Witamy na forum PC Format Zapraszamy do REJESTRACJI


Użytkownicy przeglądający ten wątek: 1 gości

POMOCY !!!! Proszę o sprawdzenie Loga.....

#1
POMOCY !!!! Proszę o sprawdzenie Loga.....
Witam mam problem z komputerem strasznie się za mula a poza tym jego start to prawdziwa gehenna próbowałem czyścic jv16 defragmentować dysk itd. meczę się już od 5 dni i proszę o pomoc. Wklejam Log z HijacThis. Będę bardzo wdzięczny jeśli można tez w miarę możliwości wytłumaczyć co dalej zrobić będzie super.

Jeśli źle coś wkleiłem to z góry przepraszam pierwszy raz wklejam SORRY

Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:15:53, on 2009-06-30
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2009\WebProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Właściciel\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe"
O4 - HKLM\..\Run: [Pilot] D:\KS\KS-EWD\pilot.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe

--
End of file - 6978 bytes
 System operacyjny: windows_xp_2003 Przeglądarka: firefox
#2
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Uruchom HijackThis i naciśnij Do a system scan only, następnie zaznacz wpisy przy podanych przeze mnie wpisach:
Kod:
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe

Daj loga z RSIT.
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#3
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Dzięki ci wielkie Zbawicielu...

RSIT
Kod:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Właściciel at 2009-07-01 11:13:57
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 100 GB (83%) free of 120 GB
Total RAM: 1014 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:15, on 2009-07-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\WebProxy.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TC UP\totalcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TC UP\Plugins\Media\uTorrent\utorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavJobs.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PAVJOBS.EXE
C:\Documents and Settings\Właściciel\Pulpit\RSIT.exe
C:\Program Files\trend micro\Właściciel.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\psimreal.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\avciman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe

--
End of file - 8016 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-08 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-08 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-08 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"APVXDWIN"=C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE [2008-12-03 869632]
"SCANINICIO"=C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe [2008-07-07 50432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-11-13 243072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pilot]
D:\KS\KS-EWD\pilot.exe [2009-05-07 5585920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Właściciel^Menu Start^Programy^Autostart^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\WINDOWS\system32\avldr.dll [2008-03-18 58672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-08 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\KS\KS-EWD\pilot.exe"="D:\KS\KS-EWD\pilot.exe:*:Enabled:pilot"
"D:\KS\APW\EXE\APW12.EXE"="D:\KS\APW\EXE\APW12.EXE:*:Enabled:APW12 - Zamówienia"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe"="C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\setup\HPZnui01.exe"="E:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\TC UP\TOTALCMD.EXE"="C:\Program Files\TC UP\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe"="C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\setup\HPZnui01.exe"="E:\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{391be6ff-6486-11de-a0ce-001966947ea5}]
shell\AutoRun\command - F:\hifdmgt.com
shell\open\command - F:\hifdmgt.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{905107b4-648a-11de-a0cf-001966947ea5}]
shell\AutoRun\command - F:\hifdmgt.com
shell\open\command - F:\hifdmgt.com


