Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Sprawdzenie logów | zabezpieczenie przed ponownym hackiem • programosy.pl
Aktualizacje na programosy.pl: Mozilla FirefoxLTspiceMP3jamVivaldi PortableVivaldiLoom – Video Recorder for ChromeChasys PhotoTapinRadio PortableTapinRadio  

  • Ogłoszenie:

Sprawdzenie logów | zabezpieczenie przed ponownym hackiem

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Sprawdzenie logów | zabezpieczenie przed ponownym hackiem

Postprzez Kichachi 24 Lip 2009, 22:13

reklama
Ostatnio shackowali mnie w grze i mysle ze to przez keylogger bo haslo mam baardzo silne i raczej nie do zlamania :)
Dlatego zrobilem logi tylko ze nie mam pojecia co z tym zrobic xDD
HiJackThis
Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:45, on 2009-07-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Mouse\Amoumain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Programy\Gadu-Gadu\gg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OSCAR Editor\OscarEditor.exe
c:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\notepad.exe
D:\Programy\Opera\opera.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ogamenet.net/javaChat.php?game=metin2&cc=pl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 127
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Programy\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Twoje TVN24] "C:\Program Files\Pasek TVN24\tvn-ustawienia.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = D:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\apachefriends\service.exe (file missing)

--
End of file - 9649 bytes




A oto skan z OTL


Kod: Zaznacz wszystko
OTL logfile created on: 2009-07-24 22:02:12 - Run 1
OTL by OldTimer - Version 3.0.10.2     Folder = C:\Documents and Settings\User\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,42 Mb Total Physical Memory | 422,88 Mb Available Physical Memory | 41,36% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,63% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 2,29 Gb Free Space | 6,69% Space Free | Partition Type: NTFS
Drive D: | 40,32 Gb Total Space | 10,75 Gb Free Space | 26,67% Space Free | Partition Type: NTFS
Drive E: | 494,24 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-63A80FD082
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2006-11-29 04:45:06 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2006-11-29 04:45:06 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2004-01-14 15:21:00 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2004-01-14 15:21:00 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2007-10-11 09:45:56 | 00,051,712 | ---- | M] (ArcSoft) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008-12-16 22:36:22 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-11-10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2009-01-04 11:18:37 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2009-06-15 14:42:22 | 00,201,440 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe
PRC - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2004-08-04 01:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2006-09-12 10:58:14 | 16,264,192 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2005-07-19 17:32:18 | 00,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\LVCOMSX.EXE
PRC - [2007-04-19 10:30:02 | 00,237,568 | ---- | M] () -- C:\Program Files\Mouse\Amoumain.exe
PRC - [2009-02-05 23:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2007-10-11 09:45:52 | 00,031,232 | ---- | M] (ArcSoft) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2006-09-25 09:12:20 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
PRC - [2008-11-10 06:43:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2002-12-16 17:51:24 | 00,036,864 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
PRC - [2008-07-30 13:52:37 | 02,865,152 | ---- | M] () -- C:\Program Files\OSCAR Editor\OscarEditor.exe
PRC - [2001-05-06 12:14:22 | 00,020,549 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
PRC - [2006-05-21 09:43:08 | 00,180,224 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
PRC - [2006-05-21 09:43:14 | 00,155,648 | ---- | M] (Y'z@Home) -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
PRC - [2007-12-12 10:29:48 | 00,323,584 | ---- | M] (TODO: A4 Tech) -- C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe
PRC - [2006-09-25 09:12:20 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
PRC - [2006-09-25 09:12:20 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
PRC - [2004-08-04 01:44:20 | 00,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-10-17 11:16:22 | 00,098,816 | ---- | M] (Opera Software) -- D:\Programy\Opera\opera.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Programy\Gadu-Gadu\gg.exe
PRC - [2009-07-24 22:00:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2007-10-11 09:45:56 | 00,051,712 | ---- | M] (ArcSoft) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
