Problem z internetem (wolno działa) (logi)

Szymo777 · 29 Styczeń 2012 17:57

Witam, otóż od paru dni mam problemy z internetem. Posiadam internet od neostardy 10mb/s, aczkolwiek na speedteście wychodzi mi 1.5/2 mb/s. Filmiki na youtube bardzo wolno się buferują, strony jako tako można przeglądać, ale za dużego komfortu nie można oczekiwać. Co może być przyczyną tego problemu ?

Tutaj umieszczam loga.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:51:20, on 2012-01-29

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

D:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Splashtop\Splashtop Connect\BackService.exe

C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\GIGABYTE\Smart6\Timelock\AlarmClock.exe

C:\Documents and Settings\Właściciel\Pulpit\Narzędzia\Inne\GammaAdjuster.exe

C:\Program Files\Ventrilo\Ventrilo.exe

C:\Program Files\Gadu-Gadu 10\gg.exe

C:\Program Files\Opera\Opera.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=121

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gazeta.pl/0,0.html?p=121

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: free-downloads.net - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Właściciel\Dane aplikacji\toolplugin\toolbar.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UpdateService\ISUSPM.exe -startup

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [STCAgent] "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Steam] "D:\Program Files\Valve\Steam\steam.exe" -silent

O4 - HKLM\..\Policies\Explorer\Run: [] 

O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [Recycle.Bin.exe] C:\Recycle.Bin\Recycle.Bin.exe (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')

O4 - Startup: Logitech . Rejestracja produktu.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe

O4 - Global Startup: Orbit.lnk = ?

O4 - Global Startup: SetPointII.lnk = ?

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted IP range: http://192.168.1.1

O15 - ESC Trusted IP range: http://192.168.1.1

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246438876720

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O20 - AppInit_DLLs: C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll 

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)

O23 - Service: Apache2 - Unknown owner - C:\plemiona\apache\bin\apache.exe (file missing)

O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - D:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe

O23 - Service: GenericMount Helper Service - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe (file missing)

O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: IS360service - Unknown owner - D:\Program Files\IObit\IObit Security 360\IS360srv.exe (file missing)

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Paragon System Backup Service - Unknown owner - D:\Program Files\Paragon Software\System Backup 2010 PC Format Edition\Program\dbhservice.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect\BackService.exe

O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: SymSnapService - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (file missing)

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: Ventrilo - Unknown owner - D:\Program Files\VentSrv\ventrilo_svc.exe (file missing)

O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe

O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe


--

End of file - 15228 bytes

Acorus · 29 Styczeń 2012 18:05

Pokaż logi z OTL otl-gmer-rsit-dss-inne-instrukcje-t370405.html

Pablo79 · 29 Styczeń 2012 18:27

No radziłby się skontaktować TP.SA, bo być może problem jest po ich stronie.

Szymo777 · 29 Styczeń 2012 18:33

Logi z OTL.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2012-01-26 23:02:13 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2011-12-09 22:19:37 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2011-10-16 14:22:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\dyska\OTL.exe

PRC - [2011-10-02 12:15:02 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe

PRC - [2011-08-15 16:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2011-08-15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2011-06-15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

PRC - [2011-03-24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe

PRC - [2011-03-09 10:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

PRC - [2011-03-09 10:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

PRC - [2011-03-09 10:09:54 | 003,986,944 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

PRC - [2011-03-09 10:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

PRC - [2010-11-15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe

PRC - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe

PRC - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010-07-22 00:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe

PRC - [2010-04-22 14:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files\GIGABYTE\SMART6\timelock\AlarmClock.exe

PRC - [2010-03-25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

PRC - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

PRC - [2009-12-04 11:48:42 | 001,719,568 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe

PRC - [2009-12-03 09:54:40 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe

PRC - [2009-11-09 04:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE

PRC - [2009-10-13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe

PRC - [2009-07-21 09:17:46 | 000,323,584 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint II\SetPointII.exe

PRC - [2009-07-10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe

PRC - [2008-08-29 17:27:30 | 000,143,360 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe

PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2003-12-22 15:36:14 | 000,561,152 | ---- | M] () -- C:\Program Files\Ventrilo\Ventrilo.exe

PRC - [2003-02-21 11:46:58 | 000,191,488 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Narzędzia\Inne\GammaAdjuster.exe