======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %*
.vbs - open - C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-07-01 11:13:57 ----D---- C:\rsit
2009-07-01 11:13:57 ----D---- C:\Program Files\trend micro
2009-06-30 13:12:37 ----D---- C:\Program Files\CoffeeCup Software
2009-06-30 11:10:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
2009-06-30 11:02:01 ----D---- C:\Program Files\QuickTime
2009-06-30 11:01:47 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2009-06-30 11:01:47 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2009-06-30 11:00:59 ----D---- C:\Program Files\Bonjour
2009-06-30 10:57:14 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-06-30 09:33:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-06-30 09:14:48 ----D---- C:\Program Files\MSXML 4.0
2009-06-29 15:02:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Panda Software
2009-06-29 13:40:14 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\ACD Systems
2009-06-29 13:39:32 ----D---- C:\Program Files\ACD Systems
2009-06-29 13:30:07 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\HateML
2009-06-29 13:20:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Macromedia
2009-06-29 13:20:41 ----D---- C:\Program Files\Macromedia
2009-06-29 13:20:41 ----D---- C:\Program Files\Common Files\Macromedia
2009-06-29 12:21:24 ----D---- C:\Program Files\jv16 PowerTools 2008
2009-06-29 12:18:53 ----RA---- C:\WINDOWS\system32\QL56M.EXE
2009-06-29 12:18:53 ----RA---- C:\WINDOWS\system32\QL56M.DLL
2009-06-29 12:18:53 ----RA---- C:\WINDOWS\system32\QL56L.INI
2009-06-29 12:18:53 ----RA---- C:\WINDOWS\system32\QL56L.DLL
2009-06-29 12:18:53 ----RA---- C:\WINDOWS\system32\QL56F.DLL
2009-06-29 12:18:26 ----A---- C:\WINDOWS\dsetupu_log.txt
2009-06-29 12:17:24 ----D---- C:\Program Files\Common Files\Brother
2009-06-29 11:39:05 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2009-06-29 11:39:05 ----A---- C:\WINDOWS\system32\hpz3l692.dll
2009-06-29 11:38:36 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2009-06-29 11:38:36 ----RA---- C:\WINDOWS\system32\hposwia_p01d.dll
2009-06-29 11:38:36 ----RA---- C:\WINDOWS\system32\hpost_p01d.dll
2009-06-29 11:38:36 ----RA---- C:\WINDOWS\system32\hposc_p01a.dll
2009-06-29 11:33:31 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant
2009-06-29 11:33:11 ----D---- C:\Program Files\Hewlett-Packard
2009-06-29 11:31:05 ----HD---- C:\Config.Msi
2009-06-29 11:30:26 ----D---- C:\Program Files\HP
2009-06-29 11:10:46 ----D---- C:\Program Files\IncrediMail
2009-06-29 11:03:11 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\HEXelon
2009-06-29 11:02:42 ----D---- C:\Program Files\TC UP
2009-06-29 10:51:00 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\WinRAR
2009-06-29 10:30:59 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-29 10:30:59 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-29 10:30:59 ----A---- C:\WINDOWS\system32\java.exe
2009-06-29 10:24:09 ----D---- C:\Program Files\Mozilla Firefox
2009-06-29 10:20:06 ----A---- C:\WINDOWS\imsins.BAK
2009-06-29 10:10:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-29 09:45:48 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Yahoo! Companion
2009-06-29 09:35:49 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-18 09:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB960763$
2009-06-17 13:26:14 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\WEBREG
2009-06-17 12:30:14 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Cream Software
2009-06-15 09:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-15 09:23:24 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-15 09:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-15 09:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-15 09:22:07 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-08 11:55:34 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Thinstall
2009-06-05 09:20:55 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Brother
2009-06-05 09:18:07 ----D---- C:\Program Files\Brother
2009-06-04 12:33:37 ----D---- C:\Website Project
2009-06-04 12:26:51 ----D---- C:\Program Files\Website Layout Maker
2009-06-04 11:59:33 ----D---- C:\Program Files\DzSoft
2009-06-03 11:51:29 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\SumatraPDF

