OTL:
OTL logfile created on: 2010-03-29 19:46:50 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\AMADEUSZ\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 597,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,49 Gb Free Space | 12,74% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 3,98 Gb Free Space | 13,59% Space Free | Partition Type: FAT32
Drive E: | 25,69 Gb Total Space | 5,18 Gb Free Space | 20,17% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
Drive G: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AMADEUSZ
Current User Name: AMADEUSZ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2010-03-29 19:45:25 | 000,555,520 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\AMADEUSZ\Pulpit\OTL.exe
PRC - [2010-03-18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) – D:\Programy instalki - N I E K A S O W A Ć\Programy\opera.exe
PRC - [2010-03-12 00:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) – C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) – C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009-02-06 14:23:12 | 002,021,400 | ---- | M] (ESET) – C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2008-04-15 00:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 00:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-15 00:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 00:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 00:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe
PRC - [2008-04-15 00:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 00:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2008-04-15 00:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-15 00:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-15 00:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe
PRC - [2007-05-16 10:27:38 | 001,209,904 | ---- | M] (Nero AG) – C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-05-16 10:27:28 | 000,271,920 | ---- | M] (Nero AG) – C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-05-16 10:27:16 | 000,153,136 | ---- | M] (Nero AG) – C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
========== Modules (All) ==========
MOD - [2010-03-29 19:45:25 | 000,555,520 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\AMADEUSZ\Pulpit\OTL.exe
MOD - [2010-03-12 18:50:43 | 000,008,192 | ---- | M] () – C:\WINDOWS\system32\28463\PEMH.006
MOD - [2010-03-12 18:50:43 | 000,005,632 | ---- | M] () – C:\WINDOWS\system32\28463\PEMH.007
MOD - [2008-04-15 00:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 00:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-15 00:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 00:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 00:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-15 00:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 00:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll
MOD - [2008-04-15 00:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-15 00:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 00:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-15 00:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-15 00:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-15 00:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-15 00:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 00:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-15 00:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-15 00:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 00:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-15 00:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 00:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-15 00:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-15 00:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-15 00:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-15 00:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 00:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-15 00:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-15 00:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-15 00:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-15 00:29:10 | 001,054,208 | R— | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009-03-20 15:56:57 | 000,357,182 | ---- | M] () [Auto | Stopped] – C:\WINDOWS\reset.exe – (.EsetTrialReset)
SRV - [2009-02-06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] – C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe – (EhttpSrv)
SRV - [2009-02-06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] – C:\Program Files\ESET\ESET Smart Security\ekrn.exe – (ekrn)
SRV - [2003-09-01 13:10:20 | 000,266,240 | ---- | M] (HP) [Auto | Stopped] – C:\Documents and Settings\AMADEUSZ\Ustawienia lokalne\Temp\hpdj.exe – (hpdj)
========== Driver Services (SafeList) ==========
DRV - [2009-02-06 14:24:22 | 000,056,280 | ---- | M] (ESET) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\epfwtdi.sys – (epfwtdi)
DRV - [2009-02-06 14:24:22 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\epfwndis.sys – (Epfwndis)
DRV - [2009-02-06 14:24:18 | 000,130,952 | ---- | M] (ESET) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\epfw.sys – (epfw)
DRV - [2009-02-06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\ehdrv.sys – (ehdrv)
DRV - [2009-02-06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\eamon.sys – (eamon)
DRV - [2008-04-14 02:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] – C:\WINDOWS\system32\drivers\nwlnkipx.sys – (NwlnkIpx)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2008-04-14 00:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)
DRV - [2007-02-10 23:55:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Amusbprt.sys – (Amusbprt)
DRV - [2007-02-10 02:04:50 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Amps2prt.sys – (Amps2prt)
DRV - [2007-01-24 17:46:48 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\Amfilter.sys – (Amfilter)
DRV - [2006-01-12 21:46:28 | 000,252,928 | R— | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\rt73.sys – (RT73)
DRV - [2005-11-03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfvfs02.sys – (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005-08-10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfdrv01.sys – (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-18 11:50:00 | 002,319,680 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ALCXWDM.SYS – (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp02.sys – (sfhlp02) StarForce Protection Helper Driver (version 2.x)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= … =CT2233703
IE - HKCU…\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “AutoConfigURL” = google.pl
FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009-08-05 10:18:15 | 000,000,000 | —D | M]
O1 HOSTS File: ([2010-03-12 18:34:57 | 000,000,785 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 www.metin2.pl
O1 - Hosts: 0.0.0.0 metin2.pl
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll (Conduit Ltd.)
