Niepoprawny obraz systemu windows

fudzi111 · 11 Marzec 2012 11:50

Witam. Mam problem z jedną aplikacją pobraną z internetu, otóż przy próbie uruchomienia wyświetla się komunikat “Aplikacja lub biblioteka DLL C:\Program Files\Pando Networks\Media Booster\BugSplat.dll nie jest poprawnym obrazem systemu Windows NT”. Próbowałem sam ale nie udało mi się tego naprawić. Podaje logi z Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:46:18, on 2012-03-11

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17108)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\WINDOWS\TBPanel.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Brother\ControlCenter2\brctrcen.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe

C:\Program Files\Gadu-Gadu 10\gg.exe

C:\Program Files\RALINK\Common\RaUI.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe

C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/ins/ins_1331464660_579265

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/ins/ins_1331464660_579265

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/ins/ins_1331464660_579265

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/ins/ins_1331464660_579265

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: IncrediMail MediaBar 2 - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: free-downloads.net - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll

O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll

O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)

O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll

O3 - Toolbar: IncrediMail MediaBar 2 Toolbar - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [trustGTX14] "C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [GameXN (update)] "C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe" /u

O4 - HKCU\..\Run: [GameXN (news)] "C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe" /n

O4 - HKCU\..\Run: [GameXN] "C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe" /silent

O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: LOLRecorder.lnk = D:\LOLReplay\LOLRecorder.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe

O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - 

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Program Files\RadioBar\toolbar.ni.dll

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Game Mouse Communication And Update Service V1 (KmGameMouseServiceV1) - UASSOFT.COM - C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

Z góry dzięki za pomoc .

Marcin1025 · 11 Marzec 2012 13:48

Zainstaluj Internet Explorer 8 i daj logi OTL

fudzi111 · 11 Marzec 2012 15:34

Oto i one:

OTL logfile created on: 2012-03-11 16:28:14 - Run 1

OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


2,00 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,22% Memory free

3,85 Gb Paging File | 3,08 Gb Available in Paging File | 80,12% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 58,59 Gb Total Space | 5,87 Gb Free Space | 10,03% Space Free | Partition Type: NTFS

Drive D: | 239,49 Gb Total Space | 21,30 Gb Free Space | 8,89% Space Free | Partition Type: NTFS

Drive E: | 591,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS


Computer Name: DOMOWY | User Name: Dom | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2012-03-11 16:27:34 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2012-03-09 19:09:23 | 003,089,488 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe

PRC - [2012-02-16 16:14:20 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011-09-17 17:48:48 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe

PRC - [2011-08-15 16:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2011-08-15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

PRC - [2009-12-21 14:49:02 | 011,850,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe

PRC - [2009-12-21 13:31:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe

PRC - [2009-07-08 13:16:05 | 000,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe

PRC - [2009-06-05 09:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe

PRC - [2009-05-19 16:22:14 | 000,361,472 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe

PRC - [2009-05-18 04:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe

PRC - [2008-05-29 19:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe

PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-11-27 07:34:58 | 002,189,864 | ---- | M] (Gainward Co.) -- C:\WINDOWS\TBPanel.exe

PRC - [2007-10-16 10:35:42 | 000,626,176 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

PRC - [2007-09-06 10:19:14 | 001,426,432 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

PRC - [2007-05-15 14:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

PRC - [2007-04-09 09:49:30 | 000,667,648 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe

PRC - [2005-05-17 16:42:32 | 000,933,888 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe



[color=#E56717]========== Modules (No Company Name) ==========[/color]


MOD - [2012-03-09 19:09:23 | 003,089,488 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe

MOD - [2012-02-16 16:14:20 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2009-12-21 13:31:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe

MOD - [2009-12-16 21:05:00 | 000,212,992 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll

MOD - [2009-12-16 21:05:00 | 000,023,040 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll

MOD - [2009-12-16 21:05:00 | 000,012,800 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll

MOD - [2009-12-16 21:04:58 | 000,352,256 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll

MOD - [2009-12-16 21:04:58 | 000,118,784 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll

MOD - [2009-09-23 15:05:02 | 000,970,752 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll

MOD - [2009-09-23 15:04:58 | 002,195,456 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll

MOD - [2009-09-23 15:04:56 | 011,677,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll

MOD - [2009-09-23 15:04:56 | 000,774,144 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll

MOD - [2009-09-23 15:04:52 | 008,024,064 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll

MOD - [2009-09-23 15:04:50 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll

MOD - [2009-09-23 15:04:50 | 000,299,008 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll

MOD - [2009-09-23 15:04:14 | 000,303,104 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll

MOD - [2009-09-23 15:04:14 | 000,018,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll

MOD - [2009-09-23 15:04:12 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll

MOD - [2009-09-23 15:04:12 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll

MOD - [2009-09-23 15:04:12 | 000,023,552 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll

MOD - [2009-09-23 15:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll

MOD - [2009-06-05 09:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe

MOD - [2009-03-02 06:45:58 | 000,042,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\MouseHook.dll

MOD - [2009-02-03 03:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MOD - [2008-09-02 15:05:48 | 000,398,776 | ---- | M] () -- C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

MOD - [2008-04-14 21:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2007-11-28 08:51:05 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll

MOD - [2007-10-16 10:35:42 | 000,626,176 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

MOD - [2007-09-06 10:19:14 | 001,426,432 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

MOD - [2007-08-16 21:40:58 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.dll

MOD - [2007-03-29 06:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\keydll.dll

MOD - [2007-01-31 03:56:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\TBPanelExt.dll

MOD - [2006-07-12 13:36:36 | 001,167,360 | ---- | M] () -- C:\Program Files\RALINK\Common\acAuth.dll

MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\WINDOWS\TBManage.dll



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011-08-15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2009-05-18 04:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe -- (KmGameMouseServiceV1)

SRV - [2007-05-15 14:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az0l3mvs)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1mfo6gs)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1gg4syl)

DRV - [2011-11-09 19:23:06 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009-12-25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009-09-23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2009-09-01 15:40:16 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2009-06-10 18:00:54 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RPGMOUSEV1.sys -- (KMWDFilterV1)

DRV - [2007-12-06 08:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)

DRV - [2007-05-15 14:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)

DRV - [2007-05-15 14:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)

DRV - [2007-05-15 14:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)

DRV - [2007-05-15 14:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)

DRV - [2007-03-21 09:54:50 | 000,464,256 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)

DRV - [2007-03-16 03:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)

DRV - [2007-03-16 03:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)

DRV - [2007-03-01 09:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2007-01-16 12:56:52 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)

DRV - [2006-10-18 20:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)

DRV - [2004-08-13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2004-06-26 12:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)

DRV - [2004-06-26 12:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/ins/ins_1331464660_579265

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/ins/ins_1331464660_579265

IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/ins/ins_1331464660_579265

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640

IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=&apn_uid=16DFE164-9F75-4022-B6E8-76F7E4D8A4D5&apn_sauid=9D632035-F1BD-4909-A3AF-08422A120360

IE - HKCU\..\SearchScopes\{459248C7-0832-4EA5-9730-93A0856F57EA}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKCU\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640

IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q={searchTerms}&crm=1

IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92260322250058089

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.google.pl/"

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.8.0.99999

FF - prefs.js..extensions.enabledItems: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}:2.0.0.54356

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.2

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198



FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-07 19:34:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-02 19:26:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\components [2012-03-07 19:14:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\plugins


[2008-07-04 14:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions

[2012-03-11 11:53:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\extensions

[2008-07-10 19:54:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2012-03-07 12:05:23 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}

[2012-03-11 11:53:48 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\extensions\plugin@yontoo.com

[2012-02-01 21:15:34 | 000,000,000 | ---D | M] ("PandoraTV Toolbar") -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\extensions\toolbar@ask.com

[2009-07-08 14:35:19 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\searchplugins\ask.xml

