toma. utworzono 8 stycznia 2011 utworzono 8 stycznia 2011 (edytowane) Witam! komputer strasznie wolno mi działa, proszę o sprawdzenie loga i pokierowanie co do wyrzucenia. [log]OTL logfile created on: 11-01-08 00:46:34 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Konto administratora\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 528 1056 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,80 Gb Total Space | 2,74 Gb Free Space | 31,16% Space Free | Partition Type: FAT32 Drive D: | 9,70 Gb Total Space | 1,36 Gb Free Space | 14,01% Space Free | Partition Type: FAT32 Drive E: | 10,80 Gb Total Space | 0,46 Gb Free Space | 4,25% Space Free | Partition Type: FAT32 Drive F: | 7,95 Gb Total Space | 0,54 Gb Free Space | 6,76% Space Free | Partition Type: FAT32 Drive H: | 5,99 Gb Total Space | 1,06 Gb Free Space | 17,64% Space Free | Partition Type: FAT32 Computer Name: FRETOO | User Name: Konto administratora | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe PRC - [2010-12-10 23:54:18 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-10 23:54:16 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2008-04-14 19:21:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe PRC - [2007-06-13 15:23:50 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-11 21:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007-03-11 21:32:42 | 000,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2007-03-11 21:26:24 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () -- C:\Program Files\Common Files\NMSAccessU.exe PRC - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2006-12-05 15:38:58 | 000,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [haredAccess] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2003-06-20 08:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe MOD - [2010-10-28 10:47:54 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2008-10-23 14:01:38 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-16 11:39:56 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-10-25 17:57:22 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-07-09 15:11:54 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2007-04-16 17:54:44 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2007-03-08 17:38:48 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 17:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:42:34 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99a89289fd8f2) Google Update Service (gupdate1c99a89289fd8f2) SRV - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\NMSAccessU.exe -- (NMSAccessU) SRV - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- I:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2010-10-28 10:50:40 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010-10-28 10:49:24 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010-09-07 16:52:26 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 16:52:04 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 16:47:20 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 16:47:08 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 16:46:52 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-06-08 17:51:44 | 000,094,064 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2007-06-08 17:51:44 | 000,089,872 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2007-06-08 17:51:44 | 000,085,408 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM) DRV - [2007-06-08 17:51:44 | 000,083,344 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2007-06-08 17:51:44 | 000,081,728 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2007-06-08 17:51:44 | 000,079,488 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2007-06-08 17:51:44 | 000,058,288 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM) DRV - [2007-06-08 17:51:44 | 000,008,336 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2007-06-08 17:51:44 | 000,006,576 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2007-06-08 17:51:42 | 000,055,216 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) DRV - [2006-12-05 15:39:12 | 001,963,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-04-28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006-04-28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) DRV - [2006-04-28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006-04-28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006-04-28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) DRV - [2006-04-28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) DRV - [2006-04-28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) DRV - [2006-02-23 21:22:14 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2006-02-23 21:20:28 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2005-10-20 14:50:22 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2004-12-15 10:32:04 | 000,032,782 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-08-12 04:18:22 | 000,015,961 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SF-620.sys -- (SF-620) DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2003-05-26 06:57:50 | 000,166,912 | R--- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr) DRV - [2003-04-09 11:17:14 | 000,227,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cccp106.sys -- (CCCP106) CIF USB Camera (2110A) DRV - [2003-03-24 05:19:00 | 000,088,960 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM) DRV - [2003-02-18 10:08:04 | 000,017,504 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2002-12-27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2005-03-31 22:21:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2004-12-14 11:03:08 | 000,000,000 | ---D | M] [2008-06-29 14:35:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions [2009-03-23 17:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79} [2006-01-29 00:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Firefox\Profiles\khf93u02.default\extensions [2004-12-14 11:03:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2005-10-11 19:36:00 | 000,618,496 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSOCCER.dll [2006-04-08 19:03:26 | 000,950,272 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPDEMON.dll [2005-10-12 11:23:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSNOOKER.dll [2006-04-08 19:31:30 | 000,974,848 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPIRATE.dll [2006-04-08 21:09:12 | 000,868,352 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPCARDS.dll [2005-10-12 11:23:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD9.dll [2005-10-12 11:24:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD8.dll [2006-04-08 19:42:00 | 000,552,960 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll [2006-04-10 23:37:12 | 000,548,864 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS90.dll [2005-01-21 13:55:00 | 000,913,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBOARDS.dll [2006-04-08 20:15:58 | 000,589,824 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPROULETTE.dll [2006-04-08 21:10:56 | 000,544,768 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS80.dll [2004-12-14 13:30:00 | 000,520,192 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPNAVY.dll [2004-10-31 18:41:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPMARBLES.dll [2010-03-13 16:56:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-13 16:56:30 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-13 16:56:30 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-13 16:56:30 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-13 16:56:30 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-13 16:56:30 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-01-29 01:06:08 | 000,161,397 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 abcsearch.com O1 - Hosts: 127.0.0.1 admin.abcsearch.com O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid] O1 - Hosts: 127.0.0.1 www.abcsearch.com O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H] O1 - Hosts: 127.0.0.1 acestats.com O1 - Hosts: 127.0.0.1 www.acestats.com O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames] O1 - Hosts: 127.0.0.1 www.actualnames.com O1 - Hosts: 127.0.0.1 ad-up.com O1 - Hosts: 127.0.0.1 www.ad-up.com O1 - Hosts: 127.0.0.1 adatom.com O1 - Hosts: 127.0.0.1 aesp.adatom.com O1 - Hosts: 127.0.0.1 adbest.com O1 - Hosts: 127.0.0.1 adserv.adbonus.com O1 - Hosts: 127.0.0.1 www.adbonus.com O1 - Hosts: 127.0.0.1 www.adblaster2.info #[Restricted Zone site] O1 - Hosts: 127.0.0.1 ad2.adcept.net O1 - Hosts: 127.0.0.1 ad3.adcept.net O1 - Hosts: 127.0.0.1 www.adcept.net O1 - Hosts: 127.0.0.1 adcomplete.com O1 - Hosts: 127.0.0.1 www.adcomplete.com O1 - Hosts: 127.0.0.1 www.adcopy.info O1 - Hosts: 127.0.0.1 ads.adcorps.com O1 - Hosts: 4671 more lines... O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-507921405-343818398-839522115-1007..\Run: [MSMSGS] C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.) O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx (Instalator oprogramowania Onet.pl) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab (FileSharingCtrl Class) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (ZoneIntro Class) O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab (CBreakshotControl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab31267.cab (ZoneChess Object) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/html {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - Reg Error: Key error. File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell - "" = AutoRun O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]Emurayden PSX Emulator[/b] - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: [b]FreeRAM XP[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40. File not found MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe File not found MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]New.net Startup[/b] - hkey= - key= - C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL File not found MsConfig - StartUpReg: [b]Onet.pl AutoUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) MsConfig - StartUpReg: [b]SIDEBAR[/b] - hkey= - key= - C:\Program Files\Desktop Sidebar\sidebar.exe File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]STYLEXP[/b] - hkey= - key= - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]SurfAccuracy[/b] - hkey= - key= - C:\Program Files\SurfAccuracy\SAcc.exe File not found MsConfig - StartUpReg: [b]VVSN[/b] - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: [b]wiadomek[/b] - hkey= - key= - C:\Program Files\Wiadomek\Wiadomek.exe File not found MsConfig - StartUpReg: [b]WITaj![/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]xpas.exe[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: sharedaccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-01-07 