Dużo svchost.exe i wscript.exe, za dużo

**Posty:** 30 · przez **EatMoreChocolate** 14 Gru 2009, 23:03

Ostatnio z moim systemem się porobiło ... zmusiło mnie to do reinstalu systemu, dokonałem tego i wszystko działa pięknie, cały dysk został zaorany. Coś jednak musiało być nie tak, przecież to życie, nie bajka - i oto po dotknięciu trzech króli wyjawił mi się taki sekret :

Czemu svchost.exe i WScript.exe jest aż tyle ? Nie wydaje mi się to zdrowe ...
W dodatku jakiego antyvira mi zalecacie ?

**Posty:** 18165 · przez **wojtas** 14 Gru 2009, 23:13

Daj loga z OTL
antywir Avira darmowa lub nod32 płatny . chociaż wg. mnie nic złego się nie dzieje

**Posty:** 30 · przez **EatMoreChocolate** 15 Gru 2009, 01:18

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 12/15/2009 12:10:58 AM - Run 1 OTL by OldTimer - Version 3.1.17.0 Folder = G:\Download DOWNLOAD\FFOX DOWNLOAD Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.15% Memory free 3.85 Gb Paging File | 3.19 Gb Available in Paging File | 83.02% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43.64 Gb Total Space | 34.22 Gb Free Space | 78.41% Space Free | Partition Type: FAT32 Drive D: | 29.00 Gb Total Space | 0.79 Gb Free Space | 2.72% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 930.86 Gb Total Space | 873.75 Gb Free Space | 93.87% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: cenzura-spam Current User Name: EatMoreChocolate Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/12/15 00:08:15 | 00,538,112 | ---- | M] (OldTimer Tools) -- G:\Download DOWNLOAD\FFOX DOWNLOAD\OTL.exe PRC - [2009/12/14 22:10:22 | 00,654,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe PRC - [2009/12/14 22:09:12 | 00,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe PRC - [2009/11/17 18:01:30 | 00,694,368 | ---- | M] ( ) -- C:\Program Files\Miranda IM\miranda32.exe PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009/09/21 16:36:08 | 10,309,408 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/08/29 02:32:02 | 00,331,264 | ---- | M] () -- G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparency.exe PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/08/24 21:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/08/22 11:31:06 | 05,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe PRC - [2009/08/07 09:11:04 | 00,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe PRC - [2009/04/26 18:34:00 | 02,187,264 | ---- | M] (CD Art Display) -- C:\Program Files\CD Art Display\CAD.exe PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/01/09 12:32:08 | 00,789,008 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2008/01/09 12:28:58 | 00,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2007/04/24 19:19:54 | 03,581,680 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe PRC - [2006/05/03 10:48:46 | 00,307,200 | ---- | M] (ta2027) -- C:\Program Files\Styler\Styler.exe PRC - [2005/12/28 12:00:56 | 00,569,413 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe PRC - [2005/12/28 11:56:16 | 00,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005/12/28 11:55:40 | 00,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005/12/28 11:52:32 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005/11/21 10:51:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005/11/10 06:47:20 | 00,102,400 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2005/11/09 22:11:36 | 02,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2005/10/21 02:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2005/10/17 17:09:34 | 00,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2005/09/06 08:39:08 | 14,850,560 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2005/05/26 19:12:00 | 00,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe PRC - [2005/04/12 16:27:20 | 00,045,056 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe PRC - [2004/08/04 20:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004/08/04 20:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/12/15 00:08:15 | 00,538,112 | ---- | M] (OldTimer Tools) -- G:\Download DOWNLOAD\FFOX DOWNLOAD\OTL.exe MOD - [2009/08/02 16:50:02 | 00,009,728 | ---- | M] () -- G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparencyHook.dll MOD - [2008/01/09 12:30:52 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2007/04/24 15:22:12 | 00,112,400 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\DockShellHook.dll MOD - [2006/12/01 22:54:34 | 00,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll MOD - [2006/12/01 22:54:32 | 00,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll MOD - [2006/05/02 05:10:50 | 00,053,248 | ---- | M] (ta2027) -- C:\Program Files\Styler\StylerHelper.dll MOD - [2004/08/04 20:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004/08/04 20:00:00 | 01,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/01/09 12:30:08 | 00,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2006/10/08 21:51:14 | 00,023,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc) SRV - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005/11/21 10:51:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2003/07/28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2007/11/29 02:17:56 | 00,036,368 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007/11/29 02:17:48 | 00,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006/03/01 21:27:12 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x) DRV - [2005/12/28 13:22:08 | 00,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005/12/05 00:55:30 | 01,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005/11/21 10:51:00 | 03,600,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2005/11/16 03:08:16 | 00,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp) DRV - [2005/10/21 02:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005/09/08 02:20:52 | 03,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/07/14 12:14:34 | 00,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005/07/12 19:00:30 | 00,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005/05/26 19:19:00 | 00,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2005/04/21 12:40:38 | 00,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005/04/18 06:24:44 | 00,646,656 | R--- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2005/02/17 10:07:48 | 00,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004/12/13 12:51:48 | 00,022,656 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\VClone.sys -- (VClone) DRV - [2004/08/04 20:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll () IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig" FF - prefs.js..extensions.enabledItems: foxdie_ext_ocelot@foxdie.us:3.1.9.3 FF - prefs.js..extensions.enabledItems: Foxdie@tanjihay.com:3.1.9.3 FF - prefs.js..extensions.enabledItems: FoxdieGraphite@tanjihay.com:3.1.9.3 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031 FF - prefs.js..extensions.enabledItems: {c9c58820-7bd4-11da-a72b-0800200c9a66}:2.20091115 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/14 12:19:44 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/14 12:19:44 | 00,000,000 | ---D | M] [2009/12/14 12:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Extensions [2009/12/14 12:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions [2009/12/14 13:06:04 | 00,000,000 | ---D | M] (iPox) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66} [2009/12/14 13:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\Foxdie@tanjihay.com [2009/12/14 13:07:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\foxdie_ext_ocelot@foxdie.us [2009/12/14 13:02:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\FoxdieGraphite@tanjihay.com [2009/12/14 13:04:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\nasanightlaunch@example.com [2009/12/14 13:06:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions [2009/12/14 13:06:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions\CVS [2009/12/14 12:19:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008/09/04 01:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2009/08/24 20:19:14 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009/08/24 20:19:14 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009/08/24 20:19:14 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009/08/24 20:19:14 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009/08/24 20:19:14 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009/08/24 20:19:14 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist) O3 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation) O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [MSRegInfo] C:\WINDOWS\pagefile.sys.vbs () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe () O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe () O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [TrueTransparency] G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparency.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\EatMoreChocolate\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe () O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\Common\eReg.exe (Leader Technologies/Logitech) O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/01 20:55:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2009/12/15 00:11:10 | 00,000,106 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2009/12/15 00:11:10 | 00,000,106 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2009/06/18 22:12:18 | 00,000,088 | R--- | M] () - F:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2009/12/15 00:11:09 | 00,000,106 | RHS- | M] () - G:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009/10/14 22:28:45 | 03,271,968 | R--- | M] (Western Digital) O33 - MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009/12/14 22:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Miranda [2009/12/14 22:25:37 | 00,000,000 | ---D | C] -- C:\Program Files\Miranda IM [2009/12/14 22:21:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/12/14 22:09:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\BitTorrent [2009/12/14 22:09:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Program Files\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2009/12/14 22:09:05 | 00,000,000 | ---D | C] -- C:\Program Files\AskSearch [2009/12/14 22:08:44 | 00,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT [2009/12/14 22:08:25 | 00,000,000 | ---D | C] -- C:\Program Files\LD-Anime [2009/12/14 22:08:08 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll [2009/12/14 22:08:07 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow [2009/12/14 22:07:17 | 00,000,000 | ---D | C] -- C:\Program Files\MarBit [2009/12/14 21:07:04 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe [2009/12/14 20:48:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Rainmeter [2009/12/14 20:48:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Rainmeter [2009/12/14 20:15:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\.rainlendar2 [2009/12/14 20:15:49 | 00,000,000 | ---D | C] -- C:\Program Files\Rainlendar2 [2009/12/14 20:15:18 | 00,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2009/12/14 20:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Logitech [2009/12/14 20:07:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Leadertech [2009/12/14 20:05:11 | 00,301,656 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\BtCoreIf.dll [2009/12/14 20:05:06 | 00,170,512 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\kemutb.dll [2009/12/14 20:05:06 | 00,141,840 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemUtil.dll [2009/12/14 20:05:06 | 00,117,264 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemWnd.dll [2009/12/14 20:05:06 | 00,076,304 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemXML.dll [2009/12/14 20:04:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2009/12/14 20:04:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech [2009/12/14 20:04:38 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech [2009/12/14 20:04:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\InstallShield [2009/12/14 20:04:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd [2009/12/14 19:37:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Microsoft [2009/12/14 19:37:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\EatMoreChocolate\Cookies [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\SendTo [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\Recent [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\Start Menu [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Pictures [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Music [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\Favorites [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\Templates [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\PrintHood [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\NetHood [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Symantec [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Microsoft [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Macromedia [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Intel [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Identities [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Desktop [2009/12/14 19:37:40 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings [2009/12/14 19:37:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\WINDOWS [2009/12/14 12:51:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Pobieranie [2009/12/14 12:33:02 | 00,094,208 | ---- | C] (MediaTexX) -- C:\WINDOWS\System32\wmpuice.dll [2009/12/14 12:33:02 | 00,069,632 | ---- | C] (CD Art Display) -- C:\WINDOWS\cadSSaver.scr [2009/12/14 12:33:01 | 00,000,000 | ---D | C] -- C:\Program Files\CD Art Display [2009/12/14 12:31:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Adobe [2009/12/14 12:29:25 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/12/14 12:26:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Apple Computer [2009/12/14 12:25:56 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll [2009/12/14 12:25:56 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2009/12/14 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\iPod [2009/12/14 12:25:08 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes [2009/12/14 12:25:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/12/14 12:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour [2009/12/14 12:24:25 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime [2009/12/14 12:24:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2009/12/14 12:24:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Apple [2009/12/14 12:24:02 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2009/12/14 12:23:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2009/12/14 12:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple [2009/12/14 12:23:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\ASUSTeK [2009/12/14 12:22:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2009/12/14 12:22:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Apple Computer [2009/12/14 12:22:05 | 00,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes [2009/12/14 12:21:42 | 00,000,000 | ---D | C] -- C:\Program Files\IconTweaker [2009/12/14 12:21:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IconTweaker [2009/12/14 12:19:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Mozilla [2009/12/14 12:19:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla [2009/12/14 12:19:42 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/14 12:18:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Videos [2009/12/14 12:18:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos [2009/12/14 12:18:33 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/12/14 12:18:19 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009/12/14 12:17:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009/12/14 12:17:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009/12/14 12:16:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2009/12/14 12:16:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/12/14 12:16:16 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2009/12/14 12:15:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/12/14 