O3 - HKLM…\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll (Conduit Ltd.)
O3 - HKCU…\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\tb4sh1.dll (Conduit Ltd.)
O4 - HKLM…\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM…\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU…\Run: [cdoosoft] C:\DOCUME~1\AMADEUSZ\USTAWI~1\Temp\herss.exe File not found
O4 - HKCU…\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU…\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download all 4shared files - C:\Program Files\4shared Desktop\down_all.htm ()
O8 - Extra context menu item: &Download using 4shared Desktop - C:\Program Files\4shared Desktop\down_link.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: E:\Gry\Gry\NFS Carbon\AutoRun\Slide_001.bmp
O24 - Desktop BackupWallPaper: E:\Gry\Gry\NFS Carbon\AutoRun\Slide_001.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-04 20:13:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O32 - AutoRun File - [2010-02-13 17:34:00 | 000,000,059 | RHS- | M] () - C:\autorun.inf – [NTFS]
O32 - AutoRun File - [2010-02-13 16:33:36 | 000,000,059 | RHS- | M] () - D:\autorun.inf – [FAT32]
O32 - AutoRun File - [2010-02-13 16:33:36 | 000,000,059 | RHS- | M] () - E:\autorun.inf – [FAT32]
O33 - MountPoints2{00efcaf9-a800-11de-8bac-0040ca59b0fb}\Shell\AutoRun\command - “” = G:\bycfht.exe – File not found
O33 - MountPoints2{00efcaf9-a800-11de-8bac-0040ca59b0fb}\Shell\open\Command - “” = G:\bycfht.exe – File not found
O33 - MountPoints2{030b6090-f244-11de-bf08-0040ca59b0fb}\Shell\AutoRun\command - “” = H:\u16sqrqn.exe – File not found
O33 - MountPoints2{030b6090-f244-11de-bf08-0040ca59b0fb}\Shell\open\Command - “” = H:\u16sqrqn.exe – File not found
O33 - MountPoints2{16413e06-889c-11de-8b37-0040ca59b0fb}\Shell\AutoRun\command - “” = I:\ws.exe – File not found
O33 - MountPoints2{16413e06-889c-11de-8b37-0040ca59b0fb}\Shell\open\Command - “” = I:\ws.exe – File not found
O33 - MountPoints2{3a29e044-d6a2-11de-bea2-9e286b0b5084}\Shell\AutoRun\command - “” = H:\curqp.exe – File not found
O33 - MountPoints2{3a29e044-d6a2-11de-bea2-9e286b0b5084}\Shell\open\Command - “” = H:\curqp.exe – File not found
O33 - MountPoints2{63ca43e3-c583-11de-8c28-0040ca59b0fb}\Shell\AutoRun\command - “” = G:\a2g21.exe – File not found
O33 - MountPoints2{63ca43e3-c583-11de-8c28-0040ca59b0fb}\Shell\open\Command - “” = G:\a2g21.exe – File not found
O33 - MountPoints2{c2062cbe-a841-11de-8bae-0040ca59b0fb}\Shell\AutoRun\command - “” = fk.exe
O33 - MountPoints2{c2062cbe-a841-11de-8bae-0040ca59b0fb}\Shell\open\Command - “” = fk.exe
O33 - MountPoints2{cff17baa-e1bf-11de-bed3-0040ca59b0fb}\Shell\AutoRun\command - “” = H:\k8jc.exe – File not found
O33 - MountPoints2{cff17baa-e1bf-11de-bed3-0040ca59b0fb}\Shell\open\Command - “” = H:\k8jc.exe – File not found
O33 - MountPoints2{eb39e088-acb7-11de-8bc6-0040ca59b0fb}\Shell\AutoRun\command - “” = 9jyhdim8.exe
O33 - MountPoints2{eb39e088-acb7-11de-8bc6-0040ca59b0fb}\Shell\open\Command - “” = 9jyhdim8.exe
O33 - MountPoints2{f8403968-11c4-11df-bf76-0040ca59b0fb}\Shell\AutoRun\command - “” = H:\nqdymj.exe – File not found
O33 - MountPoints2{f8403968-11c4-11df-bf76-0040ca59b0fb}\Shell\open\Command - “” = H:\nqdymj.exe – File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-04 20:12:58 | 000,000,000 | —D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2010-03-29 19:45:05 | 000,555,520 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\AMADEUSZ\Pulpit\OTL.exe
[2010-03-28 17:42:53 | 000,000,000 | —D | C] – C:\Fraps
[2010-03-28 17:41:49 | 002,013,480 | ---- | C] (Beepa Pty Ltd) – C:\Documents and Settings\AMADEUSZ\Pulpit\setup.exe