======List of files/folders modified in the last 1 months======

2009-07-01 11:13:57 ----RD---- C:\Program Files
2009-07-01 10:39:10 ----D---- C:\WINDOWS\system32\drivers
2009-07-01 10:38:34 ----D---- C:\WINDOWS\Temp
2009-07-01 10:35:50 ----D---- C:\Documents and Settings
2009-07-01 10:02:03 ----D---- C:\WINDOWS\system32
2009-07-01 09:17:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-30 13:12:49 ----D---- C:\WINDOWS
2009-06-30 11:56:56 ----SHD---- C:\WINDOWS\Installer
2009-06-30 11:45:51 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Adobe
2009-06-30 11:44:11 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2009-06-30 11:34:20 ----SH---- C:\boot.ini
2009-06-30 11:34:20 ----D---- C:\WINDOWS\pss
2009-06-30 11:34:20 ----A---- C:\WINDOWS\win.ini
2009-06-30 11:34:20 ----A---- C:\WINDOWS\system.ini
2009-06-30 11:02:17 ----D---- C:\Program Files\Adobe
2009-06-30 11:00:59 ----D---- C:\Program Files\Common Files\Adobe
2009-06-30 10:57:24 ----D---- C:\WINDOWS\WinSxS
2009-06-30 10:57:14 ----D---- C:\Program Files\Common Files
2009-06-30 09:29:56 ----HD---- C:\WINDOWS\inf
2009-06-29 13:39:39 ----D---- C:\Program Files\Common Files\ACD Systems
2009-06-29 13:39:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
2009-06-29 13:26:57 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Macromedia
2009-06-29 13:20:12 ----D---- C:\WINDOWS\Downloaded Installations
2009-06-29 12:18:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-29 12:18:06 ----RSD---- C:\WINDOWS\Fonts
2009-06-29 12:15:18 ----D---- C:\Program Files\Common Files\InstallShield
2009-06-29 12:02:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-29 11:38:41 ----D---- C:\WINDOWS\twain_32
2009-06-29 11:33:41 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP
2009-06-29 11:32:53 ----D---- C:\Program Files\Common Files\HP
2009-06-29 10:50:51 ----D---- C:\Program Files\WinRAR
2009-06-29 10:30:59 ----D---- C:\Program Files\Java
2009-06-29 10:24:50 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla
2009-06-29 10:20:15 ----D---- C:\WINDOWS\Debug
2009-06-29 10:16:33 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-29 10:02:23 ----D---- C:\WINDOWS\system32\config
2009-06-29 10:01:52 ----D---- C:\WINDOWS\system32\wbem
2009-06-29 10:01:50 ----D---- C:\WINDOWS\Registration
2009-06-29 09:53:38 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\Nowe Gadu-Gadu
2009-06-29 09:52:58 ----D---- C:\WINDOWS\system32\psconv
2009-06-26 15:29:36 ----SHD---- C:\RECYCLER
2009-06-24 08:55:50 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-18 09:08:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-17 13:25:44 ----D---- C:\Documents and Settings\Właściciel\Dane aplikacji\HP
2009-06-17 12:45:21 ----D---- C:\WINDOWS\Prefetch
2009-06-05 09:19:53 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448]
R1 ShldDrv;Panda File Shield Driver; C:\WINDOWS\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 PAVDRV;pavdrv; C:\WINDOWS\system32\DRIVERS\pavdrv51.sys [2008-04-28 84024]
R2 PavProc;Panda Process Protection Driver; \??\C:\WINDOWS\system32\DRIVERS\PavProc.sys []
R3 AvFlt;Antivirus Filter Driver; C:\WINDOWS\system32\drivers\av5flt.sys []
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-04-16 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-04-16 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-04-16 21568]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-08 5955232]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 PavSRK.sys;PavSRK.sys; \??\C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-07-01 108800]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe [2007-09-03 81920]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\WINDOWS\system32\svchost -k Panda []
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-15 14336]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe [2008-07-04 288512]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-15 14336]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe [2008-06-25 28928]
R2 TPSrv;Panda TPSrv; C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe [2008-07-17 157440]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [2007-09-03 2002944]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-30 72704]
S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-30 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Tu chyba reszta RSIT

Kod:
info.txt logfile of random's system information tool 1.06 2009-07-01 11:14:17

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
ACDSee Photo Manager 2009-->MsiExec.exe /I{300578F9-9EFF-4B93-9AB1-C0E5707EF463}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash CS3 Professional-->C:\Program Files\Common Files\Adobe\Installers\71a8bf4cec3050e55425a301eec8315\Setup.exe
Adobe Flash CS3-->MsiExec.exe /I{036EB57A-C65F-4EB8-9E85-30E2E9B01EEB}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{BC281424-2BA0-43A6-99CF-A458B5450FCF}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0415-1E257A25E34D}
Adobe Reader 9.1.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A91000000001}
Adobe Setup-->MsiExec.exe /I{75324DDC-D7D8-4CA1-9E10-85C439948516}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB960763)-->"C:\WINDOWS\$NtUninstallKB960763$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Brother P-touch Address Book 1.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{98E9B724-0E62-4812-B6CC-C6A228BBC562}
Brother P-touch Editor 4.2-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{003447F5-0058-4B77-9C1E-50488F77C4A7}
Brother QL-Series User's Guide-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7CCC6E23-0E35-480B-8F0C-8D06F882D5D3}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Firebird 2.0.3-->"C:\Program Files\Firebird\Firebird_2_0\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Właściciel\Pulpit\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4-->C:\Program Files\HP\Digital Imaging\{C8732DC3-1736-44b2-B741-2D636DE58605}\setup\hpzscr01.exe -datfile hposcr31.dat -onestop
HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
IncrediMail JunkFilter Plus-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:JunkFilterPlus
IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
jv16 PowerTools 2008-->"C:\Program Files\jv16 PowerTools 2008\unins000.exe"
Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
OCR Software by I.R.I.S. 11.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org 3.0-->MsiExec.exe /I{31BFEC6C-1F27-45B5-839C-BCBAE327993A}
Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe
Panda Antivirus Pro 2009-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E55FB276-73C9-4776-AB53-BC028C0509ED}\SETUP.exe" -l0x15  -removeonly
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Poprawka dla programu Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x0015 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15  -removeonly
Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Total Commander Ultima Prime 4.7.0.0-->"C:\Program Files\TC UP\un_TC UP.exe"
Western Australian Time Zone Update-->MsiExec.exe /X{C098DAEC-29EF-4A59-B18E-0E950169CA3C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======System event log======