[color=#E56717]========== Modules (No Company Name) ==========[/color]


MOD - [2012-01-26 23:02:22 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll

MOD - [2012-01-26 23:02:22 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll

MOD - [2012-01-26 23:02:22 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll

MOD - [2012-01-26 23:02:22 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll

MOD - [2012-01-26 23:02:22 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll

MOD - [2012-01-26 23:02:21 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll

MOD - [2012-01-26 23:02:21 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll

MOD - [2012-01-26 23:02:21 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll

MOD - [2012-01-26 23:02:21 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll

MOD - [2012-01-26 23:02:21 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll

MOD - [2012-01-26 23:02:20 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll

MOD - [2012-01-26 23:02:20 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll

MOD - [2012-01-26 23:02:20 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll

MOD - [2011-10-12 16:19:13 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\8d18ece52d96bfd1204ef646cefc4680\System.Management.ni.dll

MOD - [2011-10-12 16:19:09 | 017,996,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8f98e8e2739c6887f5721b8482767479\System.ServiceModel.ni.dll

MOD - [2011-10-12 14:25:21 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\a0e090647c856fe52e1f1e5d2a25b1ac\System.ServiceProcess.ni.dll

MOD - [2011-10-12 14:25:21 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\96907044ee8b845f05d72805d100fb7e\System.Configuration.Install.ni.dll

MOD - [2011-10-12 14:25:11 | 000,770,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4188dcf65867be8c772c2e44082e51ca\System.Runtime.Remoting.ni.dll

MOD - [2011-10-12 14:25:10 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.ni.dll

MOD - [2011-10-12 14:25:10 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\a2baf116d3055aadb99b77e327a74907\System.EnterpriseServices.Wrapper.dll

MOD - [2011-10-12 14:25:09 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\344c1e000e4158cc37a5e9068e095d40\System.Transactions.ni.dll

MOD - [2011-10-12 14:25:01 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cfba497fc860b32b8d895f57bf148aa7\Microsoft.VisualC.ni.dll

MOD - [2011-10-12 14:21:35 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\494945003f729a5d6ec21324dff8c7b9\System.Data.ni.dll

MOD - [2011-10-12 14:21:29 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\52598abacb89081ab248f435d9dabdf4\System.Core.ni.dll

MOD - [2011-10-12 14:21:27 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\a401952384c24581989cdc85270f3d9d\System.Xml.ni.dll

MOD - [2011-10-12 14:21:24 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb7cfe8f0e8532f6381c22bf719a95dc\System.Configuration.ni.dll

MOD - [2011-10-12 14:21:22 | 009,085,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\af709611f9ffff0544b1d750303c4afa\System.ni.dll

MOD - [2011-10-12 14:21:17 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll

MOD - [2011-08-08 12:26:01 | 006,271,648 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MOD - [2011-03-27 21:11:04 | 000,094,208 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll

MOD - [2011-03-09 10:29:38 | 000,886,272 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll

MOD - [2011-03-09 10:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

MOD - [2011-03-09 10:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

MOD - [2010-11-04 08:51:44 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll

MOD - [2010-08-06 20:00:32 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll

MOD - [2010-07-22 00:25:18 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll

MOD - [2010-07-22 00:25:16 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll

MOD - [2010-07-22 00:25:14 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll

MOD - [2010-07-22 00:25:10 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll

MOD - [2010-07-22 00:25:08 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll

MOD - [2010-03-23 11:01:00 | 008,806,400 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll

MOD - [2010-03-19 08:34:20 | 013,545,472 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll

MOD - [2010-03-19 08:34:20 | 003,334,144 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXmlPatterns4.dll

MOD - [2010-03-19 08:34:20 | 002,400,256 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll

MOD - [2010-03-19 08:34:20 | 001,511,424 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll

MOD - [2010-03-19 08:34:20 | 001,036,288 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll

MOD - [2010-03-19 08:34:20 | 000,389,120 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll

MOD - [2010-03-19 08:34:20 | 000,323,584 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll

MOD - [2010-03-19 08:33:46 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll

MOD - [2010-03-19 08:33:46 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll

MOD - [2010-03-19 08:33:46 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll

MOD - [2010-03-19 08:33:46 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll

MOD - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe

MOD - [2009-09-23 15:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll

MOD - [2009-06-12 15:19:23 | 000,140,800 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll

MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL

MOD - [2008-04-14 18:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2003-12-22 15:36:14 | 000,561,152 | ---- | M] () -- C:\Program Files\Ventrilo\Ventrilo.exe

MOD - [2003-02-21 11:46:58 | 000,191,488 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Narzędzia\Inne\GammaAdjuster.exe



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - File not found [Auto | Stopped] -- -- (Ventrilo)

SRV - File not found [On_Demand | Stopped] -- -- (SymSnapService)

SRV - File not found [On_Demand | Stopped] -- -- (Paragon System Backup Service)

SRV - File not found [Auto | Stopped] -- -- (IS360service)

SRV - File not found [On_Demand | Stopped] -- -- (GenericMount Helper Service)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - File not found [Auto | Stopped] -- -- (Apache2)

SRV - [2011-12-09 22:19:37 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2011-08-15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2011-04-27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV - [2011-03-24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)

SRV - [2011-03-09 10:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)

SRV - [2011-03-09 10:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)

SRV - [2011-03-09 10:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)

SRV - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)

SRV - [2010-10-05 20:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010-10-05 20:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010-07-26 15:00:24 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)

SRV - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2009-10-13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009-08-24 20:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- D:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - [2012-01-29 11:55:26 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{92FC8DC8-90D7-4C1A-BE26-2C684054C101}\MpKslc9a54ee3.sys -- (MpKslc9a54ee3)

DRV - [2011-09-04 19:04:07 | 000,129,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DarkSpyKernel.sys -- (DarkSpy)

DRV - [2011-07-28 18:12:44 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVTDrv.sys -- (GVTDrv)

DRV - [2011-07-17 11:40:12 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)

DRV - [2011-07-14 21:26:12 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2011-07-09 16:16:47 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\etdrv.sys -- (etdrv)

DRV - [2011-07-06 18:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2011-04-18 11:10:56 | 000,812,448 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ESLWireACD.sys -- (ESLWireAC)

DRV - [2011-04-18 11:10:56 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)

DRV - [2011-03-07 10:22:00 | 000,052,992 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EtronXHCI.sys -- (EtronXHCI)

DRV - [2011-03-07 10:22:00 | 000,033,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EtronHub3.sys -- (EtronHub3)

DRV - [2011-02-17 17:06:10 | 000,111,152 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2011-02-16 15:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)

DRV - [2011-02-11 11:18:44 | 006,329,448 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2011-01-14 08:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2011-01-10 17:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AppleCharger.sys -- (AppleCharger)

DRV - [2010-12-14 04:54:12 | 000,036,384 | R--- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS -- (RTLTEAMING)

DRV - [2010-12-14 04:54:12 | 000,022,016 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys -- (RtNdPt5x)

DRV - [2010-12-14 04:54:12 | 000,017,536 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN)

DRV - [2010-09-21 08:59:02 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI) Intel(R)

DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)

DRV - [2009-11-18 00:17:00 | 001,395,800 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009-11-18 00:16:00 | 001,691,480 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009-11-12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009-11-09 04:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)

DRV - [2009-09-30 14:03:16 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)

DRV - [2009-09-30 14:03:16 | 000,034,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)

DRV - [2009-06-17 09:56:18 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009-06-17 09:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2009-06-17 09:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)

DRV - [2009-05-25 17:31:32 | 000,252,416 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)

DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-12-26 11:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV - [2008-09-24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2008-07-01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)

DRV - [2007-04-16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)

DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)

DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gazeta.pl/0,0.html?p=121


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=121

IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=121"

FF - prefs.js..network.proxy.type: 2


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2011-07-05 23:03:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2011-07-05 23:03:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2011-07-05 23:03:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-12-28 19:55:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins


[2011-12-28 19:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions

[2011-12-28 19:55:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011-12-21 09:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011-12-21 06:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2011-12-21 06:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2011-12-21 06:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2011-12-21 06:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2011-12-21 06:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2011-12-21 06:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml


[color=#E56717]========== Chrome ==========[/color]


CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}


O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()

O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Właściciel\Dane aplikacji\toolplugin\toolbar.dll ()

O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [STCAgent] "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe" File not found

O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)

O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)

O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKCU..\Run: [RMFon] File not found

O4 - HKCU..\Run: [Steam] D:\Program Files\Valve\Steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Orbit.lnk = File not found

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SetPointII.lnk = C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

O4 - Startup: C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\Logitech . Rejestracja produktu.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Zaufane witryny)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246438876720 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{696097C2-6F34-4F39-988B-0FE648ABED9A}: DhcpNameServer = 194.204.159.1 194.204.152.34

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{901C2705-5E7D-4807-976D-1D1418623AE0}: DhcpNameServer = 194.204.159.1 194.204.152.34 192.168.1.1

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - AppInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - No CLSID value found.