23:48:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Konto administratora\Recent [2011-01-07 23:16:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2010-12-13 20:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Pobieranie [2010-12-08 16:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2010-12-08 16:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-12-05 11:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Any Video Converter [2010-11-21 20:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-11-20 14:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2005-03-12 05:05:53 | 000,017,504 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2011-01-07 20:28:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-07 20:28:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-27 20:46:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-12-27 18:42:22 | 000,018,684 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-10 00:51:06 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-04 22:15:16 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-27 18:42:12 | 000,018,684 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-05 15:07:24 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-12-28 15:47:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2009-12-28 15:47:56 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2009-12-28 15:47:39 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\$_hpcst$.hpc [2009-07-19 22:37:06 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2009-05-01 13:33:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-05-01 13:27:18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-01-15 22:43:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Route.INI [2007-11-27 17:49:55 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2007-11-23 22:32:22 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Relax.ini [2007-11-23 17:18:19 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\BC640A4294.sys [2007-11-20 19:32:58 | 000,004,677 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2007-10-10 00:08:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\AVSDVDPlayer.m3u [2007-05-11 22:01:13 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini [2007-03-16 19:04:35 | 000,000,158 | ---- | C] () -- C:\WINDOWS\NokiaImageConverter.INI [2007-03-16 19:00:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NokiaContentCopier.INI [2007-03-16 18:44:23 | 000,004,423 | ---- | C] () -- C:\Program Files\ks959-2000xp.inf [2007-01-25 03:52:26 | 000,065,536 | ---- | C] () -- C:\Program Files\Common Files\NMSAccessU.exe [2006-12-10 11:54:33 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2006-08-14 11:11:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-08-09 14:49:49 | 000,000,265 | ---- | C] () -- C:\WINDOWS\JSBuilder.INI [2006-06-26 22:19:24 | 000,000,492 | ---- | C] () -- C:\WINDOWS\naglos.INI [2006-02-23 21:20:26 | 000,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2006-02-23 21:20:26 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd2013.sys [2006-02-01 21:33:27 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-12-20 00:03:53 | 000,000,734 | ---- | C] () -- C:\WINDOWS\mamba.ini [2005-06-27 04:14:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2005-06-23 03:11:33 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SDDINST.INI [2005-04-30 02:03:57 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\attfd42.dll [2005-04-21 04:25:23 | 000,010,334 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2005-04-21 01:41:09 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2005-04-13 13:11:34 | 000,000,124 | ---- | C] () -- C:\WINDOWS\PG3prefs.ini [2005-04-12 13:45:43 | 000,000,028 | ---- | C] () -- C:\WINDOWS\sampler.INI [2005-04-12 13:45:42 | 000,000,764 | ---- | C] () -- C:\WINDOWS\beatbox.INI [2005-04-11 20:14:13 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2005-04-08 05:27:01 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2005-03-24 02:24:28 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\3911757990.sys [2005-03-21 00:08:18 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2005-03-21 00:08:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2005-03-21 00:08:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2005-03-21 00:07:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2005-03-12 05:20:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2005-03-07 08:52:19 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2005-03-07 05:48:12 | 000,000,658 | ---- | C] () -- C:\WINDOWS\Net2fone.ini [2005-02-28 02:50:27 | 000,000,360 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005-02-03 03:02:10 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini [2005-01-10 13:29:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2005-01-06 05:29:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005-01-04 07:37:52 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wslam.ini [2005-01-04 06:23:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2005-01-03 20:56:40 | 000,000,145 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004-12-30 04:25:16 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2004-12-23 01:08:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2004-12-14 13:25:36 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini [2004-12-14 12:56:38 | 000,000,837 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2004-12-14 12:56:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2004-12-14 12:48:17 | 000,227,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys [2004-12-14 12:48:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\JPGL.DLL [2004-12-14 12:48:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\DIV_IYUV.DLL [2004-12-14 12:48:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dcccp106.dll [2004-12-14 12:48:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vcccp106.dll [2004-12-14 12:48:14 | 000,015,542 | ---- | C] () -- C:\WINDOWS\cccp106.ini [2004-12-14 12:48:14 | 000,000,321 | ---- | C] () -- C:\WINDOWS\DC2110a.ini [2004-12-14 10:45:25 | 000,000,532 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004-12-14 09:53:59 | 000,002,562 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2004-12-14 09:53:57 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2004-12-14 09:21:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004-08-25 21:44:27 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2004-08-05 15:00:48 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\MovieEncoder.dll [2002-09-20 17:04:44 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\msn33828.dll [color=#E56717]========== LOP Check ==========[/color] [2005-03-20 23:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BurstCopy Labs [2008-10-13 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TERMINAL Studio [2008-10-14 17:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-28 21:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-11-01 11:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2006-05-08 19:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\IrfanView [2006-07-20 00:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Teleca [2006-10-28 21:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Sports Interactive [2007-11-26 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Leadertech [2008-02-29 17:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\foobar2000 [2009-03-23 17:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Broad Intelligence [2010-03-28 21:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\OpenFM [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-01-07 20:28:02 | 553,648,128 | -HS- | M] () -- C:\pagefile.sys [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2005-07-14 10:01:20 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-12-03 13:58:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2005-07-13 09:56:16 | 000,000,201 | -HS- | M] () -- C:\desktop.ini [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005-07-14 10:01:20 | 000,250,624 | RHS- | M] () -- C:\ntldr [2005-03-08 09:37:26 | 000,000,211 | RHS- | M] () -- C:\BOOT.BKK [2008-02-19 18:53:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008-02-19 18:53:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2008-05-04 17:11:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2008-05-04 17:11:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2008-05-04 17:11:06 | 000,000,148 | -H-- | M] () -- C:\sqmnoopt02.sqm [2008-05-04 17:11:06 | 000,000,148 | -H-- | M] () -- C:\sqmdata02.sqm [2010-09-05 02:01:10 | 000,115,224 | ---- | M] () -- C:\img2-001.raw [2008-07-03 21:09:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2008-07-03 21:09:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2008-08-22 16:10:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2008-08-22 16:10:24 | 000,000,172 | -H-- | M] () -- C:\sqmnoopt06.sqm [2008-08-22 16:10:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2008-07-18 23:58:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2008-07-18 23:58:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2008-08-22 16:10:24 | 000,000,172 | -H-- | M] () -- C:\sqmdata06.sqm [2008-09-26 11:02:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2008-09-26 11:02:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2008-09-26 11:02:40 | 000,000,136 | -H-- | M] () -- C:\sqmnoopt08.sqm [2008-09-26 11:02:40 | 000,000,148 | -H-- | M] () -- C:\sqmdata08.sqm [2008-10-29 18:48:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2008-10-29 18:48:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2009-01-01 00:40:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2009-01-01 00:40:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2009-01-01 00:54:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2009-01-01 00:54:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm [2009-01-01 00:54:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2009-01-01 00:54:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2009-01-01 00:56:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2009-01-01 00:56:38 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2009-01-16 21:44:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2009-01-16 21:44:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm [2009-04-14 21:22:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2009-04-14 21:22:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm [2009-07-23 01:02:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2009-07-23 01:02:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2009-07-24 20:09:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2009-07-24 20:09:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm [2009-09-12 19:17:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2009-09-12 19:17:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2007-09-03 19:53:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2007-09-03 19:53:58 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm [2008-09-07 14:13:14 | 000,000,000 | ---- | M] () -- C:\data.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log]