Computer Name: KOMPUTER-65911A
Event Code: 7035
Message: Do usługi Zarządzanie aplikacjami został pomyślnie wysłany kod sterowania uruchom.

Record Number: 4987
Source Name: Service Control Manager
Time Written: 20090629091930.000000+120
Event Type: informacje
User: KOMPUTER-65911A\Właściciel

Computer Name: KOMPUTER-65911A
Event Code: 7023
Message: Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.


Record Number: 4986
Source Name: Service Control Manager
Time Written: 20090629091930.000000+120
Event Type: błąd
User:

Computer Name: KOMPUTER-65911A
Event Code: 7036
Message: Usługa Zarządzanie aplikacjami weszła w stan zatrzymania.

Record Number: 4985
Source Name: Service Control Manager
Time Written: 20090629091930.000000+120
Event Type: informacje
User:

Computer Name: KOMPUTER-65911A
Event Code: 7035
Message: Do usługi Zarządzanie aplikacjami został pomyślnie wysłany kod sterowania uruchom.

Record Number: 4984
Source Name: Service Control Manager
Time Written: 20090629091930.000000+120
Event Type: informacje
User: KOMPUTER-65911A\Właściciel

Computer Name: KOMPUTER-65911A
Event Code: 7023
Message: Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.


Record Number: 4983
Source Name: Service Control Manager
Time Written: 20090629091930.000000+120
Event Type: błąd
User:

=====Application event log=====

Computer Name: KOMPUTER-65911A
Event Code: 1000
Message: Liczniki wydajności dla usługi ContentIndex (ContentIndex) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090128140535.000000+060
Event Type: informacje
User:

Computer Name: KOMPUTER-65911A
Event Code: 1000
Message: Liczniki wydajności dla usługi TermService (Usługi terminalowe) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090128140534.000000+060
Event Type: informacje
User:

Computer Name: KOMPUTER-65911A
Event Code: 1000
Message: Liczniki wydajności dla usługi RemoteAccess (Routing i dostęp zdalny) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090128140438.000000+060
Event Type: informacje
User:

Computer Name: KOMPUTER-65911A
Event Code: 1000
Message: Liczniki wydajności dla usługi PSched (PSched) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090128140415.000000+060
Event Type: informacje
User:

Computer Name: KOMPUTER-65911A
Event Code: 1000
Message: Liczniki wydajności dla usługi RSVP (QoS RSVP) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090128140414.000000+060
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Panda Security\Panda Antivirus Pro 2009\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\Common Files\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Tu kod Z Haijack po skanowaniu przez Pandę zakończonym przed chwilą i już tego nie ma...czy to był wirus?? czytalem gdzies o tym wpisie ze to jest jakis "przyjaciel"

Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:41, on 2009-07-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\WebProxy.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TC UP\totalcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TC UP\Plugins\Media\uTorrent\utorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavJobs.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PAVJOBS.EXE
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{0DFCE04D-8127-4C9B-8837-E99B9059F49E}: NameServer = 194.204.152.34
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe

--
End of file - 7832 bytes
 System operacyjny: windows_xp_2003 Przeglądarka: firefox
#4
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Użyj narzędzia Flash DisInfector, jeśli posiadasz jakieś pamięci przenośne niech będą w tym czasie podłączone.