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Moje dokumenty\Moje obrazy\rajey-machesterunitedslideshowbyrajey408.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Moje dokumenty\Moje obrazy\rajey-machesterunitedslideshowbyrajey408.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-07-01 09:16:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O32 - AutoRun File - [2009-09-17 10:35:09 | 000,000,000 | ---D | M] - C:\Autorun -- [NTFS]

O32 - AutoRun File - [2011-11-12 19:53:38 | 000,000,089 | ---- | M] () - D:\AUTORUN.INF -- [NTFS]

O33 - MountPoints2\{14ec7620-2ac1-11df-bf52-000feaeca4b7}\Shell\AutoRun\command - "" = J:\fk.exe

O33 - MountPoints2\{14ec7620-2ac1-11df-bf52-000feaeca4b7}\Shell\open\Command - "" = J:\fk.exe

O33 - MountPoints2\{498d070f-a95c-11df-803b-000feaeca4b7}\Shell - "" = AutoRun

O33 - MountPoints2\{498d070f-a95c-11df-803b-000feaeca4b7}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a

O33 - MountPoints2\{880729d5-6625-11de-a351-806d6172696f}\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008-04-14 22:51:50 | 000,028,672 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{af28eec0-0d52-11e1-a652-00ff01000001}\Shell - "" = AutoRun

O33 - MountPoints2\{af28eec0-0d52-11e1-a652-00ff01000001}\Shell\AutoRun\command - "" = H:\autorun.exe

O33 - MountPoints2\{ce61cd41-6626-11de-8aec-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{ce61cd41-6626-11de-8aec-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2012-01-29 18:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Menu Start\Programy\HiJackThis

[2012-01-28 20:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\FILM ANGIELSKI

[2012-01-27 19:46:11 | 004,122,368 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys

[2012-01-27 19:46:11 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

[2012-01-27 19:46:09 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl

[2012-01-27 19:46:09 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe

[2012-01-27 19:44:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97

[2012-01-27 19:44:54 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe

[2012-01-27 19:44:54 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe

[2012-01-27 00:41:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Właściciel\Moje dokumenty\Moje źródła danych

[2012-01-20 21:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\tribute wars

[2012-01-20 20:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\plemiona

[2012-01-20 19:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Menu Start\Programy\Apache Friends

[2012-01-20 19:27:16 | 000,000,000 | ---D | C] -- C:\xampp

[2012-01-20 19:17:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Trible

[2012-01-05 21:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\plemiona

[2012-01-04 17:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Menu Start\Programy\ElcomSoft

[2012-01-04 17:34:18 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft

[2009-11-11 20:02:30 | 011,259,368 | ---- | C] (http://www.ojosoft.com ) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\total-video-converter.exe

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]

[2 C:\*.tmp files -> C:\*.tmp ->]


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2012-01-29 19:08:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-01-29 18:51:15 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk

[2012-01-29 12:05:26 | 000,089,539 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Sony Vegas Pro 9.0 (Chomik Maciejjjjj).rar

[2012-01-29 12:01:20 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-01-29 12:00:05 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2012-01-29 11:55:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-01-29 00:16:57 | 000,252,464 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012-01-29 00:16:57 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012-01-29 00:15:16 | 000,252,464 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012-01-28 20:39:33 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-01-28 20:35:32 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\Logitech . Rejestracja produktu.lnk

[2012-01-28 20:27:44 | 103,157,760 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\FILM.MTS

[2012-01-28 13:32:06 | 000,352,256 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\y.AVI

[2012-01-28 13:30:19 | 000,352,256 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\dfgdfg.AVI

[2012-01-28 13:20:48 | 001,237,234 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\VIDEO0030_xvid.avi

[2012-01-28 12:56:42 | 015,757,629 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\VIDEO0030.3gp

[2012-01-28 12:38:51 | 161,017,387 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\adobephotoshop7_wersja_TRIAL.zip