12:15:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009/12/14 12:15:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/12/14 12:12:44 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/12/14 11:54:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Styler [2009/12/14 11:15:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Stardock [2009/12/14 11:11:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Stardock [2009/12/14 11:10:27 | 00,000,000 | ---D | C] -- C:\Program Files\Stardock [2009/12/14 11:10:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock [2009/12/14 11:09:51 | 00,000,000 | ---D | C] -- C:\Program Files\Styler [2009/12/14 11:08:55 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR [2009/12/14 11:08:33 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2009/12/14 10:55:56 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup [2009/12/14 10:30:46 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2006/03/01 20:59:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2006/03/01 20:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2006/03/01 20:47:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2006/03/01 20:47:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009/12/15 00:11:44 | 00,003,478 | RHS- | M] () -- C:\WINDOWS\pagefile.sys.vbs [2009/12/15 00:11:40 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\EatMoreChocolate\NTUSER.DAT [2009/12/15 00:11:14 | 00,003,478 | RHS- | M] () -- C:\pagefile.sys.vbs [2009/12/15 00:11:14 | 00,000,106 | RHS- | M] () -- C:\autorun.inf [2009/12/14 20:48:18 | 00,001,480 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk [2009/12/14 20:07:58 | 00,000,843 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2009/12/14 20:07:50 | 00,000,760 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Application Data\setup_ldm.iss [2009/12/14 20:06:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2009/12/14 20:05:58 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2009/12/14 20:05:12 | 00,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/12/14 19:38:58 | 00,000,546 | ---- | M] () -- C:\WINDOWS\System32\ABA6JC.DAT [2009/12/14 19:37:26 | 00,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/12/14 19:36:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/14 19:36:22 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/14 19:36:20 | 00,000,211 | RHS- | M] () -- C:\boot.ini [2009/12/14 12:49:40 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009/12/14 12:48:50 | 00,005,632 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/14 12:19:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/12/14 12:18:44 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009/12/14 12:18:28 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009/12/14 12:18:28 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009/12/14 12:18:24 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2009/12/14 12:17:26 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/14 12:16:52 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/12/14 12:16:20 | 00,000,412 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/12/14 12:02:12 | 00,095,728 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/12/14 11:16:00 | 00,001,589 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2009/12/14 11:09:52 | 00,001,922 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk [2009/12/14 10:57:16 | 00,041,156 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009/12/14 10:57:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/12/14 10:57:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/12/14 10:57:02 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys [2009/12/14 10:56:08 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\EatMoreChocolate\ntuser.ini [2009/12/14 10:56:04 | 03,770,828 | -H-- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\IconCache.db [2009/12/14 10:31:00 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/12/14 22:08:08 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/12/14 22:08:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/12/14 21:07:04 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf [2009/12/14 20:48:17 | 00,001,480 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk [2009/12/14 20:07:56 | 00,000,843 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2009/12/14 20:07:49 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Application Data\setup_ldm.iss [2009/12/14 20:06:00 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2009/12/14 20:05:57 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2009/12/14 20:05:11 | 00,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/12/14 19:38:57 | 00,000,546 | ---- | C] () -- C:\WINDOWS\System32\ABA6JC.DAT [2009/12/14 19:37:40 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\EatMoreChocolate\ntuser.ini [2009/12/14 19:37:39 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\EatMoreChocolate\NTUSER.DAT [2009/12/14 19:36:20 | 00,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/14 12:19:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/12/14 12:18:36 | 00,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb [2009/12/14 12:18:36 | 00,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb [2009/12/14 12:17:25 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/14 12:16:19 | 00,000,412 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/12/14 12:04:54 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/12/14 12:04:52 | 00,005,632 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/14 11:15:59 | 00,001,589 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2009/12/14 11:09:51 | 00,001,922 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk [2009/12/14 10:52:42 | 00,003,478 | RHS- | C] () -- C:\WINDOWS\pagefile.sys.vbs [2009/12/14 10:52:42 | 00,003,478 | RHS- | C] () -- C:\pagefile.sys.vbs [2009/12/14 10:52:42 | 00,000,106 | RHS- | C] () -- C:\autorun.inf [2009/12/14 10:30:59 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/14 10:29:49 | 21,468,81536 | -HS- | C] () -- C:\hiberfil.sys [2006/03/01 21:26:06 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2006/03/01 20:59:55 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006/03/01 05:28:19 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/01/02 21:16:32 | 00,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini [2005/11/21 10:51:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005/11/21 10:51:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005/11/21 10:51:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005/11/21 10:51:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005/11/21 10:51:00 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll [2005/05/26 19:12:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll [2005/05/26 19:12:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll [2005/05/26 19:12:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll [2005/02/17 10:07:48 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2004/08/19 10:07:40 | 00,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS [2004/08/19 10:07:40 | 00,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/19 10:07:12 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/08/19 10:06:59 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2003/09/22 01:49:36 | 00,015,190 | R--- | C] () -- C:\WINDOWS\M2000Twn.ini [color=#E56717]========== LOP Check ==========[/color] [2009/12/14 12:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker [2009/12/14 12:25:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/12/14 11:54:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Styler [2009/12/14 20:07:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Leadertech [2009/12/14 20:48:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Rainmeter [2009/12/14 22:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\DNA [2009/12/14 22:09:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\BitTorrent [2009/12/14 22:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Miranda [color=#E56717]========== Purity Check ==========[/color] < End of report >