SRV - [2008-06-14 19:02:12 | 00,017,408 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\apache.exe -- (Apache2.2 [Auto | Stopped])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2006-11-29 04:45:06 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2006-11-28 21:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008-12-16 22:36:22 | 00,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007-10-23 15:17:12 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2004-08-04 01:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008-11-10 06:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2004-01-14 15:21:00 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2006-10-27 01:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- D:\Programy\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2008-04-17 19:13:44 | 05,750,784 | ---- | M] () -- c:\xampp\mysql\bin\mysqld-nt.exe -- (mysql [Auto | Stopped])
SRV - [2007-04-13 21:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2007-05-16 09:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2006-10-26 20:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2002-08-01 11:22:40 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2009-01-04 11:18:37 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2009-06-15 14:42:22 | 00,201,440 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
SRV - [2008-05-30 12:32:16 | 00,572,416 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - File not found --  -- (XAMPP [Auto | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-02-05 23:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2005-02-23 15:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\Afc.sys -- (Afc [On_Demand | Running])
DRV - [2007-04-06 07:51:02 | 00,008,704 | ---- | M] ((Standard mouse types)) -- C:\WINDOWS\System32\DRIVERS\Amfilter.sys -- (Amfilter [System | Running])
DRV - [2007-04-06 07:53:02 | 00,014,336 | ---- | M] ((Standard mouse types)) -- C:\WINDOWS\System32\DRIVERS\Amps2prt.sys -- (Amps2prt [On_Demand | Stopped])
DRV - [2007-04-19 08:31:02 | 00,014,336 | ---- | M] ((Standard mouse types)) -- C:\WINDOWS\System32\DRIVERS\Amusbprt.sys -- (Amusbprt [On_Demand | Stopped])
DRV - [2009-02-05 23:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009-02-05 23:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009-02-05 23:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009-02-05 23:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009-02-05 23:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2006-11-29 04:52:42 | 02,830,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - File not found --  -- (catchme [On_Demand | Running])
DRV - [2008-12-16 22:36:23 | 00,033,408 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2007-11-23 22:50:18 | 00,033,800 | ---- | M] (Eset ) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2007-11-23 22:50:42 | 00,027,656 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\easdrv.sys -- (easdrv [System | Running])
DRV - [2007-02-16 02:57:04 | 00,034,760 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV - [2007-08-07 21:48:33 | 00,025,160 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV - [2007-11-23 22:52:34 | 00,030,728 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [System | Running])
DRV - [2008-12-03 18:53:03 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2006-09-12 13:27:00 | 04,381,184 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008-12-15 12:17:50 | 00,074,752 | ---- | M] (EZB Systems, Inc.) -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive [System | Running])
DRV - [2005-05-27 11:31:28 | 00,022,016 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2007-02-27 14:31:28 | 00,021,504 | ---- | M] (Motorola) -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem [On_Demand | Stopped])
DRV - [2008-05-07 07:38:20 | 00,017,536 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2008-05-07 07:38:20 | 00,020,864 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2006-08-14 08:51:28 | 00,105,344 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [Boot | Running])
DRV - [2007-09-17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2009-06-15 14:42:31 | 00,138,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])
DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2005-05-27 11:32:52 | 01,317,152 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\LVCM.sys -- (QCMerced [On_Demand | Running])
DRV - [2001-08-17 23:57:36 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2006-06-16 13:56:38 | 00,083,968 | R--- | M] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Stopped])
DRV - [2007-10-03 16:16:24 | 00,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2006-07-05 14:46:06 | 00,063,352 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a [Boot | Running])
DRV - [2006-06-14 16:56:56 | 00,013,680 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2009-01-04 10:51:26 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2008-06-06 09:24:44 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
DRV - [2004-08-03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2004-08-03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
DRV - [2008-05-07 07:38:36 | 00,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])
DRV - [2004-08-04 00:04:34 | 00,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ogamenet.net/javaChat.php?game=metin2&cc=pl
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.3