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 Brakuje loga RSIT. Rozrośnięty hosts: O1 - Hosts: 4671 more lines... Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem ! W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL [2008-02-19 18:53:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008-02-19 18:53:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2008-05-04 17:11:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2008-05-04 17:11:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2008-05-04 17:11:06 | 000,000,148 | -H-- | M] () -- C:\sqmnoopt02.sqm [2008-05-04 17:11:06 | 000,000,148 | -H-- | M] () -- C:\sqmdata02.sqm [2010-09-05 02:01:10 | 000,115,224 | ---- | M] () -- C:\img2-001.raw [2008-07-03 21:09:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2008-07-03 21:09:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2008-08-22 16:10:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2008-08-22 16:10:24 | 000,000,172 | -H-- | M] () -- C:\sqmnoopt06.sqm [2008-08-22 16:10:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2008-07-18 23:58:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2008-07-18 23:58:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2008-08-22 16:10:24 | 000,000,172 | -H-- | M] () -- C:\sqmdata06.sqm [2008-09-26 11:02:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2008-09-26 11:02:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2008-09-26 11:02:40 | 000,000,136 | -H-- | M] () -- C:\sqmnoopt08.sqm [2008-09-26 11:02:40 | 000,000,148 | -H-- | M] () -- C:\sqmdata08.sqm [2008-10-29 18:48:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2008-10-29 18:48:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2009-01-01 00:40:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2009-01-01 00:40:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2009-01-01 00:54:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2009-01-01 00:54:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm [2009-01-01 00:54:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2009-01-01 00:54:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2009-01-01 00:56:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2009-01-01 00:56:38 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2009-01-16 21:44:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2009-01-16 21:44:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm [2009-04-14 21:22:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2009-04-14 21:22:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm [2009-07-23 01:02:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2009-07-23 01:02:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2009-07-24 20:09:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2009-07-24 20:09:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm [2009-09-12 19:17:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2009-09-12 19:17:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2007-09-03 19:53:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2007-09-03 19:53:58 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm :files C:\WINDOWS\System32\BC640A4294.sys :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
toma. komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 zrobiłem jak kazałeś i tak po kolei: log z usuwania [log] All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== C:\sqmdata00.sqm moved successfully. C:\sqmnoopt00.sqm moved successfully. C:\sqmnoopt01.sqm moved successfully. C:\sqmdata01.sqm moved successfully. C:\sqmnoopt02.sqm moved successfully. C:\sqmdata02.sqm moved successfully. C:\img2-001.raw moved successfully. C:\sqmnoopt03.sqm moved successfully. C:\sqmdata03.sqm moved successfully. C:\sqmnoopt05.sqm moved successfully. C:\sqmnoopt06.sqm moved successfully. C:\sqmdata05.sqm moved successfully. C:\sqmnoopt04.sqm moved successfully. C:\sqmdata04.sqm moved successfully. C:\sqmdata06.sqm moved successfully. C:\sqmnoopt07.sqm moved successfully. C:\sqmdata07.sqm moved successfully. C:\sqmnoopt08.sqm moved successfully. C:\sqmdata08.sqm moved successfully. C:\sqmnoopt09.sqm moved successfully. C:\sqmdata09.sqm moved successfully. C:\sqmnoopt10.sqm moved successfully. C:\sqmdata10.sqm moved successfully. C:\sqmnoopt11.sqm moved successfully. C:\sqmdata11.sqm moved successfully. C:\sqmnoopt12.sqm moved successfully. C:\sqmdata12.sqm moved successfully. C:\sqmnoopt13.sqm moved successfully. C:\sqmdata13.sqm moved successfully. C:\sqmnoopt14.sqm moved successfully. C:\sqmdata14.sqm moved successfully. C:\sqmnoopt15.sqm moved successfully. C:\sqmdata15.sqm moved successfully. C:\sqmnoopt16.sqm moved successfully. C:\sqmdata16.sqm moved successfully. C:\sqmnoopt17.sqm moved successfully. C:\sqmdata17.sqm moved successfully. C:\sqmnoopt18.sqm moved successfully. C:\sqmdata18.sqm moved successfully. C:\sqmnoopt19.sqm moved successfully. C:\sqmdata19.sqm moved successfully. ========== FILES ========== C:\WINDOWS\System32\BC640A4294.sys moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33728 bytes ->Flash cache emptied: 41 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 4361953 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Konto administratora ->Temp folder emptied: 219431 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 114420842 bytes ->Flash cache emptied: 1980696 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2239266 bytes %systemroot%\System32 .tmp files removed: 9940187 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 890828 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 128,00 mb OTL by OldTimer - Version 3.2.20.1 log created on 01082011_162023 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found! Registry entries deleted on Reboot... [/log] Nowe logi z OTL [log] OTL logfile created on: 11-01-08 16:31:04 - Run 2 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Konto administratora\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 528 1056 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,80 Gb Total Space | 2,90 Gb Free Space | 32,99% Space Free | Partition Type: FAT32 Drive D: | 9,70 Gb Total Space | 1,36 Gb Free Space | 14,01% Space Free | Partition Type: FAT32 Drive E: | 10,80 Gb Total Space | 0,46 Gb Free Space | 4,25% Space Free | Partition Type: FAT32 Drive F: | 7,95 Gb Total Space | 0,54 Gb Free Space | 6,76% Space Free | Partition Type: FAT32 Drive H: | 5,99 Gb Total Space | 1,06 Gb Free Space | 17,64% Space Free | Partition Type: FAT32 Computer Name: FRETOO | User Name: Konto administratora | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe PRC - [2010-12-10 23:54:16 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2008-04-14 19:21:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe PRC - [2007-06-13 15:23:50 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-11 21:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007-03-11 21:32:42 | 000,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2007-03-11 21:26:24 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () -- C:\Program Files\Common Files\NMSAccessU.exe PRC - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2006-12-05 15:38:58 | 000,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [haredAccess] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2003-06-20 08:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe MOD - [2010-10-28 10:47:54 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2008-10-23 14:01:38 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-16 11:39:56 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-10-25 17:57:22 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-07-09 15:11:54 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2007-04-16 17:54:44 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2007-03-08 17:38:48 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 17:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:42:34 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99a89289fd8f2) Google Update Service (gupdate1c99a89289fd8f2) SRV - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\NMSAccessU.exe -- (NMSAccessU) SRV - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- I:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2010-10-28 10:50:40 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010-10-28 10:49:24 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010-09-07 16:52:26 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 16:52:04 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 16:47:20 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 16:47:08 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 16:46:52 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-06-08 17:51:44 | 000,094,064 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2007-06-08 17:51:44 | 000,089,872 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2007-06-08 17:51:44 | 000,085,408 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM) DRV - [2007-06-08 17:51:44 | 000,083,344 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2007-06-08 17:51:44 | 000,081,728 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2007-06-08 17:51:44 | 000,079,488 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2007-06-08 17:51:44 | 000,058,288 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM) DRV - [2007-06-08 17:51:44 | 000,008,336 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2007-06-08 17:51:44 | 000,006,576 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2007-06-08 17:51:42 | 000,055,216 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) DRV - [2006-12-05 15:39:12 | 001,963,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-04-28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006-04-28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) DRV - [2006-04-28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006-04-28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006-04-28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) DRV - [2006-04-28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) DRV - [2006-04-28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) DRV - [2006-02-23 21:22:14 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2006-02-23 21:20:28 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2005-10-20 14:50:22 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2004-12-15 10:32:04 | 000,032,782 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-08-12 04:18:22 | 000,015,961 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SF-620.sys -- (SF-620) DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2003-05-26 06:57:50 | 000,166,912 | R--- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr) DRV - [2003-04-09 11:17:14 | 000,227,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cccp106.sys -- (CCCP106) CIF USB Camera (2110A) DRV - [2003-03-24 05:19:00 | 000,088,960 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM) DRV - [2003-02-18 10:08:04 | 000,017,504 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2002-12-27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2005-03-31 22:21:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2004-12-14 11:03:08 | 000,000,000 | ---D | M] [2008-06-29 14:35:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions [2009-03-23 17:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79} [2006-01-29 00:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Firefox\Profiles\khf93u02.default\extensions [2004-12-14 11:03:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2005-10-11 19:36:00 | 000,618,496 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSOCCER.dll [2006-04-08 19:03:26 | 000,950,272 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPDEMON.dll [2005-10-12 11:23:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSNOOKER.dll [2006-04-08 19:31:30 | 000,974,848 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPIRATE.dll [2006-04-08 21:09:12 | 000,868,352 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPCARDS.dll [2005-10-12 11:23:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD9.dll [2005-10-12 11:24:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD8.dll [2006-04-08 19:42:00 | 000,552,960 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll [2006-04-10 23:37:12 | 000,548,864 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS90.dll [2005-01-21 13:55:00 | 000,913,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBOARDS.dll [2006-04-08 20:15:58 | 000,589,824 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPROULETTE.dll [2006-04-08 21:10:56 | 000,544,768 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS80.dll [2004-12-14 13:30:00 | 000,520,192 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPNAVY.dll [2004-10-31 18:41:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPMARBLES.dll [2010-03-13 16:56:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-13 16:56:30 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-13 16:56:30 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-13 16:56:30 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-13 16:56:30 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-13 16:56:30 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-08 16:13:58 | 000,000,021 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-507921405-343818398-839522115-1007..\Run: [MSMSGS] C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.) O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx (Instalator oprogramowania Onet.pl) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab (FileSharingCtrl Class) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (ZoneIntro Class) O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab (CBreakshotControl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab31267.cab (ZoneChess Object) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/html {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - Reg Error: Key error. File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell - "" = AutoRun O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]Emurayden PSX Emulator[/b] - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: [b]FreeRAM XP[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40. File not found MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe File not found MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]New.net Startup[/b] - hkey= - key= - C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL File not found MsConfig - StartUpReg: [b]Onet.pl AutoUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) MsConfig - StartUpReg: [b]SIDEBAR[/b] - hkey= - key= - C:\Program Files\Desktop Sidebar\sidebar.exe File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]STYLEXP[/b] - hkey= - key= - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]SurfAccuracy[/b] - hkey= - key= - C:\Program Files\SurfAccuracy\SAcc.exe File not found MsConfig - StartUpReg: [b]VVSN[/b] - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: [b]wiadomek[/b] - hkey= - key= - C:\Program Files\Wiadomek\Wiadomek.exe File not found MsConfig - StartUpReg: [b]WITaj![/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]xpas.exe[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: sharedaccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-01-08 16:20:23 | 000,000,000 | ---D | C] -- C:\_OTL [2011-01-07 23:48:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Konto administratora\Recent [2011-01-07 23:16:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2010-12-13 20:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Pobieranie [2010-12-08 16:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2010-12-08 16:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-12-05 11:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Any Video Converter [2010-11-21 20:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-11-20 14:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2005-03-12 05:05:53 | 000,017,504 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-01-08 16:31:32 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe [2011-01-08 16:22:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2011-01-07 20:28:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-27 20:46:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-12-27 18:42:22 | 000,018,684 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-10 00:51:06 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-04 22:15:16 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-08 16:31:33 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe [2010-12-27 18:42:12 | 000,018,684 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-05 15:07:24 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-12-28 15:47:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2009-12-28 15:47:56 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2009-12-28 15:47:39 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\$_hpcst$.hpc [2009-07-19 22:37:06 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2009-05-01 13:33:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-05-01 13:27:18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-01-15 22:43:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Route.INI [2007-11-27 17:49:55 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2007-11-23 22:32:22 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Relax.ini [2007-11-20 19:32:58 | 000,004,677 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2007-10-10 00:08:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\AVSDVDPlayer.m3u [2007-05-11 22:01:13 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini [2007-03-16 19:04:35 | 000,000,158 | ---- | C] () -- C:\WINDOWS\NokiaImageConverter.INI [2007-03-16 19:00:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NokiaContentCopier.INI [2007-03-16 18:44:23 | 000,004,423 | ---- | C] () -- C:\Program Files\ks959-2000xp.inf [2007-01-25 03:52:26 | 000,065,536 | ---- | C] () -- C:\Program Files\Common Files\NMSAccessU.exe [2006-12-10 11:54:33 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2006-08-14 11:11:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-08-09 14:49:49 | 000,000,265 | ---- | C] () -- C:\WINDOWS\JSBuilder.INI [2006-06-26 22:19:24 | 000,000,492 | ---- | C] () -- C:\WINDOWS\naglos.INI [2006-02-23 21:20:26 | 000,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2006-02-23 21:20:26 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd2013.sys [2006-02-01 21:33:27 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-12-20 00:03:53 | 000,000,734 | ---- | C] () -- C:\WINDOWS\mamba.ini [2005-06-27 04:14:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2005-06-23 03:11:33 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SDDINST.INI [2005-04-30 02:03:57 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\attfd42.dll [2005-04-21 04:25:23 | 000,010,334 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2005-04-21 01:41:09 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2005-04-13 13:11:34 | 000,000,124 | ---- | C] () -- C:\WINDOWS\PG3prefs.ini [2005-04-12 13:45:43 | 000,000,028 | ---- | C] () -- C:\WINDOWS\sampler.INI [2005-04-12 13:45:42 | 000,000,764 | ---- | C] () -- C:\WINDOWS\beatbox.INI [2005-04-11 20:14:13 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2005-04-08 05:27:01 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2005-03-24 02:24:28 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\3911757990.sys [2005-03-21 00:08:18 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2005-03-21 00:08:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2005-03-21 00:08:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2005-03-21 00:07:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2005-03-12 05:20:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2005-03-07 08:52:19 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2005-03-07 05:48:12 | 000,000,658 | ---- | C] () -- C:\WINDOWS\Net2fone.ini [2005-02-28 02:50:27 | 000,000,360 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005-02-03 03:02:10 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini [2005-01-10 13:29:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2005-01-06 05:29:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005-01-04 07:37:52 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wslam.ini [2005-01-04 06:23:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2005-01-03 20:56:40 | 000,000,145 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004-12-30 04:25:16 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2004-12-23 01:08:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2004-12-14 13:25:36 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini [2004-12-14 12:56:38 | 000,000,837 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2004-12-14 12:56:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2004-12-14 12:48:17 | 000,227,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys [2004-12-14 12:48:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\JPGL.DLL [2004-12-14 12:48:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\DIV_IYUV.DLL [2004-12-14 12:48:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dcccp106.dll [2004-12-14 12:48:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vcccp106.dll [2004-12-14 12:48:14 | 