EXTRAS

Kod: Zaznacz wszystko: OTL Extras logfile created on: 12/15/2009 12:10:58 AM - Run 1 OTL by OldTimer - Version 3.1.17.0 Folder = G:\Download DOWNLOAD\FFOX DOWNLOAD Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.26 Gb Available Physical Memory | 63.15% Memory free 3.85 Gb Paging File | 3.19 Gb Available in Paging File | 83.02% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43.64 Gb Total Space | 34.22 Gb Free Space | 78.41% Space Free | Partition Type: FAT32 Drive D: | 29.00 Gb Total Space | 0.79 Gb Free Space | 2.72% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 930.86 Gb Total Space | 873.75 Gb Free Space | 93.87% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: cenzura-spam Current User Name: EatMoreChocolate Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( ) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = BisonCam, NB Pro "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU "{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "7-Zip" = 7-Zip 4.57 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer V3.0_is1" = ALLPlayer V3.X "Asus_A_Series_ScreenSaver" = Asus_A_Series_ScreenSaver "CD Art Display_is1" = CD Art Display 2.0.1 "ffdshow_is1" = ffdshow [rev 1281] [2007-06-12] "HControl" = ATK0100 ACPI UTILITY "IconTweaker" = IconTweaker "Miranda IM" = Miranda IM 0.8.10 "MKV Minimum Set (LD-Anime) - MatroskaSplitter & VSFilter_is1" = Matroska Pack - Lazy Man's MKV 0.9.9 "Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "Nero - Burning Rom!UninstallKey" = Nero OEM "NVIDIA Drivers" = NVIDIA Drivers "ObjectDock Plus" = ObjectDock Plus "ProInst" = Intel(R) PROSet/Wireless Software "Rainlendar2" = Rainlendar2 (remove only) "Rainmeter" = Rainmeter (remove only) "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "Tweak UI 2.10" = Tweak UI "VirtualCloneDrive" = VirtualCloneDrive "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 12/14/2009 6:17:43 PM | Computer Name = cenzura-spam | Source = Application Error | ID = 1000 Description = Faulting application miranda32.exe, version 0.8.10.2, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00001095. Error - 12/14/2009 6:23:51 PM | Computer Name = cenzura-spam | Source = Application Error | ID = 1000 Description = Faulting application miranda32.exe, version 0.8.10.2, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00001095. [ System Events ] Error - 12/14/2009 7:10:49 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Stardock\ObjectDock\Docklets\Calendar\Calendar.dll. Reference error message: The operation completed successfully. . Error - 12/14/2009 7:10:49 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 12/14/2009 7:10:49 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 12/14/2009 7:10:49 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Stardock\ObjectDock\Docklets\Weather\WeatherDocklet.dll. Reference error message: The operation completed successfully. . Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Stardock\ObjectDock\Docklets\Calendar\Calendar.dll. Reference error message: The operation completed successfully. . Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842784 Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . Error - 12/14/2009 7:12:03 AM | Computer Name = cenzura-spam | Source = SideBySide | ID = 16842811 Description = Generate Activation Context failed for C:\Program Files\Stardock\ObjectDock\Docklets\Weather\WeatherDocklet.dll. Reference error message: The operation completed successfully. . < End of report >

**Posty:** 3620 · przez **MaTi** 15 Gru 2009, 01:38

POPRAW i wstaw logi w TAGI CODE

**Posty:** 2183 · przez **NieWiem** 15 Gru 2009, 09:40

1. Otwórz Internet explorera i powiedz mi co masz wpisane w pasku u samej góry. Hacked by Godzilla? Hacked by 8BITS? Hello World, Iam VB? Coś jeszcze innego? :lol:

2.

Uruchom ponownie program OTL
W okienku na dole Custom Scans / Fixes wklej to, co poniżej w ramce:
:OTL
PRC - [2004/08/04 20:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
O3 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [MSRegInfo] C:\WINDOWS\pagefile.sys.vbs ()
O32 - AutoRun File - [2009/12/15 00:11:10 | 00,000,106 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/12/15 00:11:10 | 00,000,106 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/12/15 00:11:09 | 00,000,106 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009/10/14 22:28:45 | 03,271,968 | R--- | M] (Western Digital)
O33 - MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\Shell\AutoRun - "" = Auto&Play
:Files
C:\pagefile.sys.vbs
C:\Program Files\AskSearch
:Commands
[purity]
[emptytemp]
[clearrestorepoints]
[start explorer]
[reboot]
Upewnij się, że wszystkie inne okna, programy, komunikatory są wyłączone.
Kliknij przycisk Run Fix i poczekaj cierpliwie. To może chwilę potrwać!
Na prośbę komputera o restart zgódź się.
Po restarcie program automatycznie wyświetli raport z czyszczenia, który należy zapisać i wkleić w poście w tagach [code], lub na stronie http://www.wklej.org

3. Wykonaj także nowego loga z OTL jak za pierwszym razem, ale zanim wciśniesz Run Scan to w okienku na dole wklej takie komendy:

C:\*
D:\*
G:\*

4. Czy to Twoje i czy sam to montowałeś?

G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparency.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Styler\Styler.exe

5. Plik

C:\Documents and Settings\EatMoreChocolate\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe

przeskaować na stronie http://www.virscan.org i pokazać wyniki tutaj

6.

Pobierz aplikację SystemLook i zapisz ją na pulpicie.
Kliknij dwukrotnie na ikonę, aby uruchomić program.
Gdy pojawi sie okno, wlej w nim:
:filefind
*boot*
Kliknij Look i poczekaj cierpliwie aż program wykona swoja prace.
Kiedy skanowanie sie skończy, pojawią sie okno notatnika, zatytułowane SystemLook. Będzie on zapisany w tym samym miejscu, co aplikacja SystemLook.
Skopiuj (Edycja -> Zaznacz wszystko, Edycja -> Kopiuj) zawartość tego pliku i wklej na http://www.wklej.org lub w poście w tagach [code].

**Posty:** 30 · przez **EatMoreChocolate** 16 Gru 2009, 01:20

Dziś miałem 12 i dopiero wróciłem ...ale jutro mam tylko 8 będę wcześniej i wszystko porobię jak napisałeś - ale już bardzo dziękuję za poświęcony czas i chęci

PS* po odpaleniu IE nie wyskakuje nic specjalnego żadne "hacked" zrobię ss jutro - te programy sa faktycznie moje

...............................

Witam

, już jestem - zaczynamy więc:

1. Po włączeniu IE wygląda tak:
http://i79.photobucket.com/albums/j143/kooziolek/IE.jpg

2.

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== No active process named explorer.exe was found! Unable to set value : HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E! Registry value HKEY_USERS\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{C94E154B-1459-4A47-966B-4B843BEFC7DB} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C94E154B-1459-4A47-966B-4B843BEFC7DB}\ deleted successfully. C:\Program Files\AskSearch\bin\DefaultSearch.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSRegInfo deleted successfully. File move failed. C:\WINDOWS\pagefile.sys.vbs scheduled to be moved on reboot. C:\autorun.inf moved successfully. D:\autorun.inf moved successfully. G:\autorun.inf moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c0-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c0-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c0-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c1-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c1-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c1-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c3-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c3-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c3-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c3-e8de-11de-97b8-806d6172696f}\ not found. File move failed. F:\WD SmartWare.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c4-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef602c4-e8de-11de-97b8-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ef602c4-e8de-11de-97b8-806d6172696f}\ not found. ========== FILES ========== C:\pagefile.sys.vbs moved successfully. C:\Program Files\AskSearch\bin folder moved successfully. C:\Program Files\AskSearch folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 93844944 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: EatMoreChocolate ->Temp folder emptied: 109273637 bytes ->Temporary Internet Files folder emptied: 3855084 bytes ->FireFox cache emptied: 89428939 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2577 bytes Windows Temp folder emptied: 186744 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 93844944 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 372.48 mb Error: Unable to interpret <[clearrestorepoints]> in the current context! OTL by OldTimer - Version 3.1.17.0 log created on 12162009_215242 Files\Folders moved on Reboot... C:\WINDOWS\pagefile.sys.vbs moved successfully. File move failed. F:\WD SmartWare.exe scheduled to be moved on reboot. Registry entries deleted on Reboot...