[2010-03-28 17:31:46 | 000,049,664 | ---- | C] (MindVision Software) – C:\WINDOWS\unvise32.exe
[2010-03-28 17:31:43 | 000,000,000 | —D | C] – C:\Program Files\Active Ports
[2010-03-28 17:18:32 | 000,356,352 | ---- | C] (NVIDIA Corporation) – C:\WINDOWS\System32\NVUNINST.EXE
[2010-03-28 17:18:18 | 000,000,000 | —D | C] – C:\NVIDIA
[2010-03-28 14:02:18 | 000,000,000 | —D | C] – C:\WINDOWS\System32\NtmsData
[2010-03-27 21:00:43 | 000,000,000 | -H-D | C] – C:\WINDOWS\System32\GroupPolicy
[2010-03-27 20:48:42 | 000,000,000 | —D | C] – C:\Program Files\Trend Micro
[2010-03-27 20:47:40 | 000,812,344 | ---- | C] (Trend Micro Inc.) – C:\Documents and Settings\AMADEUSZ\Pulpit\HJTInstall.exe
[2010-03-27 17:46:56 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\ipla
[2010-03-27 17:46:56 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-27 17:46:13 | 000,000,000 | —D | C] – C:\Program Files\ipla
[2010-03-27 17:45:50 | 001,700,352 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\gdiplus.dll
[2010-03-27 16:08:09 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 16:07:56 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 16:07:43 | 000,000,000 | —D | C] – C:\Program Files\Gadu-Gadu 10
[2010-03-26 04:40:36 | 000,086,016 | ---- | C] (Beepa P/L) – C:\WINDOWS\System32\frapsvid.dll
[2010-03-26 01:26:41 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Firma - Przeciwko Kurestwu I Upadkowi Zasad
[2010-03-26 01:26:23 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Firma - Nielegalne Rytmy Kontynuacja
[2010-03-26 01:24:24 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\www.yhu.pl
[2010-03-21 19:54:54 | 000,000,000 | —D | C] – C:\Program Files\bfgclient
[2010-03-21 19:52:56 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\BigFishGamesCache
[2010-03-17 20:21:40 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Zrobione
[2010-03-15 20:26:08 | 000,000,000 | —D | C] – C:\Games
[2010-03-15 19:28:18 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Metin2 ExpBot (PL Version) (Handluje oraz opcja LUROWANIA!) Upload by UZieLL!
[2010-03-15 17:54:29 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Straż przerobiona
[2010-03-12 18:50:43 | 000,000,000 | -HSD | C] – C:\WINDOWS\System32\28463
[2010-03-12 18:18:27 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Files
[2010-03-10 22:53:14 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\exphack_metin
[2010-03-03 15:10:54 | 000,000,000 | —D | C] – C:\Documents and Settings\AMADEUSZ\Pulpit\Nieużywane skróty pulpitu
[2009-09-02 07:23:53 | 000,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2009-08-04 20:18:01 | 000,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-08-04 20:13:31 | 000,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-08-04 20:13:31 | 000,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-08-04 20:13:31 | 000,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2010-03-29 19:45:25 | 000,555,520 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\AMADEUSZ\Pulpit\OTL.exe
[2010-03-29 19:36:39 | 000,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2010-03-29 19:36:37 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2010-03-29 19:36:36 | 1073,270,784 | -HS- | M] () – C:\hiberfil.sys
[2010-03-29 18:40:07 | 003,145,728 | -H-- | M] () – C:\Documents and Settings\AMADEUSZ\NTUSER.DAT
[2010-03-29 18:40:04 | 000,000,188 | -HS- | M] () – C:\Documents and Settings\AMADEUSZ\ntuser.ini