[2011-09-29 19:48:03 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\searchplugins\askcom.xml

[2011-11-04 18:40:05 | 000,002,207 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\vlfy3mf2.default\searchplugins\MyStart Search.xml

[2012-03-07 19:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2008-11-28 21:55:25 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}

() (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\VLFY3MF2.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

() (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\VLFY3MF2.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI

[2012-02-16 16:14:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2010-05-18 13:39:58 | 000,873,976 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPCARDS.dll

[2012-02-16 12:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-02-16 12:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-02-16 12:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-02-16 12:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-02-16 12:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-02-16 12:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml


O1 HOSTS File: ([2010-03-02 23:21:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll (Conduit Ltd.)

O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.

O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)

O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc2.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()

O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe ()

O4 - HKLM..\Run: [CPU Power Monitor] C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe ()

O4 - HKLM..\Run: [Gainward] C:\WINDOWS\TBPanel.exe (Gainward Co.)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [trustGTX14] C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()

O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKCU..\Run: [GameXN] C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKCU..\Run: [GameXN (news)] C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKCU..\Run: [GameXN (update)] C:\Documents and Settings\All Users\Dane aplikacji\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\LOLRecorder.lnk = D:\LOLReplay\LOLRecorder.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA673526-9873-4EA9-9D84-882E49364D40}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-07-04 13:57:38 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O32 - AutoRun File - [2002-11-25 01:28:38 | 000,024,576 | R--- | M] () - E:\AutoRunMorrowind.exe -- [CDFS]

O32 - AutoRun File - [2002-11-25 01:22:28 | 000,000,157 | R--- | M] () - E:\autorun.inf -- [CDFS]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2012-03-11 16:27:28 | 017,037,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dom\Pulpit\IE8-WindowsXP-x86-PLK.exe

[2012-03-11 12:36:18 | 000,000,000 | --SD | C] -- C:\ComboFix

[2012-03-11 12:35:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012-03-11 12:35:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012-03-11 12:35:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012-03-11 12:35:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012-03-11 11:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo

[2012-03-11 11:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2012-03-11 11:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Menu Start\Programy\HiJackThis

[2012-03-11 11:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer

[2012-03-11 11:53:18 | 001,418,152 | ---- | C] (Alactro LLC) -- C:\Documents and Settings\Dom\Pulpit\ezLookerSilent_DDD_FTT_BG_BD_BVD.exe

[2012-03-09 19:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files

[2012-03-07 19:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Opera

[2012-03-07 19:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\Opera

[2012-03-07 19:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Opera Next

[2012-03-07 19:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\v9Soft

[2012-03-04 13:13:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\RPG

[2012-02-13 12:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Multimedia mobilNET

[2012-02-13 12:30:12 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys

[2012-02-13 12:30:12 | 000,102,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys

[2012-02-13 12:30:12 | 000,100,480 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys

[2012-02-13 12:30:12 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys

[2012-02-13 12:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia mobilNET

[42 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]

[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp ->]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2012-03-11 16:29:32 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI

[2012-03-11 16:27:28 | 017,037,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dom\Pulpit\IE8-WindowsXP-x86-PLK.exe

[2012-03-11 14:53:03 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-03-11 14:46:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2012-03-11 14:42:29 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\HiJackThis.lnk

[2012-03-11 12:39:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2012-03-11 12:39:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-03-11 12:38:40 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT

[2012-03-11 12:38:40 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini

[2012-03-11 11:53:38 | 001,418,152 | ---- | M] (Alactro LLC) -- C:\Documents and Settings\Dom\Pulpit\ezLookerSilent_DDD_FTT_BG_BD_BVD.exe

[2012-03-11 11:53:27 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\HiJackThis.msi

[2012-03-11 11:47:19 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012-03-11 00:40:41 | 004,241,580 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2012-03-08 19:50:46 | 000,152,576 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-03-07 19:34:56 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2012-03-07 19:09:05 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\Dom\SI.bin