3.

Kod: Zaznacz wszystko: OTL logfile created on: 12/16/2009 9:57:51 PM - Run 2 OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\EatMoreChocolate\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 74.49% Memory free 3.85 Gb Paging File | 3.47 Gb Available in Paging File | 90.24% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43.64 Gb Total Space | 33.44 Gb Free Space | 76.64% Space Free | Partition Type: FAT32 Drive D: | 29.00 Gb Total Space | 0.79 Gb Free Space | 2.72% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive G: | 930.86 Gb Total Space | 873.73 Gb Free Space | 93.86% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: cenzura-spam Current User Name: EatMoreChocolate Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/12/16 21:52:16 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/12/15 00:08:16 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\EatMoreChocolate\Desktop\OTL.exe PRC - [2009/12/14 22:10:22 | 00,654,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe PRC - [2009/12/14 22:09:12 | 00,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/08/29 02:32:02 | 00,331,264 | ---- | M] () -- G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparency.exe PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/08/22 11:31:06 | 05,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe PRC - [2009/08/07 09:11:04 | 00,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/01/09 12:32:08 | 00,789,008 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2008/01/09 12:28:58 | 00,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2007/04/24 19:19:54 | 03,581,680 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe PRC - [2006/05/03 10:48:46 | 00,307,200 | ---- | M] (ta2027) -- C:\Program Files\Styler\Styler.exe PRC - [2005/12/28 12:00:56 | 00,569,413 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe PRC - [2005/12/28 11:56:16 | 00,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005/12/28 11:55:40 | 00,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005/12/28 11:52:32 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005/11/21 10:51:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005/11/10 06:47:20 | 00,102,400 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2005/11/09 22:11:36 | 02,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2005/10/21 02:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2005/10/17 17:09:34 | 00,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2005/09/06 08:39:08 | 14,850,560 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2005/05/26 19:12:00 | 00,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe PRC - [2005/04/12 16:27:20 | 00,045,056 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2004/12/14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe PRC - [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe PRC - [2004/08/04 20:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004/08/04 20:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/12/15 00:08:16 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\EatMoreChocolate\Desktop\OTL.exe MOD - [2009/08/02 16:50:02 | 00,009,728 | ---- | M] () -- G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparencyHook.dll MOD - [2008/01/09 12:30:52 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2007/04/24 15:22:12 | 00,112,400 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\DockShellHook.dll MOD - [2006/12/01 22:54:34 | 00,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll MOD - [2006/12/01 22:54:32 | 00,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll MOD - [2006/05/02 05:10:50 | 00,053,248 | ---- | M] (ta2027) -- C:\Program Files\Styler\StylerHelper.dll MOD - [2004/08/04 20:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004/08/04 20:00:00 | 01,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/01/09 12:30:08 | 00,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005/11/21 10:51:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2003/07/28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2007/11/29 02:17:56 | 00,036,368 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007/11/29 02:17:48 | 00,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006/03/01 21:27:12 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x) DRV - [2005/12/28 13:22:08 | 00,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005/12/05 00:55:30 | 01,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005/11/21 10:51:00 | 03,600,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2005/11/16 03:08:16 | 00,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp) DRV - [2005/10/21 02:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005/09/08 02:20:52 | 03,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/07/14 12:14:34 | 00,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005/07/12 19:00:30 | 00,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005/05/26 19:19:00 | 00,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2005/04/21 12:40:38 | 00,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005/04/18 06:24:44 | 00,646,656 | R--- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2005/04/12 09:41:22 | 00,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay) DRV - [2005/02/17 10:07:48 | 00,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004/12/13 12:51:48 | 00,022,656 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\VClone.sys -- (VClone) DRV - [2004/08/04 20:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wrzuta.pl/ IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\S-1-5-21-2583130026-305072926-3692642439-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig" FF - prefs.js..extensions.enabledItems: foxdie_ext_ocelot@foxdie.us:3.1.9.3 FF - prefs.js..extensions.enabledItems: Foxdie@tanjihay.com:3.1.9.3 FF - prefs.js..extensions.enabledItems: FoxdieGraphite@tanjihay.com:3.1.9.3 FF - prefs.js..extensions.enabledItems: {c9c58820-7bd4-11da-a72b-0800200c9a66}:2.20091115 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/14 12:19:44 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/14 12:19:44 | 00,000,000 | ---D | M] [2009/12/14 12:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Extensions [2009/12/14 12:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions [2009/12/14 13:06:04 | 00,000,000 | ---D | M] (iPox) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66} [2009/12/14 13:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\Foxdie@tanjihay.com [2009/12/14 13:07:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\foxdie_ext_ocelot@foxdie.us [2009/12/14 13:02:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\FoxdieGraphite@tanjihay.com [2009/12/14 13:04:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\nasanightlaunch@example.com [2009/12/14 13:06:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions [2009/12/14 13:06:06 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla\Firefox\Profiles\u9az2vr4.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions\CVS [2009/12/14 12:19:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008/09/04 01:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2009/08/24 20:19:14 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009/08/24 20:19:14 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009/08/24 20:19:14 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009/08/24 20:19:14 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009/08/24 20:19:14 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009/08/24 20:19:14 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist) O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation) O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe () O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe () O4 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005..\Run: [TrueTransparency] G:\Files PROGRAMS\Windows\Visual Styles\Caesar_XP_Visual_Styles_by_DA_Star_G\TrueTransparency Software\TrueTransparency\TrueTransparency.