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008-10-28 19:07:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2008-11-01 12:14:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Extensions
[2008-11-01 12:14:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008-11-15 12:59:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\rlzdi1w8.default\extensions
[2008-08-23 18:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\mozilla\Firefox\Profiles\rlzdi1w8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008-03-13 21:22:44 | 00,005,514 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\FireFox\Profiles\rlzdi1w8.default\searchplugins\nonsensopedia-polski.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe ()
O4 - HKCU..\Run: [Gadu-Gadu] C:\Programy\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKCU..\Run: [OscarEditor] C:\Program Files\OSCAR Editor\OscarEditor.exe ()
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O4 - Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = D:\Programy\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 217.172.224.92
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-09-01 18:37:37 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001-04-18 17:23:00 | 00,000,041 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[4 C:\WINDOWS\*.tmp files]
[2009-07-24 22:00:42 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2009-07-24 21:38:56 | 00,000,645 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\RegCleaner.lnk
[2009-07-24 21:38:55 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2009-07-24 20:59:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\cache
[2009-07-24 20:42:09 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009-07-24 20:42:05 | 00,262,400 | ---- | C] () -- C:\cmldr
[2009-07-24 20:42:02 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009-07-24 20:37:53 | 00,219,648 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009-07-24 20:37:53 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009-07-24 20:37:53 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009-07-24 20:37:53 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009-07-24 20:37:53 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009-07-24 20:37:53 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009-07-24 20:37:53 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009-07-24 20:37:53 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009-07-24 20:37:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009-07-24 20:36:35 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009-07-24 20:03:00 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\HijackThis.lnk
[2009-07-24 20:03:00 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009-07-23 16:24:17 | 01,734,452 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\de_mario_air.zip
[2009-07-23 16:19:04 | 07,661,259 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\cs_office2.zip
[2009-07-23 12:32:34 | 00,876,507 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\deathrunem2.zip
[2009-07-22 16:13:13 | 00,081,916 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\trojkaty.ppt.odp
[2009-07-22 15:23:11 | 00,101,155 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Sonic Spray1.png
[2009-07-22 14:29:11 | 00,056,607 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\josie.jpg
[2009-07-22 14:16:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Tutek Na herb i Herby
[2009-07-22 13:45:01 | 00,129,536 | ---- | C] () -- C:\WINDOWS\inout2.dll
[2009-07-21 15:31:08 | 00,051,322 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\unl-farcry2.exe
[2009-07-21 15:31:08 | 00,005,032 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\unl-farcry2.nfo
[2009-07-15 18:53:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\PORADNIK TIBIA
[2009-07-15 18:48:02 | 01,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2009-07-15 18:30:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\Opis bota
[2009-07-12 17:52:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\VDC Redux v2.09
[2009-07-12 14:13:29 | 00,603,747 | ---- | C] (Blizzard Entertainment) -- C:\Documents and Settings\User\Pulpit\D2CKEY.exe
[2009-07-10 16:27:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\FuRious_SP-X_11.07
[2009-07-10 10:52:51 | 00,000,579 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Metin2.lnk
[2009-07-06 14:24:14 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009-07-06 14:24:14 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009-07-06 12:24:37 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-06-28 14:39:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\PGA 1.1.1
[2009-04-18 09:59:27 | 00,000,083 | ---- | C] () -- C:\WINDOWS\WWP.INI
[2009-02-12 14:44:01 | 00,000,217 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2009-01-16 17:37:56 | 00,018,679 | ---- | C] () -- C:\WINDOWS\hplj1300.ini
[2009-01-04 11:18:59 | 00,138,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-12-29 15:43:03 | 00,000,313 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008-12-29 15:40:47 | 00,001,340 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-12-20 18:38:07 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008-12-15 16:50:59 | 00,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2008-12-02 19:37:29 | 00,000,269 | ---- | C] () -- C:\WINDOWS\ScreenHunter.INI
[2008-08-07 13:40:22 | 00,000,085 | ---- | C] () -- C:\WINDOWS\EmperorEdit.INI
[2008-07-26 22:45:07 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008-07-09 12:22:18 | 00,000,085 | ---- | C] () -- C:\WINDOWS\System32\tcfg.ini