[2010-03-29 18:39:57 | 002,106,882 | -H-- | M] () – C:\Documents and Settings\AMADEUSZ\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-03-29 13:20:01 | 000,484,992 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2010-03-29 13:20:01 | 000,081,710 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2010-03-29 13:20:00 | 001,075,128 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-29 13:20:00 | 000,428,518 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2010-03-29 13:20:00 | 000,066,076 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2010-03-29 08:16:24 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2010-03-28 17:42:54 | 000,000,478 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Fraps.lnk
[2010-03-28 17:42:34 | 002,013,480 | ---- | M] (Beepa Pty Ltd) – C:\Documents and Settings\AMADEUSZ\Pulpit\setup.exe
[2010-03-28 17:29:49 | 000,000,079 | ---- | M] () – C:\WINDOWS\xptools.ini
[2010-03-28 17:27:08 | 000,620,032 | ---- | M] () – C:\WINDOWS\System32\xtbaksm.dll
[2010-03-28 17:27:08 | 000,620,032 | ---- | M] () – C:\WINDOWS\System32\xtbaksm.dat
[2010-03-28 17:27:03 | 000,000,120 | ---- | M] () – C:\WINDOWS\System32\bn.dll
[2010-03-28 17:27:02 | 000,000,510 | ---- | M] () – C:\WINDOWS\System32\xtupdate.zip
[2010-03-28 17:27:02 | 000,000,510 | ---- | M] () – C:\WINDOWS\System32\xtupdate.dat
[2010-03-27 21:02:57 | 000,000,414 | RHS- | M] () – C:\Documents and Settings\All Users\ntuser.pol
[2010-03-27 20:48:43 | 000,001,734 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\HijackThis.lnk
[2010-03-27 20:48:04 | 000,812,344 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\AMADEUSZ\Pulpit\HJTInstall.exe
[2010-03-27 17:49:17 | 000,000,501 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-03-27 17:46:37 | 000,000,626 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-03-27 17:45:54 | 001,700,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\gdiplus.dll
[2010-03-27 16:28:20 | 000,000,703 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-03-27 16:28:20 | 000,000,674 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-03-26 04:40:36 | 000,086,016 | ---- | M] (Beepa P/L) – C:\WINDOWS\System32\frapsvid.dll
[2010-03-26 00:08:58 | 004,508,138 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Firma & Prosto - JP JP na 100%.mp3
[2010-03-23 21:16:30 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2010-03-15 19:35:34 | 000,001,028 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Skrót do Launcher.lnk
[2010-03-15 19:27:50 | 003,738,178 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Metin2 ExpBot (PL Version) (Handluje oraz opcja LUROWANIA!) Upload by UZieLL!.rar
[2010-03-15 19:11:02 | 001,843,157 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\locale de.rar
[2010-03-12 19:31:42 | 000,738,816 | -HS- | M] () – C:\WINDOWS\svchost.exe
[2010-03-12 18:28:01 | 000,246,272 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Najnowszy Chack do Metina2 by banjo1 v4.23.exe
[2010-03-12 18:26:19 | 000,572,416 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\FishBOT.exe
[2010-03-12 18:17:59 | 001,281,510 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\Pulpit\EVPV-MHS 4.1 by MarcoPolo , Banjo & Remus.exe
[2010-03-11 08:10:05 | 000,000,116 | ---- | M] () – C:\Documents and Settings\AMADEUSZ\default.pls
[2010-03-05 14:40:11 | 000,339,645 | ---- | M] (Gameforge 4D ) – C:\Documents and Settings\AMADEUSZ\Pulpit\Downloader_Metin2_pl.exe
[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2010-03-28 17:42:54 | 000,000,478 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Fraps.lnk
[2010-03-28 17:29:49 | 000,000,079 | ---- | C] () – C:\WINDOWS\xptools.ini
[2010-03-28 17:27:08 | 000,620,032 | ---- | C] () – C:\WINDOWS\System32\xtbaksm.dll
[2010-03-28 17:27:03 | 000,000,120 | ---- | C] () – C:\WINDOWS\System32\bn.dll
[2010-03-28 17:27:02 | 000,620,032 | ---- | C] () – C:\WINDOWS\System32\xtbaksm.dat