[2012-01-28 12:34:13 | 000,037,748 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\miecz1519131622szybkoscut8.jpg

[2012-01-26 23:52:28 | 000,480,874 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Tw2010.zip

[2012-01-24 22:40:19 | 006,182,768 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Chwytak vs. Czaki - Wjebię jej...mp3

[2012-01-23 19:54:15 | 000,064,202 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Comparing_Pictures.pdf

[2012-01-23 19:54:08 | 000,083,625 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\chairs.pdf

[2012-01-23 15:03:07 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-01-20 19:29:05 | 000,000,526 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\XAMPP Control Panel.lnk

[2012-01-19 14:35:37 | 000,601,744 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2012-01-19 14:35:37 | 000,535,592 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-01-19 14:35:37 | 000,128,384 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2012-01-19 14:35:37 | 000,101,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-01-15 22:19:17 | 000,315,392 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Baza danych2.accdb

[2012-01-15 21:23:50 | 001,212,416 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Majątek.accdb

[2012-01-15 21:23:02 | 000,307,200 | ---- | M] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Baza danych1.accdb

[2012-01-08 20:52:01 | 028,085,362 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\blsnsk.xps

[2012-01-05 19:11:56 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI

[2012-01-04 10:26:22 | 000,236,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]

[2 C:\*.tmp files -> C:\*.tmp ->]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2012-01-29 18:51:05 | 000,002,459 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\HiJackThis.lnk

[2012-01-28 20:37:02 | 103,157,760 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\FILM.MTS

[2012-01-28 20:35:32 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\Logitech . Rejestracja produktu.lnk

[2012-01-28 20:22:41 | 000,089,539 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Sony Vegas Pro 9.0 (Chomik Maciejjjjj).rar

[2012-01-28 13:32:01 | 000,352,256 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\y.AVI

[2012-01-28 13:30:13 | 000,352,256 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\dfgdfg.AVI

[2012-01-28 13:20:44 | 001,237,234 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\VIDEO0030_xvid.avi

[2012-01-28 13:18:39 | 015,757,629 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\VIDEO0030.3gp

[2012-01-28 12:34:13 | 000,037,748 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\miecz1519131622szybkoscut8.jpg

[2012-01-28 12:28:52 | 161,017,387 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\adobephotoshop7_wersja_TRIAL.zip

[2012-01-27 19:46:11 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2012-01-27 19:46:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012-01-27 19:46:09 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav

[2012-01-26 23:52:28 | 000,480,874 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Tw2010.zip

[2012-01-24 22:40:14 | 006,182,768 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Chwytak vs. Czaki - Wjebię jej...mp3

[2012-01-23 19:54:15 | 000,064,202 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Comparing_Pictures.pdf

[2012-01-23 19:54:08 | 000,083,625 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\chairs.pdf

[2012-01-21 22:37:34 | 000,001,683 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Ustawienia urządzenia.lnk

[2012-01-20 20:05:42 | 063,484,166 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\AiOn.zip

[2012-01-20 19:29:05 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\XAMPP Control Panel.lnk

[2012-01-15 21:57:13 | 000,315,392 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Baza danych2.accdb

[2012-01-15 21:23:29 | 001,212,416 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Majątek.accdb

[2012-01-15 21:02:40 | 000,307,200 | ---- | C] () -- C:\Documents and Settings\Właściciel\Moje dokumenty\Baza danych1.accdb

[2012-01-08 20:51:12 | 028,085,362 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\blsnsk.xps

[2012-01-05 19:10:58 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011-11-05 13:52:26 | 000,087,040 | ---- | C] () -- C:\WINDOWS\UnGins.exe

[2011-10-29 17:57:11 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2011-09-05 13:58:53 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011-09-04 19:04:03 | 000,129,536 | ---- | C] () -- C:\WINDOWS\System32\DarkSpyKernel.sys

[2011-08-27 11:52:50 | 000,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2011-08-27 11:52:50 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\PnkBstrK.sys

[2011-08-27 11:52:32 | 000,234,536 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe

[2011-08-27 11:52:29 | 002,250,024 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe

[2011-08-27 11:52:29 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe

[2011-08-01 15:21:00 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini

[2011-07-28 18:56:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\{92318B4F-F8D6-4B79-AB34-5DC71AC3057E}