000,015,542 | ---- | C] () -- C:\WINDOWS\cccp106.ini [2004-12-14 12:48:14 | 000,000,321 | ---- | C] () -- C:\WINDOWS\DC2110a.ini [2004-12-14 10:45:25 | 000,000,532 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004-12-14 09:53:59 | 000,002,562 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2004-12-14 09:53:57 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2004-12-14 09:21:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004-08-25 21:44:27 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2004-08-05 15:00:48 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\MovieEncoder.dll [2002-09-20 17:04:44 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\msn33828.dll [color=#E56717]========== LOP Check ==========[/color] [2005-03-20 23:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BurstCopy Labs [2008-10-13 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TERMINAL Studio [2008-10-14 17:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-28 21:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-11-01 11:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2006-05-08 19:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\IrfanView [2006-07-20 00:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Teleca [2006-10-28 21:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Sports Interactive [2007-11-26 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Leadertech [2008-02-29 17:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\foobar2000 [2009-03-23 17:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Broad Intelligence [2010-03-28 21:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\OpenFM [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-01-08 16:22:42 | 553,648,128 | -HS- | M] () -- C:\pagefile.sys [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2005-07-14 10:01:20 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-12-03 13:58:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2005-07-13 09:56:16 | 000,000,201 | -HS- | M] () -- C:\desktop.ini [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005-07-14 10:01:20 | 000,250,624 | RHS- | M] () -- C:\ntldr [2005-03-08 09:37:26 | 000,000,211 | RHS- | M] () -- C:\BOOT.BKK [2008-09-07 14:13:14 | 000,000,000 | ---- | M] () -- C:\data.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] Log z RSIT [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Konto administratora at 2011-01-08 16:53:37 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 3 GB (33%) free of 9 GB Total RAM: 2015 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:53:46, on 11-01-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\vVX1000.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\NMSAccessU.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe C:\Program Files\trend micro\Konto administratora.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FFE7F969-DC45-42F3-ADA6-5268CB39C3D4}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate1c99a89289fd8f2) (gupdate1c99a89289fd8f2) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8636 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-343818398-839522115-1007.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-343818398-839522115-1007.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-01-12 275800] "VX1000"=C:\WINDOWS\vVX1000.exe [2006-12-05 707360] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "MSMSGS"=C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Emurayden PSX Emulator] C:\Program Files\VVSN\VVSN.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP] C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40.exe -win [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe /tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe /updateexetsr [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-07-05 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR] C:\Program Files\Desktop Sidebar\sidebar.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe [2004-12-16 36972] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN] C:\Program Files\VVSN\VVSN.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wiadomek] C:\Program Files\Wiadomek\Wiadomek.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WITaj!] rem -- Anulowane uruchamianie programu WITaj! 2000 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xpas.exe] C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2011-01-08 16:53:39 ----D---- C:\Program Files\trend micro 2011-01-08 16:53:37 ----D---- C:\rsit 2011-01-08 16:20:23 ----D---- C:\_OTL ======List of files/folders modified in the last 1 months====== 2011-01-08 16:21:48 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-27 20:46:54 ----A---- C:\WINDOWS\NeroDigital.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2006-09-27 36560] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-02-23 642560] R0 viaagp;Filtr magistrali AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-03 42240] R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2002-12-27 26880] R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [] R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880] R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-04 41472] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176] R2 irda;Protokół IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 NwlnkIpx;Protokół transportowy zgodny z NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2004-08-03 88448] R2 NwlnkNb;System NetBIOS NWLink; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-08-17 63232] R2 NwlnkSpx;Protokół NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-08-17 55936] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-05-26 166912] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-03-24 88960] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-05 1963680] S3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [] S3 CCCP106;CIF USB Camera (2110A); C:\WINDOWS\System32\DRIVERS\cccp106.sys [2003-04-09 227200] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CrystalSysInfo;CrystalSysInfo; \??\I:\Program Files\MediaCoder\SysInfo.sys [] S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-02-23 223128] S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2003-02-18 17504] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568] S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-20 19034] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 SER120;OTI Serial port driver; C:\WINDOWS\system32\DRIVERS\SER120.sys [2004-12-15 32782] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-06-08 58288] S4 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-06-08 8336] S4 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-06-08 94064] S4 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-06-08 85408] S4 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-06-08 83344] S4 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2007-06-08 55216] S4 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2007-06-08 6576] S4 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2007-06-08 89872] S4 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2007-06-08 81728] S4 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2007-06-08 79488] S4 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600] S4 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360] S4 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184] S4 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688] S4 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704] S4 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560] S4 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-10-28 2806000] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 Irmon;Monitor podczerwieni; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 NMSAccessU;NMSAccessU; C:\Program Files\Common Files\NMSAccessU.exe [2007-01-25 65536] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S2 gupdate1c99a89289fd8f2;Google Update Service (gupdate1c99a89289fd8f2); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] -----------------EOF----------------- [/log]
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O4 - HKU\S-1-5-21-507921405-343818398-839522115-1007..\Run: [MSMSGS] C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: Emurayden PSX Emulator - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: VVSN - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found :Files C:\WINDOWS\System32\3911757990.sys C:\WINDOWS\System32\msn33828.dll C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-343818398-839522115-1007.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-343818398-839522115-1007.job :reg [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN] :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
toma. komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 Log z usuwania OTL [log] All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! No active process named O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - No CLSID value found. was found! No active process named O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. was found! No active process named O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. was found! No active process named WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. was found! No active process named msmsgs.exe was found! No active process named VVSN.exe File not found was found! No active process named VVSN.exe File not found was found! ========== FILES ========== C:\WINDOWS\System32\3911757990.sys moved successfully. C:\WINDOWS\System32\msn33828.dll moved successfully. C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-343818398-839522115-1007.job moved successfully. C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-343818398-839522115-1007.job moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Konto administratora ->Temp folder emptied: 50060 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 26881301 bytes ->Flash cache emptied: 44733 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4318 bytes RecycleBin emptied: 152864 bytes Total Files Cleaned = 26,00 mb OTL by OldTimer - Version 3.2.20.1 log created on 01082011_173020 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found! Registry entries deleted on Reboot... [/log] Nowy log z OTL [log] OTL logfile created on: 11-01-08 17:37:14 - Run 3 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Konto administratora\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 528 1056 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 8,80 Gb Total Space | 2,90 Gb Free Space | 33,01% Space Free | Partition Type: FAT32 Drive D: | 9,70 Gb Total Space | 1,36 Gb Free Space | 14,01% Space Free | Partition Type: FAT32 Drive E: | 10,80 Gb Total Space | 0,46 Gb Free Space | 4,25% Space Free | Partition Type: FAT32 Drive F: | 7,95 Gb Total Space | 0,54 Gb Free Space | 6,76% Space Free | Partition Type: FAT32 Drive H: | 5,99 Gb Total Space | 1,06 Gb Free Space | 17,64% Space Free | Partition Type: FAT32 Computer Name: FRETOO | User Name: Konto administratora | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe PRC - [2010-12-10 23:54:16 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2007-06-13 15:23:50 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-11 21:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007-03-11 21:32:42 | 000,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2007-03-11 21:26:24 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () -- C:\Program Files\Common Files\NMSAccessU.exe PRC - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2006-12-05 15:38:58 | 000,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [haredAccess] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2003-06-20 08:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe MOD - [2010-10-28 10:47:54 | 000,211,432 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2008-10-23 14:01:38 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-16 11:39:56 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-10-25 17:57:22 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-07-09 15:11:54 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2007-04-16 17:54:44 | 001,013,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2007-03-08 17:38:48 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 17:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:42:34 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99a89289fd8f2) Google Update Service (gupdate1c99a89289fd8f2) SRV - [2010-10-28 10:51:28 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007-01-25 03:52:26 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\NMSAccessU.exe -- (NMSAccessU) SRV - [2007-01-04 14:13:56 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- I:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo) DRV - [2010-10-28 10:50:40 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010-10-28 10:49:24 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010-09-07 16:52:26 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 16:52:04 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 16:47:20 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 16:47:08 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 16:46:52 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-05-05 09:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-06-08 17:51:44 | 000,094,064 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2007-06-08 17:51:44 | 000,089,872 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2007-06-08 17:51:44 | 000,085,408 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM) DRV - [2007-06-08 17:51:44 | 000,083,344 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2007-06-08 17:51:44 | 000,081,728 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2007-06-08 17:51:44 | 000,079,488 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2007-06-08 17:51:44 | 000,058,288 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM) DRV - [2007-06-08 17:51:44 | 000,008,336 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2007-06-08 17:51:44 | 000,006,576 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2007-06-08 17:51:42 | 000,055,216 | ---- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) DRV - [2006-12-05 15:39:12 | 001,963,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-04-28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006-04-28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) DRV - [2006-04-28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006-04-28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006-04-28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) DRV - [2006-04-28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) DRV - [2006-04-28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) DRV - [2006-02-23 21:22:14 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2006-02-23 21:20:28 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2005-10-20 14:50:22 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) DRV - [2004-12-15 10:32:04 | 000,032,782 | R--- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120) DRV - [2004-08-12 04:18:22 | 000,015,961 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SF-620.sys -- (SF-620) DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2003-05-26 06:57:50 | 000,166,912 | R--- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr) DRV - [2003-04-09 11:17:14 | 000,227,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cccp106.sys -- (CCCP106) CIF USB Camera (2110A) DRV - [2003-03-24 05:19:00 | 000,088,960 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudio.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM) DRV - [2003-02-18 10:08:04 | 000,017,504 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) DRV - [2002-12-27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\URLSearchHook: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-507921405-343818398-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2005-03-31 22:21:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2004-12-14 11:03:08 | 000,000,000 | ---D | M] [2008-06-29 14:35:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions [2009-03-23 17:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79} [2006-01-29 00:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Mozilla\Firefox\Profiles\khf93u02.default\extensions [2004-12-14 11:03:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2005-10-11 19:36:00 | 000,618,496 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSOCCER.dll [2006-04-08 19:03:26 | 000,950,272 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPDEMON.dll [2005-10-12 11:23:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSNOOKER.dll [2006-04-08 19:31:30 | 000,974,848 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPIRATE.dll [2006-04-08 21:09:12 | 000,868,352 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPCARDS.dll [2005-10-12 11:23:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD9.dll [2005-10-12 11:24:00 | 000,626,688 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD8.dll [2006-04-08 19:42:00 | 000,552,960 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS70.dll [2006-04-10 23:37:12 | 000,548,864 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS90.dll [2005-01-21 13:55:00 | 000,913,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBOARDS.dll [2006-04-08 20:15:58 | 000,589,824 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPROULETTE.dll [2006-04-08 21:10:56 | 000,544,768 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPSLOTS80.dll [2004-12-14 13:30:00 | 000,520,192 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPNAVY.dll [2004-10-31 18:41:00 | 000,622,592 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPMARBLES.dll [2010-03-13 16:56:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-03-13 16:56:30 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-03-13 16:56:30 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-03-13 16:56:30 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-03-13 16:56:30 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-03-13 16:56:30 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-01-08 16:13:58 | 000,000,021 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {45AD732C-2CE2-4666-B366-B2214AD57A49} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found. O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-507921405-343818398-839522115-1007..\Run: [MSMSGS] C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe File not found O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-343818398-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.) O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - Reg Error: Key error. File not found O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-507921405-343818398-839522115-1007\..Trusted Domains: ([]msn in Mój komputer) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx (Instalator oprogramowania Onet.pl) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab (FileSharingCtrl Class) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (ZoneIntro Class) O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab (CBreakshotControl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab31267.cab (ZoneChess Object) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/html {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - Reg Error: Key error. File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell - "" = AutoRun O33 - MountPoints2\{2f2eec10-61ea-11df-8f82-000b6a2463eb}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]Emurayden PSX Emulator[/b] - hkey= - key= - C:\Program Files\VVSN\VVSN.exe File not found MsConfig - StartUpReg: [b]FreeRAM XP[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40. File not found MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe File not found MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]New.net Startup[/b] - hkey= - key= - C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL File not found MsConfig - StartUpReg: [b]Onet.pl AutoUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) MsConfig - StartUpReg: [b]SIDEBAR[/b] - hkey= - key= - C:\Program Files\Desktop Sidebar\sidebar.exe File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]STYLEXP[/b] - hkey= - key= - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]SurfAccuracy[/b] - hkey= - key= - C:\Program Files\SurfAccuracy\SAcc.exe File not found MsConfig - StartUpReg: [b]wiadomek[/b] - hkey= - key= - C:\Program Files\Wiadomek\Wiadomek.exe File not found MsConfig - StartUpReg: [b]WITaj![/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]xpas.exe[/b] - hkey= - key= - C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: sharedaccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-01-08 16:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-01-08 16:53:37 | 000,000,000 | ---D | C] -- C:\rsit [2011-01-08 16:20:23 | 000,000,000 | ---D | C] -- C:\_OTL [2011-01-07 23:48:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Konto administratora\Recent [2011-01-07 23:16:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2010-12-13 20:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Pobieranie [2010-12-08 16:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2010-12-08 16:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-12-05 11:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Moje dokumenty\Any Video Converter [2010-11-21 20:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-11-20 14:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2005-03-12 05:05:53 | 000,017,504 