[2010-03-28 17:27:02 | 000,000,510 | ---- | C] () – C:\WINDOWS\System32\xtupdate.zip
[2010-03-28 17:27:02 | 000,000,510 | ---- | C] () – C:\WINDOWS\System32\xtupdate.dat
[2010-03-27 21:02:57 | 000,000,414 | RHS- | C] () – C:\Documents and Settings\All Users\ntuser.pol
[2010-03-27 20:48:43 | 000,001,734 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\HijackThis.lnk
[2010-03-27 17:46:37 | 000,000,626 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-03-27 16:28:20 | 000,000,703 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-03-27 16:28:20 | 000,000,674 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-03-26 00:05:36 | 004,508,138 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Firma & Prosto - JP JP na 100%.mp3
[2010-03-15 19:35:34 | 000,001,028 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Skrót do Launcher.lnk
[2010-03-15 19:29:55 | 002,021,376 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\locale_de.epk
[2010-03-15 19:29:55 | 000,012,952 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\locale_de.addr
[2010-03-15 19:29:55 | 000,004,908 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\locale_de.eix
[2010-03-15 19:22:30 | 003,738,178 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Metin2 ExpBot (PL Version) (Handluje oraz opcja LUROWANIA!) Upload by UZieLL!.rar
[2010-03-15 19:10:49 | 001,843,157 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\locale de.rar
[2010-03-12 18:29:38 | 000,738,816 | -HS- | C] () – C:\WINDOWS\svchost.exe
[2010-03-12 18:27:59 | 000,246,272 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\Najnowszy Chack do Metina2 by banjo1 v4.23.exe
[2010-03-12 18:26:16 | 000,572,416 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\FishBOT.exe
[2010-03-12 18:17:51 | 001,281,510 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Pulpit\EVPV-MHS 4.1 by MarcoPolo , Banjo & Remus.exe
[2010-03-11 08:10:05 | 000,000,116 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\default.pls
[2009-12-03 18:37:32 | 000,795,648 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2009-12-03 01:22:43 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2009-09-13 11:13:24 | 000,009,219 | ---- | C] () – C:\WINDOWS\hpdj3600.ini
[2009-08-04 20:43:20 | 000,038,400 | ---- | C] () – C:\Documents and Settings\AMADEUSZ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-04 20:34:57 | 000,000,164 | R— | C] () – C:\WINDOWS\avrack.ini
[2009-08-04 20:34:53 | 000,156,672 | R— | C] () – C:\WINDOWS\System32\RTLCPAPI.dll
[2009-08-04 20:32:12 | 000,001,800 | ---- | C] () – C:\WINDOWS\Ascd_tmp.ini
[2009-08-04 20:32:10 | 000,005,824 | ---- | C] () – C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-02-12 17:43:54 | 000,065,619 | ---- | C] () – C:\WINDOWS\System32\setupw2k.dll
[2006-03-27 12:08:34 | 000,040,960 | ---- | C] () – C:\WINDOWS\System32\nwslog32.dll
========== LOP Check ==========
[2009-08-05 08:21:03 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-27 16:08:09 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 17:46:56 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-11-17 23:32:10 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-12-30 13:28:59 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\PCDJ
[2010-01-21 11:01:10 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-05 08:46:07 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2010-03-25 08:03:41 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\4shared Desktop
[2010-03-29 19:37:02 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\DMCache
[2009-08-05 08:22:16 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\ESET