[2011-07-28 18:56:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\{7D5347D4-5377-4700-B4C2-50EB973E9833}

[2011-07-17 11:54:30 | 000,332,326 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-2052111302-706699826-725345543-1003-0.dat

[2011-07-17 11:54:29 | 000,332,326 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat

[2011-07-13 13:44:08 | 000,001,005 | ---- | C] () -- C:\WINDOWS\eReg.dat

[2011-07-12 22:46:19 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI

[2011-07-12 14:14:02 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\PUTTY.RND

[2011-07-05 23:06:31 | 000,031,272 | ---- | C] () -- C:\WINDOWS\System32\AppleChargerSrv.exe

[2011-07-05 23:06:31 | 000,018,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\AppleCharger.sys

[2011-07-05 23:06:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\IntelMEFWVer.dll

[2011-07-05 23:05:22 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2011-07-05 23:01:40 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe

[2011-07-05 23:01:40 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini

[2011-07-05 18:09:00 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys

[2011-06-15 01:50:32 | 000,544,336 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2011-06-14 17:28:16 | 000,215,144 | R--- | C] () -- C:\WINDOWS\patchw32.dll

[2011-06-14 17:26:57 | 000,215,144 | R--- | C] () -- C:\WINDOWS\pw32a.dll

[2011-05-07 12:03:19 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe

[2011-03-31 19:51:56 | 000,219,046 | ---- | C] () -- C:\WINDOWS\uninstall XP Icon Wars by Lady Di.exe

[2011-02-18 16:29:48 | 000,007,680 | ---- | C] () -- C:\WINDOWS\2810046.exe

[2011-02-18 16:29:48 | 000,000,004 | ---- | C] () -- C:\WINDOWS\2810046.dat

[2011-02-16 22:40:35 | 000,000,004 | ---- | C] () -- C:\WINDOWS\7692921.dat

[2011-02-16 18:30:24 | 000,000,004 | ---- | C] () -- C:\WINDOWS\7887328.dat

[2011-02-13 23:11:04 | 000,007,680 | ---- | C] () -- C:\WINDOWS\562203.exe

[2011-02-13 23:11:04 | 000,000,004 | ---- | C] () -- C:\WINDOWS\562203.dat

[2011-02-13 14:45:32 | 000,007,680 | ---- | C] () -- C:\WINDOWS\5866046.exe

[2011-02-13 14:45:32 | 000,000,004 | ---- | C] () -- C:\WINDOWS\5866046.dat

[2010-12-01 21:05:35 | 000,000,004 | ---- | C] () -- C:\WINDOWS\1066093.dat

[2010-12-01 20:47:24 | 000,000,004 | ---- | C] () -- C:\WINDOWS\28956718.dat

[2010-11-12 22:49:09 | 000,007,680 | ---- | C] () -- C:\WINDOWS\13633453.exe

[2010-11-12 22:49:09 | 000,000,004 | ---- | C] () -- C:\WINDOWS\13633453.dat

[2010-11-09 17:44:49 | 000,007,680 | ---- | C] () -- C:\WINDOWS\11765359.exe

[2010-11-09 17:44:49 | 000,000,004 | ---- | C] () -- C:\WINDOWS\11765359.dat

[2010-11-08 23:15:33 | 000,007,680 | ---- | C] () -- C:\WINDOWS\21896312.exe

[2010-11-08 23:15:33 | 000,000,004 | ---- | C] () -- C:\WINDOWS\21896312.dat

[2010-11-07 22:26:30 | 000,007,680 | ---- | C] () -- C:\WINDOWS\21868250.exe

[2010-11-07 22:26:30 | 000,000,004 | ---- | C] () -- C:\WINDOWS\21868250.dat

[2010-08-27 21:10:48 | 000,252,464 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2010-08-27 21:10:44 | 000,252,464 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2010-08-27 21:10:44 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010-08-15 21:44:26 | 000,001,079 | ---- | C] () -- C:\WINDOWS\checkip.dat

[2010-08-01 13:34:08 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2010-07-24 11:23:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\fkdzgq.sys

[2010-07-24 11:23:52 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\hwzypv.dat

[2010-07-23 18:38:31 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\hwzypv.dat

[2010-06-10 22:35:10 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010-06-04 10:57:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010-05-21 17:21:23 | 000,001,901 | ---- | C] () -- C:\WINDOWS\panose.bin

