45:49 mbam-log-2010-06-25 (22-45-49).txt Typ skanowania: Pełne skanowanie (C:\|) Przeskanowano obiektów: 266932 Upłynęło: 1 godzin(y), 23 minut(y), 12 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 2 Zainfekowanych wartości rejestru: 1 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 38 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\28463\MBMI.006.vir (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\28463\MBMI.007.vir (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{801085D5-C4DC-4C2B-B420-E897D769DDFF}\RP472\A0188324.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{801085D5-C4DC-4C2B-B420-E897D769DDFF}\RP486\A0196525.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\zc\d3drm.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\WINDOWS\w5win.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system\smss.txt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\WINDOWS\system\smss.txt2 (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.[/log]
Gość komentarz 25 czerwca 2010 komentarz 25 czerwca 2010 powinno byc ok [color="#ff0000"]//jeśli nie jesteś pewien, nie wypowiadaj się //w ten sposób wprowadzasz autora w błąd //raaz[/color]
Tomek01 komentarz 26 czerwca 2010 komentarz 26 czerwca 2010 (edytowane) Mbam nie usunął wszystkiego i OTL nie poradziło sobie ze wszystkim. Załącz nowy log OTL i [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url]
Sohei komentarz 26 czerwca 2010 komentarz 26 czerwca 2010 O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe File not found C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat Czy po 5 latach sprawdzania logów jesteś pewien ze wszystko jest ok?? Bo MBAM nawet 1/4 nie wyczyścił tego syfu. A to wyzej to tylko przyklady sa
Tomek01 komentarz 26 czerwca 2010 komentarz 26 czerwca 2010 (edytowane) C:\WINDOWS\trdl C:\WINDOWS\movexe.exe C:\WINDOWS\trdl.dll
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.