[2009-08-13 07:11:40 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\Frater
[2010-03-27 16:08:04 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\Gadu-Gadu 10
[2009-09-14 14:29:46 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\IDM
[2009-08-10 14:57:08 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\InterTrust
[2010-03-28 00:04:09 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\ipla
[2009-12-13 20:52:07 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\IrfanView
[2009-11-22 13:24:45 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-09 07:04:16 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\OpenFM
[2009-08-31 18:34:39 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\Opera
[2009-12-30 13:28:59 | 000,000,000 | —D | M] – C:\Documents and Settings\AMADEUSZ\Dane aplikacji\PCDJ
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2009-09-30 18:54:07 | 000,118,464 | RHS- | M] () – C:\0fkk02x.exe
[2010-01-27 19:33:00 | 000,100,864 | RHS- | M] () – C:\0fpdq2dw.exe
[2009-11-18 18:59:31 | 000,114,071 | RHS- | M] () – C:\0qw6vege.exe
[2009-09-09 07:04:22 | 000,116,142 | RHS- | M] () – C:\10nb.exe
[2009-11-06 09:18:46 | 000,114,602 | RHS- | M] () – C:\1a1dndah.exe
[2009-10-08 20:09:27 | 000,117,508 | RHS- | M] () – C:\1di1w.exe
[2010-01-30 18:03:18 | 000,094,208 | RHS- | M] () – C:\1hqup.exe
[2009-12-06 21:33:06 | 000,115,347 | RHS- | M] () – C:\2id9.exe
[2009-09-20 10:49:09 | 000,117,220 | RHS- | M] () – C:\2o1ajagt.exe
[2009-10-15 19:02:18 | 000,116,414 | RHS- | M] () – C:\2sm66r.exe
[2009-09-07 18:23:21 | 000,115,578 | RHS- | M] () – C:\3c.exe
[2009-09-21 18:40:10 | 000,115,367 | RHS- | M] () – C:\3yalgc.exe
[2009-11-13 15:57:51 | 000,115,082 | RHS- | M] () – C:\6ruaqx.exe
[2009-09-14 16:23:16 | 000,115,493 | RHS- | M] () – C:\86.exe
[2010-01-11 19:48:22 | 000,118,784 | RHS- | M] () – C:\8xcrbho6.exe
[2009-11-02 19:30:06 | 000,115,127 | RHS- | M] () – C:\9b9w3.exe
[2010-02-02 19:07:43 | 000,094,208 | RHS- | M] () – C:\9d6tpg.exe
[2009-12-22 19:59:14 | 000,120,409 | RHS- | M] () – C:\9ffp.exe
[2010-01-20 21:33:45 | 000,118,272 | RHS- | M] () – C:\9fo3ar0j.exe
[2009-11-17 21:13:25 | 000,114,180 | RHS- | M] () – C:\9g86.exe
[2009-09-29 18:34:47 | 000,116,840 | RHS- | M] () – C:\9jyhdim8.exe
[2010-02-10 20:32:56 | 000,091,648 | RHS- | M] () – C:\9qqigqwf.exe
[2010-01-18 08:18:18 | 000,115,712 | RHS- | M] () – C:\9xf8.exe
[2009-10-30 20:28:25 | 000,113,614 | RHS- | M] () – C:\a2g21.exe
[2009-12-31 16:13:26 | 000,109,568 | RHS- | M] () – C:\anoataly.exe
[2009-08-04 20:13:39 | 000,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2010-02-13 17:34:00 | 000,000,059 | RHS- | M] () – C:\autorun.inf
[2009-10-23 18:56:57 | 000,114,191 | RHS- | M] () – C:\b00ijwpu.exe
[2009-08-04 20:06:30 | 000,000,211 | -HS- | M] () – C:\boot.ini
[2001-07-22 03:13:54 | 000,004,952 | RHS- | M] () – C:\Bootfont.bin
[2010-03-29 08:01:32 | 004,926,818 | ---- | M] () – C:\BottingPoint.txt
[2009-09-23 17:19:42 | 000,112,471 | RHS- | M] () – C:\bycfht.exe
[2010-01-25 18:40:12 | 000,097,792 | RHS- | M] () – C:\c2e.exe
[2009-09-05 06:47:23 | 000,117,153 | RHS- | M] () – C:\cj3k.exe
[2009-08-04 20:13:39 | 000,000,000 | ---- | M] () – C:\CONFIG.SYS
[2009-09-21 07:04:24 | 000,115,061 | RHS- | M] () – C:\cqb6wo.exe
[2009-10-05 18:15:36 | 000,118,651 | RHS- | M] () – C:\ctu8r.exe
[2009-11-20 16:12:50 | 000,114,945 | RHS- | M] () – C:\curqp.exe
[2009-09-09 17:26:04 | 000,116,029 | RHS- | M] () – C:\dogyx90.exe
[2010-01-06 18:11:07 | 000,118,784 | RHS- | M] () – C:\e9naq.exe
[2009-10-25 17:53:14 | 000,114,244 | RHS- | M] () – C:\eexyv.exe
[2010-01-08 07:42:52 | 000,121,344 | RHS- | M] () – C:\f2kmj.exe