[2010-05-21 17:11:54 | 000,042,483 | ---- | C] () -- C:\WINDOWS\ICCCODES.DAT

[2010-05-21 17:11:54 | 000,039,095 | ---- | C] () -- C:\WINDOWS\Iccsigs.dat

[2010-05-21 17:11:54 | 000,000,156 | ---- | C] () -- C:\WINDOWS\KPCMS.INI

[2010-05-21 17:11:09 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL

[2010-02-07 16:46:59 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini

[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2010-01-25 12:31:22 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-01-25 12:31:22 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010-01-25 12:31:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2010-01-25 12:31:13 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-11-13 18:28:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2009-11-13 17:31:22 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\apexchanger.exe

[2009-11-13 17:31:22 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\apex3gp.exe

[2009-11-13 17:31:21 | 004,755,968 | ---- | C] () -- C:\WINDOWS\System32\apexconverter.exe

[2009-11-13 17:31:19 | 003,138,048 | ---- | C] () -- C:\WINDOWS\System32\apexxbox.exe

[2009-11-13 17:31:19 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\AddiTunes.exe

[2009-11-13 17:31:18 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll

[2009-11-13 17:31:18 | 000,005,028 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_3GP2_AAC.ini

[2009-11-13 17:31:18 | 000,004,296 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_Zune.ini

[2009-11-13 17:31:18 | 000,002,175 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_iPhone.ini

[2009-11-13 17:31:18 | 000,001,739 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_AppleTV.ini

[2009-11-13 17:31:18 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\INI_Add_mfra.ini

[2009-11-13 17:31:17 | 000,007,196 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_3GP_AAC.ini

[2009-11-13 17:31:17 | 000,006,490 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_PSP.ini

[2009-11-13 17:31:17 | 000,003,045 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_iPod.ini

[2009-11-13 17:31:17 | 000,002,956 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_PMP.ini

[2009-11-13 17:31:17 | 000,002,910 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_3GP_AMR.ini

[2009-11-13 17:31:17 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_PPC.ini

[2009-11-13 17:31:17 | 000,001,964 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP2_QVGA_AAC.ini

[2009-11-13 17:31:17 | 000,001,964 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP2_QCIF_AAC.ini

[2009-11-13 17:31:17 | 000,001,878 | ---- | C] () -- C:\WINDOWS\System32\INI_Pro_Xbox.ini

[2009-11-13 17:31:17 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP_QVGA_AMR.ini

[2009-11-13 17:31:17 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP_QVGA_AAC.ini

[2009-11-13 17:31:17 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP_QCIF_AMR.ini

[2009-11-13 17:31:17 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\INI_QT_3GPP_QCIF_AAC.ini

[2009-11-13 17:31:06 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2009-11-11 20:21:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\wklnhst.dat

[2009-11-06 21:03:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

[2009-10-24 23:13:39 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-10-03 09:50:19 | 000,000,030 | ---- | C] () -- C:\WINDOWS\rav.ini

[2009-09-26 19:33:00 | 000,000,070 | ---- | C] () -- C:\WINDOWS\TweakExplorerSettings.ini

[2009-09-01 23:00:29 | 000,000,234 | ---- | C] () -- C:\WINDOWS\AWS.ini

[2009-09-01 20:35:07 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2009-08-08 16:03:48 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_findrunrobot_InstallInfo.dat

[2009-08-08 16:03:48 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DonationCoder_findrunrobot_InstallInfo.dat

[2009-07-02 14:02:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys

[2009-07-01 11:07:26 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009-07-01 11:06:22 | 000,307,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-07-01 10:17:10 | 000,249,344 | ---- | C] () -- C:\WINDOWS\System32\NvRaidMan.exe

[2009-07-01 10:17:10 | 000,223,232 | ---- | C] () -- C:\WINDOWS\System32\nvsataconnection.exe

[2009-07-01 09:18:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009-07-01 09:14:49 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009-06-10 17:33:00 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2008-05-12 20:40:40 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AudioConverter.dll

[2008-04-14 18:18:19 | 000,076,288 | ---- | C] () -- C:\WINDOWS\System32\uniime.dll

[2008-02-29 05:14:04 | 000,223,744 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll

[2006-11-02 16:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe

[2006-03-02 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006-03-02 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006-03-02 12:00:00 | 000,601,744 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat

[2006-03-02 12:00:00 | 000,535,592 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006-03-02 12:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat

[2006-03-02 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006-03-02 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006-03-02 12:00:00 | 000,128,384 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat

[2006-03-02 12:00:00 | 000,101,566 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006-03-02 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006-03-02 12:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat

[2006-03-02 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006-03-02 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006-03-02 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006-03-02 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006-03-02 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005-11-06 00:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe

[2005-05-17 21:37:10 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe

[2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe

[2002-09-10 16:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll

[2002-07-19 17:48:22 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe

[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys


[color=#E56717]========== Alternate Data Streams ==========[/color]


@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5C321E34

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CF778051

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

09

Acorus · 29 Styczeń 2012 19:22

Gdzie log extras?

Logi wrzuć na wklej.org

Szymo777 · 29 Styczeń 2012 21:45

http://wklej.org/id/678399/

Acorus · 30 Styczeń 2012 08:37

Odinstaluj DAEMON Tools Toolbar,free-downloads.net Toolbar,Windows Searchqu Toolbar,Toolpugin,Search core for Browsers.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL SRV - File not found [Auto | Stopped] – -- (Ventrilo) SRV - File not found [On_Demand | Stopped] – -- (SymSnapService) SRV - File not found [On_Demand | Stopped] – -- (Paragon System Backup Service) SRV - File not found [Auto | Stopped] – -- (IS360service) SRV - File not found [On_Demand | Stopped] – -- (GenericMount Helper Service) SRV - File not found [Auto | Stopped] – -- (Apache2) IE - HKCU…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM…\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM…\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Właściciel\Dane aplikacji\toolplugin\toolbar.dll () O3 - HKLM…\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU…\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll (Conduit Ltd.) O4 - HKLM…\Run: [DATAMNGR] C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM…\Run: [sTCAgent] “C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe” File not found O4 - HKCU…\Run: [RMFon] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Orbit.lnk = File not found O20 - AppInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc) [2012-01-29 12:00:05 | 000,000,424 | -H-- | M] () – C:\WINDOWS\tasks\MP Scheduled Scan.job :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp]

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

Szymo777 · 30 Styczeń 2012 19:14

All processes killed

========== OTL ==========

Service Ventrilo stopped successfully!

Service Ventrilo deleted successfully!

Service SymSnapService stopped successfully!

Service SymSnapService deleted successfully!

Service Paragon System Backup Service stopped successfully!

Service Paragon System Backup Service deleted successfully!

Service IS360service stopped successfully!

Service IS360service deleted successfully!

Service GenericMount Helper Service stopped successfully!

Service GenericMount Helper Service deleted successfully!

Service Apache2 stopped successfully!

Service Apache2 deleted successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ecdee021-0d17-467f-a1ff-c7a115230949} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.

File C:\Program Files\free-downloads.net\prxtbfre0.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

File C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.

File C:\Program Files\free-downloads.net\prxtbfre0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.

File C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ deleted successfully.

C:\Documents and Settings\Właściciel\Dane aplikacji\toolplugin\toolbar.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ecdee021-0d17-467f-a1ff-c7a115230949} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.

File downloads.net\prxtbfre0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}\ not found.

File downloads.net\prxtbfre0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.

File C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\STCAgent deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RMFon deleted successfully.

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Orbit.lnk moved successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll deleted successfully.

File pInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll deleted successfully.

File pInit_DLLs: (C:\PROGRA~1\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll not found.

C:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.

========== COMMANDS ==========


[EMPTYTEMP]


User: All Users


User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33184 bytes


User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 361540 bytes


User: NetworkService

->Temp folder emptied: 844016 bytes

->Temporary Internet Files folder emptied: 33170 bytes


User: Wlasciciel


User: Właściciel

->Temp folder emptied: 13305064 bytes

->Temporary Internet Files folder emptied: 10703324 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 16484201 bytes

->Google Chrome cache emptied: 6432662 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 1435 bytes


%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2342366 bytes

%systemroot%\System32 .tmp files removed: 3224196 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4141480 bytes

RecycleBin emptied: 7229497890 bytes


Total Files Cleaned = 6 950,00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 01302012_200512


Files\Folders moved on Reboot...


Registry entries deleted on Reboot...

Acorus · 31 Styczeń 2012 08:02

W OTL użyj opcji Sprzątanie.Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte … 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.