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-01-08 17:31:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-08 16:31:32 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe [2011-01-07 23:17:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe [2011-01-07 20:28:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-27 20:46:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-12-27 18:42:22 | 000,018,684 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-10 00:51:06 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-04 22:15:16 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-08 16:31:33 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe [2010-12-27 18:42:12 | 000,018,684 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Pulpit\cow-gate.jpg [2010-12-05 15:07:24 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-12-28 15:47:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2009-12-28 15:47:56 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2009-12-28 15:47:39 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\$_hpcst$.hpc [2009-07-19 22:37:06 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2009-05-01 13:33:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-05-01 13:27:18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-01-15 22:43:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Route.INI [2007-11-27 17:49:55 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2007-11-23 22:32:22 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Relax.ini [2007-11-20 19:32:58 | 000,004,677 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2007-10-10 00:08:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Dane aplikacji\AVSDVDPlayer.m3u [2007-05-11 22:01:13 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini [2007-03-16 19:04:35 | 000,000,158 | ---- | C] () -- C:\WINDOWS\NokiaImageConverter.INI [2007-03-16 19:00:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NokiaContentCopier.INI [2007-03-16 18:44:23 | 000,004,423 | ---- | C] () -- C:\Program Files\ks959-2000xp.inf [2007-01-25 03:52:26 | 000,065,536 | ---- | C] () -- C:\Program Files\Common Files\NMSAccessU.exe [2006-12-10 11:54:33 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache [2006-08-14 11:11:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-08-09 14:49:49 | 000,000,265 | ---- | C] () -- C:\WINDOWS\JSBuilder.INI [2006-06-26 22:19:24 | 000,000,492 | ---- | C] () -- C:\WINDOWS\naglos.INI [2006-02-23 21:20:26 | 000,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2006-02-23 21:20:26 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd2013.sys [2006-02-01 21:33:27 | 000,126,464 | ---- | C] () -- C:\Documents and Settings\Konto administratora\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005-12-20 00:03:53 | 000,000,734 | ---- | C] () -- C:\WINDOWS\mamba.ini [2005-06-27 04:14:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2005-06-23 03:11:33 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SDDINST.INI [2005-04-30 02:03:57 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\attfd42.dll [2005-04-21 04:25:23 | 000,010,334 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2005-04-21 01:41:09 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2005-04-13 13:11:34 | 000,000,124 | ---- | C] () -- C:\WINDOWS\PG3prefs.ini [2005-04-12 13:45:43 | 000,000,028 | ---- | C] () -- C:\WINDOWS\sampler.INI [2005-04-12 13:45:42 | 000,000,764 | ---- | C] () -- C:\WINDOWS\beatbox.INI [2005-04-11 20:14:13 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2005-04-08 05:27:01 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2005-03-21 00:08:18 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2005-03-21 00:08:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2005-03-21 00:08:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2005-03-21 00:07:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2005-03-12 05:20:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2005-03-07 08:52:19 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2005-03-07 05:48:12 | 000,000,658 | ---- | C] () -- C:\WINDOWS\Net2fone.ini [2005-02-28 02:50:27 | 000,000,360 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005-02-03 03:02:10 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini [2005-01-10 13:29:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2005-01-06 05:29:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005-01-04 07:37:52 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wslam.ini [2005-01-04 06:23:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2005-01-03 20:56:40 | 000,000,145 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004-12-30 04:25:16 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2004-12-23 01:08:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2004-12-14 13:25:36 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini [2004-12-14 12:56:38 | 000,000,837 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2004-12-14 12:56:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2004-12-14 12:48:17 | 000,227,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\cccp106.sys [2004-12-14 12:48:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\JPGL.DLL [2004-12-14 12:48:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\DIV_IYUV.DLL [2004-12-14 12:48:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dcccp106.dll [2004-12-14 12:48:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vcccp106.dll [2004-12-14 12:48:14 | 000,015,542 | ---- | C] () -- C:\WINDOWS\cccp106.ini [2004-12-14 12:48:14 | 000,000,321 | ---- | C] () -- C:\WINDOWS\DC2110a.ini [2004-12-14 10:45:25 | 000,000,532 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004-12-14 09:53:59 | 000,002,562 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2004-12-14 09:53:57 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2004-12-14 09:21:00 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004-08-25 21:44:27 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2004-08-05 15:00:48 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\MovieEncoder.dll [color=#E56717]========== LOP Check ==========[/color] [2005-03-20 23:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BurstCopy Labs [2008-10-13 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TERMINAL Studio [2008-10-14 17:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-28 21:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-11-01 11:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2006-05-08 19:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\IrfanView [2006-07-20 00:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Teleca [2006-10-28 21:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Sports Interactive [2007-11-26 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Leadertech [2008-02-29 17:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\foobar2000 [2009-03-23 17:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Broad Intelligence [2010-03-28 21:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 21:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto administratora\Dane aplikacji\OpenFM [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-01-08 17:31:24 | 553,648,128 | -HS- | M] () -- C:\pagefile.sys [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2005-07-14 10:01:20 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-12-03 13:58:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2005-07-13 09:56:16 | 000,000,201 | -HS- | M] () -- C:\desktop.ini [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2004-12-14 09:37:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2004-12-14 09:37:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005-07-14 10:01:20 | 000,250,624 | RHS- | M] () -- C:\ntldr [2005-03-08 09:37:26 | 000,000,211 | RHS- | M] () -- C:\BOOT.BKK [2008-09-07 14:13:14 | 000,000,000 | ---- | M] () -- C:\data.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2002-09-20 17:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] Nowy log z RSIT [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Konto administratora at 2011-01-08 17:51:35 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 3 GB (33%) free of 9 GB Total RAM: 2015 MB (76% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:52:00, on 11-01-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\vVX1000.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\NMSAccessU.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe C:\Program Files\foobar2000\foobar2000.exe C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe C:\Program Files\trend micro\Konto administratora.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FFE7F969-DC45-42F3-ADA6-5268CB39C3D4}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate1c99a89289fd8f2) (gupdate1c99a89289fd8f2) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8539 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-01-12 275800] "VX1000"=C:\WINDOWS\vVX1000.exe [2006-12-05 707360] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "MSMSGS"=C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Emurayden PSX Emulator] C:\Program Files\VVSN\VVSN.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP] C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40.exe -win [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe /tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe /updateexetsr [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-07-05 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR] C:\Program Files\Desktop Sidebar\sidebar.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe [2004-12-16 36972] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wiadomek] C:\Program Files\Wiadomek\Wiadomek.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WITaj!] rem -- Anulowane uruchamianie programu WITaj! 2000 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xpas.exe] C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2011-01-08 16:53:39 ----D---- C:\Program Files\trend micro 2011-01-08 16:53:37 ----D---- C:\rsit 2011-01-08 16:20:23 ----D---- C:\_OTL ======List of files/folders modified in the last 1 months====== 2011-01-08 17:30:34 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-27 20:46:54 ----A---- C:\WINDOWS\NeroDigital.