[2009-10-06 18:38:13 | 000,117,625 | RHS- | M] () – C:\f9o8o.exe
[2009-11-10 15:25:03 | 000,112,695 | RHS- | M] () – C:\g12g.exe
[2009-11-01 07:44:05 | 000,115,086 | RHS- | M] () – C:\gcq6.exe
[2010-01-03 19:24:34 | 000,120,320 | RHS- | M] () – C:\h0.exe
[2010-03-29 19:36:36 | 1073,270,784 | -HS- | M] () – C:\hiberfil.sys
[2009-10-27 19:30:11 | 000,115,072 | RHS- | M] () – C:\hjvjte.exe
[2010-03-04 22:31:46 | 000,017,721 | ---- | M] () – C:\hpfr3600.log
[2009-09-01 20:58:29 | 000,113,455 | RHS- | M] () – C:\i0yva6.exe
[2009-12-28 00:29:13 | 000,106,496 | RHS- | M] () – C:\imghyva6.exe
[2009-08-04 20:13:39 | 000,000,000 | RHS- | M] () – C:\IO.SYS
[2009-12-15 19:34:14 | 000,119,986 | RHS- | M] () – C:\k0maw.exe
[2009-12-05 21:51:46 | 000,115,688 | RHS- | M] () – C:\k8jc.exe
[2010-01-15 23:42:00 | 000,120,320 | RHS- | M] () – C:\kmj.exe
[2009-11-08 18:59:06 | 000,114,924 | RHS- | M] () – C:\l61yyp.exe
[2009-09-17 18:51:36 | 000,115,797 | RHS- | M] () – C:\lhh3v.exe
[2009-11-19 19:18:32 | 000,114,469 | RHS- | M] () – C:\lphfa.exe
[2009-09-06 18:31:33 | 000,115,319 | RHS- | M] () – C:\m.exe
[2010-01-05 00:15:48 | 000,001,227 | ---- | M] () – C:\m.txt
[2009-12-04 08:18:25 | 000,113,792 | RHS- | M] () – C:\mbvd.exe
[2010-01-16 21:25:40 | 000,118,784 | RHS- | M] () – C:\mh.exe
[2009-09-13 20:06:51 | 000,115,737 | RHS- | M] () – C:\mjafm.exe
[2009-10-11 19:10:40 | 000,114,888 | RHS- | M] () – C:\mje12tni.exe
[2009-09-27 19:27:23 | 000,116,665 | RHS- | M] () – C:\mranjm.exe
[2009-08-04 20:13:39 | 000,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2009-08-31 21:47:01 | 000,112,442 | RHS- | M] () – C:\mt2.exe
[2010-01-29 18:38:53 | 000,097,280 | RHS- | M] () – C:\mvmdh.exe
[2009-11-03 21:18:20 | 000,111,826 | RHS- | M] () – C:\mwfubaob.exe
[2009-10-21 07:07:23 | 000,116,183 | RHS- | M] () – C:\nds0q.exe
[2009-12-09 16:14:24 | 000,119,009 | RHS- | M] () – C:\nqdymj.exe
[2008-04-14 00:13:04 | 000,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2008-04-14 02:02:00 | 000,251,152 | RHS- | M] () – C:\ntldr
[2009-12-21 08:17:04 | 000,120,315 | RHS- | M] () – C:\nx.exe
[2009-09-15 19:27:35 | 000,115,942 | RHS- | M] () – C:\o8tf6l.exe
[2009-09-03 21:25:46 | 000,112,699 | RHS- | M] () – C:\o9bxu.exe
[2009-11-15 20:30:52 | 000,116,522 | RHS- | M] () – C:\opdux.exe
[2010-03-29 19:36:35 | 805,306,368 | -HS- | M] () – C:\pagefile.sys
[2009-11-11 21:31:40 | 000,113,817 | RHS- | M] () – C:\pbudsara.exe
[2009-09-13 07:59:27 | 000,115,742 | RHS- | M] () – C:\ph.exe
[2009-10-21 20:15:03 | 000,113,953 | RHS- | M] () – C:\qbr2q.exe
[2009-09-16 18:59:12 | 000,116,163 | RHS- | M] () – C:\qcod.exe
[2010-01-22 17:52:51 | 000,096,768 | RHS- | M] () – C:\qkm.exe
[2009-10-07 17:31:44 | 000,117,945 | RHS- | M] () – C:\r2g20.exe
[2009-09-28 17:37:24 | 000,117,960 | RHS- | M] () – C:\rg9g9bgq.exe
[2009-10-14 20:14:17 | 000,115,522 | RHS- | M] () – C:\s3ek.exe
[2009-10-18 16:56:13 | 000,115,181 | RHS- | M] () – C:\se12ydam.exe
[2009-10-04 19:00:55 | 000,117,453 | RHS- | M] () – C:\sp1jensi.exe
[2009-11-04 19:28:25 | 000,114,304 | RHS- | M] () – C:\srgo.exe
[2009-10-02 18:22:59 | 000,118,853 | RHS- | M] () – C:\t2hjo0.exe
[2009-12-18 08:00:12 | 000,119,649 | RHS- | M] () – C:\t8g.exe
[2009-12-24 10:57:20 | 000,114,414 | RHS- | M] () – C:\u16sqrqn.exe
[2009-10-16 18:31:16 | 000,115,618 | RHS- | M] () – C:\vb0hsoay.exe
[2010-02-07 00:10:23 | 000,000,816 | ---- | M] () – C:\VirtualDJ Local Database v6.xml
[2009-11-09 20:41:12 | 000,114,778 | RHS- | M] () – C:\vk0w.exe
[2009-10-10 19:11:07 | 000,114,819 | RHS- | M] () – C:\vlvtdflx.exe
[2009-09-25 17:04:14 | 000,111,956 | RHS- | M] () – C:\w9uxx92.exe
[2009-10-22 22:13:38 | 000,115,729 | RHS- | M] () – C:\wcgswa.exe