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\EatMoreChocolate\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe () O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O4 - Startup: C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\Common\eReg.exe (Leader Technologies/Logitech) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2583130026-305072926-3692642439-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/01 20:55:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2009/06/18 22:12:18 | 00,000,088 | R--- | M] () - F:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009/12/16 21:52:42 | 00,000,000 | ---D | C] -- C:\_OTL [2009/12/16 21:50:34 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\EatMoreChocolate\Desktop\OTL.exe [2009/12/16 19:04:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak [2009/12/15 23:45:59 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2009/12/15 23:45:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009/12/15 23:45:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009/12/14 22:25:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Miranda [2009/12/14 22:25:37 | 00,000,000 | ---D | C] -- C:\Program Files\Miranda IM [2009/12/14 22:21:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009/12/14 22:09:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\BitTorrent [2009/12/14 22:09:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Program Files\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\DNA [2009/12/14 22:09:08 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2009/12/14 22:08:44 | 00,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT [2009/12/14 22:08:25 | 00,000,000 | ---D | C] -- C:\Program Files\LD-Anime [2009/12/14 22:08:08 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll [2009/12/14 22:08:07 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow [2009/12/14 22:07:17 | 00,000,000 | ---D | C] -- C:\Program Files\MarBit [2009/12/14 21:07:04 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe [2009/12/14 20:48:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Rainmeter [2009/12/14 20:48:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Rainmeter [2009/12/14 20:15:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\.rainlendar2 [2009/12/14 20:15:49 | 00,000,000 | ---D | C] -- C:\Program Files\Rainlendar2 [2009/12/14 20:15:18 | 00,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2009/12/14 20:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Logitech [2009/12/14 20:07:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Leadertech [2009/12/14 20:05:06 | 00,170,512 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\kemutb.dll [2009/12/14 20:05:06 | 00,141,840 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemUtil.dll [2009/12/14 20:05:06 | 00,117,264 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemWnd.dll [2009/12/14 20:05:06 | 00,076,304 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\KemXML.dll [2009/12/14 20:04:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2009/12/14 20:04:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech [2009/12/14 20:04:38 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech [2009/12/14 20:04:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\InstallShield [2009/12/14 20:04:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd [2009/12/14 19:37:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Microsoft [2009/12/14 19:37:42 | 00,000,000 | --SD | C] -- C:\Documents and Settings\EatMoreChocolate\Cookies [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\SendTo [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\Recent [2009/12/14 19:37:42 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\Start Menu [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Pictures [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Music [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents [2009/12/14 19:37:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\Favorites [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\Templates [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\PrintHood [2009/12/14 19:37:42 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\NetHood [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Symantec [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Microsoft [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Macromedia [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Intel [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Identities [2009/12/14 19:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Desktop [2009/12/14 19:37:40 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings [2009/12/14 19:37:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\WINDOWS [2009/12/14 12:51:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Pobieranie [2009/12/14 12:33:02 | 00,094,208 | ---- | C] (MediaTexX) -- C:\WINDOWS\System32\wmpuice.dll [2009/12/14 12:33:02 | 00,069,632 | ---- | C] (CD Art Display) -- C:\WINDOWS\cadSSaver.scr [2009/12/14 12:33:01 | 00,000,000 | ---D | C] -- C:\Program Files\CD Art Display [2009/12/14 12:31:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Adobe [2009/12/14 12:29:25 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2009/12/14 12:26:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Apple Computer [2009/12/14 12:25:11 | 00,000,000 | ---D | C] -- C:\Program Files\iPod [2009/12/14 12:25:08 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes [2009/12/14 12:25:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/12/14 12:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour [2009/12/14 12:24:25 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime [2009/12/14 12:24:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2009/12/14 12:24:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Apple [2009/12/14 12:24:02 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2009/12/14 12:23:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2009/12/14 12:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple [2009/12/14 12:23:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\ASUSTeK [2009/12/14 12:22:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2009/12/14 12:22:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Apple Computer [2009/12/14 12:22:05 | 00,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes [2009/12/14 12:21:42 | 00,000,000 | ---D | C] -- C:\Program Files\IconTweaker [2009/12/14 12:21:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IconTweaker [2009/12/14 12:19:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Mozilla [2009/12/14 12:19:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Mozilla [2009/12/14 12:19:42 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/14 12:18:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\My Videos [2009/12/14 12:18:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos [2009/12/14 12:18:33 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009/12/14 12:18:19 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009/12/14 12:17:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009/12/14 12:17:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009/12/14 12:16:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2009/12/14 12:16:16 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2009/12/14 12:15:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/12/14 12:15:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009/12/14 12:15:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/12/14 12:12:44 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/12/14 11:54:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Styler [2009/12/14 11:15:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\My Documents\Stardock [2009/12/14 11:11:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\Stardock [2009/12/14 11:10:27 | 00,000,000 | ---D | C] -- C:\Program Files\Stardock [2009/12/14 11:10:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock [2009/12/14 11:09:51 | 00,000,000 | ---D | C] -- C:\Program Files\Styler [2009/12/14 11:08:55 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR [2009/12/14 11:08:33 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip [2009/12/14 10:55:56 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.backup [2009/12/14 10:30:46 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2006/03/01 20:59:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2006/03/01 20:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2006/03/01 20:47:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2006/03/01 20:47:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009/12/16 21:55:18 | 00,000,843 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2009/12/16 21:54:34 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk [2009/12/16 21:54:26 | 00,041,156 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009/12/16 21:54:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/12/16 21:54:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/12/16 21:54:10 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys [2009/12/16 21:53:18 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\EatMoreChocolate\NTUSER.DAT [2009/12/16 21:53:12 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\EatMoreChocolate\ntuser.ini [2009/12/16 21:50:14 | 00,172,638 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Desktop\IE.JPG [2009/12/15 23:45:42 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009/12/15 23:44:24 | 01,571,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/12/15 00:08:16 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\EatMoreChocolate\Desktop\OTL.exe [2009/12/14 20:48:18 | 00,001,480 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk [2009/12/14 20:07:50 | 00,000,760 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Application Data\setup_ldm.iss [2009/12/14 20:06:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2009/12/14 20:05:58 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2009/12/14 20:05:12 | 00,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/12/14 19:38:58 | 00,000,546 | ---- | M] () -- C:\WINDOWS\System32\ABA6JC.DAT [2009/12/14 19:36:30 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009/12/14 19:36:22 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/14 19:36:20 | 00,000,211 | RHS- | M] () -- C:\boot.ini [2009/12/14 12:49:40 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009/12/14 12:48:50 | 00,005,632 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/14 12:19:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009/12/14 12:18:28 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009/12/14 12:18:28 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009/12/14 12:18:24 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2009/12/14 12:17:26 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/14 12:16:52 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/12/14 12:16:20 | 00,000,412 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2009/12/14 12:02:12 | 00,095,728 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/12/14 11:16:00 | 00,001,589 | ---- | M] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2009/12/14 10:56:04 | 03,770,828 | -H-- | M] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\IconCache.db [2009/12/14 10:31:00 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/12/16 21:55:17 | 00,000,843 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2009/12/16 21:50:12 | 00,172,638 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Desktop\IE.JPG [2009/12/14 22:08:08 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/12/14 22:08:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/12/14 21:07:04 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf [2009/12/14 20:48:17 | 00,001,480 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Rainmeter.lnk [2009/12/14 20:07:49 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Application Data\setup_ldm.iss [2009/12/14 20:06:00 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2009/12/14 20:05:57 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2009/12/14 20:05:11 | 00,001,591 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/12/14 19:38:57 | 00,000,546 | ---- | C] () -- C:\WINDOWS\System32\ABA6JC.DAT [2009/12/14 19:37:40 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\EatMoreChocolate\ntuser.ini [2009/12/14 19:37:39 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\EatMoreChocolate\NTUSER.DAT [2009/12/14 19:36:20 | 00,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT [2009/12/14 12:19:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/12/14 12:18:36 | 00,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb [2009/12/14 12:18:36 | 00,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb [2009/12/14 12:17:25 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2009/12/14 12:16:19 | 00,000,412 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/12/14 12:04:54 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/12/14 12:04:52 | 00,005,632 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/14 11:15:59 | 00,001,589 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2009/12/14 11:09:51 | 00,002,267 | ---- | C] () -- C:\Documents and Settings\EatMoreChocolate\Start Menu\Programs\Startup\Styler.lnk [2009/12/14 10:30:59 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009/12/14 10:29:49 | 21,468,81536 | -HS- | C] () -- C:\hiberfil.sys [2006/03/01 21:26:06 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2006/03/01 20:59:55 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006/03/01 05:28:19 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/01/02 21:16:32 | 00,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini [2005/11/21 10:51:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005/11/21 10:51:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005/11/21 10:51:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005/11/21 10:51:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005/11/21 10:51:00 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll [2005/05/26 19:12:00 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll [2005/05/26 19:12:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll [2005/05/26 19:12:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll [2005/05/26 19:12:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll [2005/02/17 10:07:48 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2004/08/19 10:07:40 | 00,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS [2004/08/19 10:07:40 | 00,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/19 10:07:12 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/08/19 10:06:59 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2003/09/22 01:49:36 | 00,015,190 | R--- | C] () -- C:\WINDOWS\M2000Twn.ini [color=#E56717]========== LOP Check ==========[/color] [2009/12/14 12:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker [2009/12/14 12:25:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/12/14 11:54:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Styler [2009/12/14 20:07:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Leadertech [2009/12/14 20:48:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Rainmeter [2009/12/14 22:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\DNA [2009/12/14 22:09:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\BitTorrent [2009/12/14 22:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\EatMoreChocolate\Application Data\Miranda [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< C:\* >[/color] [2006/01/27 00:02:12 | 00,524,288 | RH-- | M] () -- C:\A6Jc.BIN [2003/11/05 19:02:30 | 00,000,006 | R--- | M] () -- C:\A6Jc.20 [2005/06/27 04:32:26 | 00,000,010 | ---- | M] () -- C:\NIS_ENG.LOG [2004/11/04 08:57:16 | 00,000,014 | ---- | M] () -- C:\NERO.LOG [2005/09/21 07:19:42 | 00,000,035 | ---- | M] () -- C:\ASUSDVD.LOG [2004/08/04 20:00:00 | 00,250,032 | RHS- | M] () -- C:\ntldr [2004/08/04 20:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004/08/18 09:40:12 | 00,000,014 | ---- | M] () -- C:\XPHE_SP2.ENG [2009/12/14 19:36:20 | 00,000,211 | RHS- | M] () -- C:\boot.ini [2006/03/01 20:55:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2006/03/01 20:55:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2006/03/01 20:55:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2006/03/01 20:55:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006/03/01 21:13:00 | 00,000,086 | ---- | M] () -- C:\setup.log [2006/03/01 21:28:02 | 00,000,009 | ---- | M] () -- C:\Finish.log [2006/03/01 21:28:02 | 00,012,663 | ---- | M] () -- C:\devlist.txt [2009/12/16 21:54:00 | 21,453,86496 | -HS- | M] () -- C:\pagefile.sys [2009/12/16 21:54:10 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys [2009/12/14 20:04:52 | 00,218,566 | ---- | M] () -- C:\khalinstall.log [color=#A23BEC]< D:\* >[/color] [2009/12/16 21:51:24 | 00,003,478 | RHS- | M] () -- D:\pagefile.sys.vbs [2009/05/20 09:00:26 | 00,005,120 | -HS- | M] () -- D:\Thumbs.db [color=#A23BEC]< G:\* >[/color] [2009/12/16 21:51:22 | 00,003,478 | RHS- | M] () -- G:\pagefile.sys.vbs < End of report >