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2006-09-27 36560] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-02-23 642560] R0 viaagp;Filtr magistrali AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-03 42240] R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2002-12-27 26880] R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [] R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880] R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-04 41472] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176] R2 irda;Protokół IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 NwlnkIpx;Protokół transportowy zgodny z NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2004-08-03 88448] R2 NwlnkNb;System NetBIOS NWLink; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-08-17 63232] R2 NwlnkSpx;Protokół NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-08-17 55936] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-05-26 166912] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-03-24 88960] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-05 1963680] S3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [] S3 CCCP106;CIF USB Camera (2110A); C:\WINDOWS\System32\DRIVERS\cccp106.sys [2003-04-09 227200] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CrystalSysInfo;CrystalSysInfo; \??\I:\Program Files\MediaCoder\SysInfo.sys [] S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-02-23 223128] S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2003-02-18 17504] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568] S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-20 19034] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 SER120;OTI Serial port driver; C:\WINDOWS\system32\DRIVERS\SER120.sys [2004-12-15 32782] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-06-08 58288] S4 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-06-08 8336] S4 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-06-08 94064] S4 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-06-08 85408] S4 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-06-08 83344] S4 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2007-06-08 55216] S4 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2007-06-08 6576] S4 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2007-06-08 89872] S4 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2007-06-08 81728] S4 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2007-06-08 79488] S4 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600] S4 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360] S4 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184] S4 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688] S4 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704] S4 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560] S4 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-10-28 2806000] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 Irmon;Monitor podczerwieni; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 NMSAccessU;NMSAccessU; C:\Program Files\Common Files\NMSAccessU.exe [2007-01-25 65536] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S2 gupdate1c99a89289fd8f2;Google Update Service (gupdate1c99a89289fd8f2); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] -----------------EOF----------------- [/log]
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 Nie wrzucaj załączników. Wystarczą tagi. Do notatnika systemowego wklej taki tekst: [code]Windows Registry Editor Version 5.00 [ -HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}] [ -HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [ -HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Emurayden PSX Emulator] [/code] Plik zapisz jako/zmień rozszerzenie na wszystkie pliki/zapisz jako fix.reg/dwuklikiem dodajesz do rejestru. Pokaż tylko log RSIT.
toma. komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 ok, tak to wyglada [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Konto administratora at 2011-01-08 18:17:28 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 3 GB (33%) free of 9 GB Total RAM: 2015 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:17:53, on 11-01-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\vVX1000.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\NMSAccessU.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Konto administratora\Pulpit\OTL.exe C:\Program Files\foobar2000\foobar2000.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Konto administratora\Pulpit\RSIT.exe C:\Program Files\trend micro\Konto administratora.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121149184843 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {AE9FE2BF-C5CE-4311-90C5-25B2CAB01B32} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/pl/filesharingctrl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FFE7F969-DC45-42F3-ADA6-5268CB39C3D4}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate1c99a89289fd8f2) (gupdate1c99a89289fd8f2) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Common Files\NMSAccessU.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8594 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-01-12 275800] "VX1000"=C:\WINDOWS\vVX1000.exe [2006-12-05 707360] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "MSMSGS"=C:\WINDOWS\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\msmsgs.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Emurayden PSX Emulator] C:\Program Files\VVSN\VVSN.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP] C:\Documents and Settings\FRETO'O\Pulpit\MINI PROGRAMY\freeRAM XP pro v1.4\FreeRAM XP Pro 1.40.exe -win [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe /tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe /updateexetsr [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-07-05 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR] C:\Program Files\Desktop Sidebar\sidebar.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe [2004-12-16 36972] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wiadomek] C:\Program Files\Wiadomek\Wiadomek.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WITaj!] rem -- Anulowane uruchamianie programu WITaj! 2000 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xpas.exe] C:\Documents and Settings\FRETO'O\Pulpit\XPAS\xpas.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2011-01-08 16:53:39 ----D---- C:\Program Files\trend micro 2011-01-08 16:53:37 ----D---- C:\rsit 2011-01-08 16:20:23 ----D---- C:\_OTL ======List of files/folders modified in the last 1 months====== 2011-01-08 17:30:34 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-27 20:46:54 ----A---- C:\WINDOWS\NeroDigital.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2006-09-27 36560] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-02-23 642560] R0 viaagp;Filtr magistrali AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-03 42240] R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2002-12-27 26880] R1 a2injectiondriver;a2injectiondriver; \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [] R1 a2util;a-squared Malware-IDS utility driver; \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880] R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-04 41472] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176] R2 irda;Protokół IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 NwlnkIpx;Protokół transportowy zgodny z NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2004-08-03 88448] R2 NwlnkNb;System NetBIOS NWLink; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-08-17 63232] R2 NwlnkSpx;Protokół NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-08-17 55936] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2003-05-26 166912] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-03-24 88960] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-05 1963680] S3 a2acc;a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [] S3 CCCP106;CIF USB Camera (2110A); C:\WINDOWS\System32\DRIVERS\cccp106.sys [2003-04-09 227200] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CrystalSysInfo;CrystalSysInfo; \??\I:\Program Files\MediaCoder\SysInfo.sys [] S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-02-23 223128] S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] S3 GT680x;GrandTechICNameNT; C:\WINDOWS\System32\Drivers\gt680x.sys [2003-02-18 17504] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568] S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-20 19034] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 SER120;OTI Serial port driver; C:\WINDOWS\system32\DRIVERS\SER120.sys [2004-12-15 32782] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-06-08 58288] S4 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-06-08 8336] S4 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-06-08 94064] S4 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-06-08 85408] S4 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-06-08 83344] S4 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2007-06-08 55216] S4 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2007-06-08 6576] S4 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2007-06-08 89872] S4 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2007-06-08 81728] S4 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2007-06-08 79488] S4 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600] S4 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360] S4 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184] S4 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688] S4 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704] S4 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560] S4 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2010-10-28 2806000] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 Irmon;Monitor podczerwieni; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 NMSAccessU;NMSAccessU; C:\Program Files\Common Files\NMSAccessU.exe [2007-01-25 65536] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S2 gupdate1c99a89289fd8f2;Google Update Service (gupdate1c99a89289fd8f2); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] -----------------EOF----------------- [/log]
Tomek01 komentarz 8 stycznia 2011 komentarz 8 stycznia 2011 W OTL użyj funkcji CleanUp. Profilaktycznie wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i raporty pokaż na forum.
toma. komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 zrobiłem jak kazałeś i tak DrWebCureIt nic nie znalazł, a Malwarebytes Anti-Malware znalazło dwa. wrzucam loga z tego skanowania [log] Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Wersja bazy: 5484 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 11-01-08 20:04:18 mbam-log-2011-01-08 (20-04-10).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 137255 Upłynęło: 4 minut(y), 22 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 1 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10E42047-DEB9-4535-A118-B3F6EC39B807} (Adware.ISTBar) -> No action taken. Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) [/log]
toma. komentarz 8 stycznia 2011 Autor komentarz 8 stycznia 2011 (edytowane) aha ok dzięki bardzo za pomoc temat zakończony
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.