[2008-01-28 12:34:06 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2007-11-23 22:52:34 | 00,030,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007-11-21 17:04:23 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007-11-21 17:04:23 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007-11-21 17:04:23 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007-11-14 19:43:22 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007-11-07 21:56:26 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-10-23 15:44:29 | 01,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2007-10-23 15:44:29 | 00,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007-09-20 19:28:30 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2007-09-17 08:51:08 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007-09-17 08:51:07 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007-09-17 08:51:07 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007-09-17 08:51:06 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007-09-17 08:51:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007-09-17 08:51:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007-09-08 10:38:41 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2007-09-08 10:38:41 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2007-09-08 10:32:14 | 00,000,401 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007-09-08 10:31:56 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbvvs.dll
[2007-09-08 10:31:38 | 00,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbvcoin.ini
[2007-09-01 19:12:27 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007-09-01 18:46:54 | 00,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007-09-01 18:43:16 | 00,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALLOW-IO.SYS
[2007-04-07 13:22:06 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\Amhooker.dll
[2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-08-30 00:00:00 | 00,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005-08-30 00:00:00 | 00,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005-08-30 00:00:00 | 00,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2004-08-04 01:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2001-07-31 10:17:12 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001-07-22 00:16:20 | 00,000,604 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[1999-01-27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\drivers\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009-07-24 22:00:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Pulpit\OTL.exe
[2009-07-24 21:38:56 | 00,000,645 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\RegCleaner.lnk
[2009-07-24 20:53:37 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-07-24 20:53:26 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009-07-24 20:53:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-07-24 20:52:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-07-24 20:42:09 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009-07-24 20:03:00 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\HijackThis.lnk
[2009-07-24 15:26:44 | 01,042,812 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-07-23 16:24:37 | 01,734,452 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\de_mario_air.zip
[2009-07-23 16:20:35 | 07,661,259 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\cs_office2.zip
[2009-07-23 12:32:38 | 00,876,507 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\deathrunem2.zip
[2009-07-23 12:14:45 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-07-22 16:13:13 | 00,081,916 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\trojkaty.ppt.odp
[2009-07-22 15:54:24 | 00,101,155 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Sonic Spray1.png
[2009-07-22 14:29:11 | 00,056,607 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\josie.jpg
[2009-07-22 14:26:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009-07-22 13:45:01 | 00,129,536 | ---- | M] () -- C:\WINDOWS\inout2.dll
[2009-07-17 15:33:46 | 01,664,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-07-17 15:26:02 | 00,106,552 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-07-14 20:56:29 | 00,030,258 | ---- | M] () -- C:\WINDOWS\DIIUnin.dat
[2009-07-13 05:48:54 | 00,219,648 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009-07-10 10:53:25 | 00,000,579 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Metin2.lnk
[2009-07-10 10:51:02 | 00,000,520 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Metin2 PL.lnk
[2009-07-06 14:24:14 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009-07-06 14:24:14 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009-07-06 12:24:37 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009-07-06 12:24:35 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2009-07-02 11:34:44 | 00,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OSCAR Mouse Script Editor.lnk
[2009-06-25 11:41:13 | 00,000,083 | ---- | M] () -- C:\WINDOWS\WWP.INI

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 508 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6900017D
< End of report >






Przy okazji zrobilem skan z 2 kompa bo na nim tez w to gram

HiJackThis
Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:12:53, on 2009-08-10
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\windows\SYSTEM32\avgrsstx.dll
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe

--
End of file - 5184 bytes


No i OTL xD

Nie zmiescilo sie wiec xD
http://wklej.org/id/125692/

Z gory dziekuje naprawde wiem ze tego duzo xD :banan:
Kichachi
~user
 
Posty: 1
Dołączenie: 24 Lip 2009, 21:59


Góra

Sprawdzenie logów | zabezpieczenie przed ponownym hackiem

Postprzez wojtas 25 Lip 2009, 12:43

Uruchom OTL i w oknie Custom Scans/Fixes wklej :

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - AutoRun File - [2001-04-18 17:23:00 | 00,000,041 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

:Files
C:\WINDOWS\inout2.dll

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db1b3e60-05ac-11de-a5d3-00001cd72a97}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia kompa
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości

Powered by phpBB © Group
Forum Programosy.pl