4.
Tak moje

programiki do kustomizacji windowsa
* TrueTransparency Software - cień okien na pulpicie np
* Rainlendar2 - kalendarz
* Rainmeter - mierniki, np zużycie cpu, temperatura cpu
* Styler - wygląd paska adresu itd

5.

Kod: Zaznacz wszystko: Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania! Czas : 2009/12/16 22:10:59 (CET) Skaner ↓ Wersja silnika Wersja sygnatur Data sygnatur Wynik skanowania Czas a-squared 4.5.0.8 20091216163206 2009-12-16 - 0.080 AhnLab V3 2009.12.16.01 2009.12.16 2009-12-16 - 0.080 AntiVir 8.2.1.114 7.10.2.11 2009-12-16 - 0.513 Antiy 2.0.18 20091216.3491653 2009-12-16 - 0.121 Arcavir 2009 200912161312 2009-12-16 - 0.021 Authentium 5.1.1 200912151128 2009-12-15 - 1.206 AVAST! 4.7.4 091216-0 2009-12-16 - 0.003 AVG 8.5.288 270.14.110/2568 2009-12-16 - 0.285 BitDefender 7.81008.4731555 7.29479 2009-12-17 - 4.039 CA (VET) 35.1.0 7177 2009-12-15 - 0.081 ClamAV 0.95.2 10187 2009-12-16 - 0.005 Comodo 3.13 3266 2009-12-16 - 0.081 CP Secure 1.3.0.5 2009.12.16 2009-12-16 - 0.005 Dr.Web 4.44.0.9170 2009.12.16 2009-12-16 - 7.719 F-Prot 4.4.4.56 20091215 2009-12-15 - 1.225 F-Secure 7.02.73807 2009.12.16.10 2009-12-16 - 0.049 Fortinet 11.278- 11.278 2009-12-16 - 0.080 GData 19.9355/19.626 20091216 2009-12-16 - 0.081 Ikarus T3.1.01.78 2009.12.16.74777 2009-12-16 - 4.115 JiangMin 13.0.900 2009.12.16 2009-12-16 - 0.081 Kaspersky 5.5.10 2009.12.16 2009-12-16 - 0.026 KingSoft 2009.2.5.15 2009.12.16.17 2009-12-16 - 0.082 McAfee 5.3.00 5834 2009-12-16 - 3.346 Microsoft 1.5302 2009.12.16 2009-12-16 - 0.079 Norman 6.01.09 6.01.00 2009-12-16 - 4.008 nProtect 20091216.01 6612650 2009-12-16 - 0.084 Panda 9.05.01 2009.12.16 2009-12-16 - 0.079 Quick Heal 10.00 2009.12.16 2009-12-16 - 0.080 Rising 20.0 22.26.02.04 2009-12-16 - 0.078 Sophos 3.03.0 4.49 2009-12-17 - 2.630 Sunbelt 3.9.2387.2 5565 2009-12-16 - 0.084 Symantec 1.3.0.24 20091216.003 2009-12-16 - 0.047 The Hacker 6.5.0.2 v00094 2009-12-15 - 0.080 Trend Micro 9.000-1003 6.698.07 2009-12-16 - 0.022 VBA32 3.12.12.0 20091215.2123 2009-12-15 - 2.251 ViRobot 20091216 2009.12.16 2009-12-16 - 0.079 VirusBuster 4.5.11.10 10.116.7/2001306 2009-12-16 - 2.330

http://www.virscan.org/report/cc93fc7c6521eae9e8052e29e051d70a.html

6.

Kod: Zaznacz wszystko: SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 22:02 on 16/12/2009 by EatMoreChocolate (Administrator - Elevation successful) ========== filefind ========== Searching for "*boot*"

;/ mam nadzieję, że nie mam żadnego syfu ... dopiero przeinstalowałem system i przeniosłem wszystkie pliki na nowy dysk ;/

Pozdrawiam i dziękuję

Dodano Dzisiaj, 14:39:
I jak ?

**Posty:** 2183 · przez **NieWiem** 18 Gru 2009, 15:05

Wygląda że jest OK :ok:

Uważaj tylko z tymi programami wlaśnie do udziwniania, bo przez nie nie działa połowa narzędzi, a druga połowa uznaje je za szkodliwe.

Pobierz program OTC
Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
Wciśnij przycisk Clean Up!
Na pytanie "Begin cleanup Process?" wciśnij Yes.
Jeśli padnie prośba o restart - zgódź się.

Pobierz program TFC
Zamknij wszystkie otwarte programy - inaczej TFC zrobi to za Ciebie
Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
Kliknij przycisk Start
Czyszczenie lokalizacji tymczasowych może chwilę potrwać (ale znowu bez przesady), uzbrój się w cierpliwość.
Jeśli padnie prośba o restart - zgódź się.

Czyszczenie punktów przywracania systemu jest konieczne, ponieważ w backupach Windowsa znajdują się także kopie szkodników.

Wyłączenie przywracania systemu
- Na pulpicie => prawoklik na Mój Komputer
- opcja Właściwości
- zakładka Przywracanie systemu
- Zaznaczyć opcję Wyłącz przywracanie systemu
- Kliknąć Zastosuj, a potem OK.
Zrestartować komputer!
Włączanie przywracania systemu
- Na pulpicie => prawoklik na Mój Komputer
- opcja Właściwości
- zakładka Przywracanie systemu
- Odznaczyć opcję Wyłącz przywracanie systemu
- Kliknąć Zastosuj, a potem OK.

Autor postu otrzymał pochwałę

**Posty:** 30 · przez **EatMoreChocolate** 19 Gru 2009, 00:01

Bardzo, ale to bardzo dziękuję, bardzo dużo się nauczyłem

i pozbyłem się kilku mega śmieci, na szczęście nic nie miałem groźniejszego - jesteś debeściak

Kto jest na forum