[2012-02-27 20:03:43 | 000,001,241 | ---- | M] () -- C:\WINDOWS\WINCMD.INI

[2012-02-17 16:19:20 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-02-16 22:28:27 | 001,072,160 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2012-02-16 22:28:27 | 000,500,738 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2012-02-16 22:28:27 | 000,441,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-02-16 22:28:27 | 000,089,274 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2012-02-16 22:28:27 | 000,071,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-02-16 22:24:51 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012-02-13 12:30:16 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Multimedia mobilNET.lnk

[2012-02-13 12:29:29 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\Dom\.recently-used.xbel

[42 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]

[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp ->]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2012-03-11 12:35:22 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012-03-11 12:35:22 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012-03-11 12:35:22 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012-03-11 12:35:22 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012-03-11 12:35:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012-03-11 11:53:47 | 000,002,439 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\HiJackThis.lnk

[2012-03-11 11:53:18 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\HiJackThis.msi

[2012-03-07 19:34:56 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk

[2012-03-07 19:28:23 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera Next.lnk

[2012-03-07 19:09:05 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Dom\SI.bin

[2012-02-16 16:38:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-16 16:38:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012-02-13 12:30:16 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Multimedia mobilNET.lnk

[2012-02-13 12:29:29 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\Dom\.recently-used.xbel

[2011-09-07 10:29:26 | 000,027,736 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2010-08-29 21:21:28 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc-1037709799.bin


[color=#E56717]========== Alternate Data Streams ==========[/color]


@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:61435A52

Marcin1025 · 11 Marzec 2012 15:56

odinstaluj toolbary i pełny skan malwarebytes

– Dodane 11.03.2012 (N) 16:56 –

odinstaluj toolbary i pełny skan Malwarebytes

fudzi111 · 11 Marzec 2012 17:56

Prosze bardzo :

Malwarebytes Anti-Malware (Okres testowy) 1.60.1.1000

www.malwarebytes.org


Wersja bazy: v2012.03.11.08


Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Dom :: DOMOWY [administrator]


Ochrona: Włączona


2012-03-11 17:11:41

mbam-log-2012-03-11 (18-54-51).txt


Typ skanowania: Pełne skanowanie

Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM

Odznaczone opcje skanowania: P2P

Przeskanowano obiektów: 368212

Upłynęło: 1 godzin(y), 5 minut(y), 55 sekund(y)


Wykrytych procesów w pamięci: 0

(Nie znaleziono zagrożeń)


Wykrytych modułów w pamięci: 0

(Nie znaleziono zagrożeń)


Wykrytych kluczy rejestru: 3

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37B85A21-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Nie wykonano akcji.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37B85A29-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Nie wykonano akcji.

HKCU\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Nie wykonano akcji.


Wykrytych wartości rejestru: 4

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{37B85A29-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Data: )Z¸7+iBś&&ä™4 -> Nie wykonano akcji.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{37B85A29-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Data: -> Nie wykonano akcji.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37B85A29-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Data: -> Nie wykonano akcji.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{37B85A29-692B-4205-9CAD-2626E4993404} (PUP.MyWebSearch) -> Data: -> Nie wykonano akcji.


Wykryte wpisy rejestru systemowego: 0

(Nie znaleziono zagrożeń)


wykrytych folderów: 0

(Nie znaleziono zagrożeń)


Wykrytych plików: 4

C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie\FLVPlayerSetup.exe (Adware.Agent) -> Nie wykonano akcji.

C:\Documents and Settings\Dom\Pulpit\Ragdoll Masters\Patch.exe (Trojan.Bancos) -> Nie wykonano akcji.

C:\Documents and Settings\Dom\Ustawienia lokalne\temp\ICReinstall\FLVPlayerSetup.exe (Adware.Agent) -> Nie wykonano akcji.

C:\Documents and Settings\Dom\Ustawienia lokalne\temp\12080984.Uninstall\Uninstall.exe (Adware.Agent) -> Nie wykonano akcji.


(zakończone)