[2009-12-29 08:35:54 | 000,098,816 | RHS- | M] () – C:\wisf1.exe
[2009-09-18 18:37:50 | 000,116,114 | RHS- | M] () – C:\wrsf.exe
[2010-02-08 17:26:51 | 000,091,648 | RHS- | M] () – C:\ws.exe
[2009-12-07 20:49:02 | 000,118,048 | RHS- | M] () – C:\xmor.exe
[2009-10-12 20:07:43 | 000,114,400 | RHS- | M] () – C:\ycvvj.exe
[2009-12-18 19:57:02 | 000,120,299 | RHS- | M] () – C:\yu3.exe
< MD5 for: AGP440.SYS >
[2008-04-15 01:09:56 | 020,110,420 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 – C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2008-04-15 01:09:56 | 020,110,420 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 – C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: BEEP.SYS >
[2001-08-18 02:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 02:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\drivers\beep.sys
< MD5 for: CDROM.SYS >
[2008-04-15 01:09:56 | 020,110,420 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE – C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: NDIS.SYS >
[2008-04-14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: USERINIT.EXE >
[2008-04-15 00:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-15 00:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008-04-15 00:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-15 00:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\winlogon.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 85 bytes -> C:\Documents and Settings\All Users\Pulpit:$SS_DESCRIPTOR_1VVTV9VTMVFBF1VJWVBH4P6XLVVVVVVVVVVVVVV
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >
Nie wiem o co chodzi, aczkolwiek chciałem mieć mniejszy ping. Na stronie:
http://www.cscenter.pl/baza_poradnikow_ … zania.html polecili mi, abym ściągnął program “hijackthis”, przeskanował oraz dodał tu nowy watek. czekam co dalej
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:52, on 2010-03-27
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Valve\hl.exe
D:\Programy instalki - N I E K A S O W A Ć\Programy\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= … =CT2233703
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = google.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh1.dll
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [egui] “C:\Program Files\ESET\ESET Smart Security\egui.exe” /hide /waitservice
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [4shared Update] “C:\Program Files\4shared Desktop\checkUpdate.exe”
O4 - HKLM…\Run: [svchost] C:\WINDOWS\svchost.exe
O4 - HKCU…\Run: [cdoosoft] C:\DOCUME~1\AMADEUSZ\USTAWI~1\Temp\herss.exe
O4 - HKCU…\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [4shared Desktop] “C:\Program Files\4shared Desktop\desktop.exe” “startup”
O4 - HKCU…\Run: [Gadu-Gadu 10] “C:\Program Files\Gadu-Gadu 10\gg.exe”
O4 - HKCU…\Run: [iPLA!] C:\Program Files\ipla\ipla.exe /autorun
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-19…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-20…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS.DEFAULT…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O4 - Startup: scvhost.exe
O4 - Startup: wucault.exe
O8 - Extra context menu item: Download all 4shared files - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: Download using 4shared Desktop - C:\Program Files\4shared Desktop\down_link.htm
O8 - Extra context menu item: Export to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: Eset Trial Reset (.EsetTrialReset) - Unknown owner - C:\WINDOWS\reset.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\AMADEUSZ\USTAWI~1\Temp\hpdj.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
–
End of file - 6416 bytes