Otwórz notatnik tekstowy i wklej do niego poniższy tekst (bez frazy kod):
Kod:
Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Zapisz jako... > Wszystkie pliki > Fix.reg

Dodaj dwuklikiem do rejestru.

Pliki:
Kod:
C:\WINDOWS\system32\QL56M.EXE
C:\WINDOWS\system32\QL56M.DLL
C:\WINDOWS\system32\QL56L.INI
C:\WINDOWS\system32\QL56L.DLL
C:\WINDOWS\system32\QL56F.DLL

Przeskanuj na virscan.org, a strony po skanowaniu podaj na forum.
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#5
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Wszystko zrobiłem jak napisałeś wkejam wyniki z tej strony virscan.org

Kod:
Nazwa pliku :       QL56F.DLL
Rozmiar pliku :  61440 byte
Typ pliku :      PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 :           4d894e558d5cd47a19921cec9e055f8d
SHA1 :          bca2b0beaf65dbb1b8c77f9104f9cbfbe9218629
Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania!
    
Nazwa pliku :   QL56L.INI
Rozmiar pliku :  971 byte
Typ pliku :       Windows INF file
MD5 :             235baa45e3d72ce0ab7b0c388311e245
SHA1 :          39782aa00d9e18fd82014cb6a74e8d164c1c3e2e
Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania!

Nazwa pliku :    QL56L.DLL
Rozmiar pliku :   33280 byte
Typ pliku :        PE32 executable for MS Windows (DLL) (console) Intel 80386 3
MD5:             f6f08f647396555fdd2a9bacdb145a63
SHA1 :           78062eef4b2aefa5d1cf981d879aa9aa32d9f562
Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania!

Nazwa pliku :   QL56M.EXE
Rozmiar pliku :  73728 byte
Typ pliku :          PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 :          9d35aeb4dd15cc91a72c0fb6f1b1bf8b
SHA1 :          667085740f1f49078f66556113a542b5f526fb89
Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania!

Nazwa pliku :   QL56M.DLL
Rozmiar pliku :  11264 byte
Typ pliku :           PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 :            a8f3851a7cb3f30763c6ff9ffe2699d2
SHA1 :            e906d4e24513bd6465d25b85aca5bf84468b97cb
Wyniki skanera : Wszystkie skanery zgłosiły brak szkodliwego oprogramowania!

Coś może być jeszcze na rzeczy??
Dzięki wielkie z góry naprawdę nie dawałem sobie z tym rady. Jeśli był wirus ten co napisałeś w kluczu to coś tak czułem że mam "przyjaciela" .
 System operacyjny: windows_xp_2003 Przeglądarka: firefox
#6
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Zobacz czy na dysku masz plik:
Kod:
C:\WINDOWS\system32\olhrwef.exe

jeśli tak - usuń go.

I to by było na tyle.
 System operacyjny: linux Przeglądarka: opera
#7
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Był dziad jeden....Powiedz mi czy jest jakiś schemat na odczyty logów bo z miła chęcią bym sie nauczył lub poznał żeby więcej nie truć....
 System operacyjny: windows_xp_2003 Przeglądarka: firefox
#8
RE: POMOCY !!!! Proszę o sprawdzenie Loga.....
Bywaj na forach + korzystaj z google, cała filozofiaOczko.
 System operacyjny: linux Przeglądarka: opera
Programy: Polecane / Nowe / Inne




Podobne wątki (POMOCY !!!! Proszę o sprawdzenie Loga.....)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Prośba o sprawdzenie loga ricardo59 2 106 18.02.2020, 19:15
Ostatni post: ricardo59
  Proszę o sprawdzenie loga specyk1990 3 2521 23.08.2019, 15:36
Ostatni post: morderca
  Prośba o sprawdzenie loga ricardo59 2 2581 24.05.2019, 14:10
Ostatni post: ricardo59

Skocz do:


Wybrane wątki (POMOCY !!!! Proszę o sprawdzenie Loga.....)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Wirus, który zmienia tapetę i motyw EmiliaPiela 19 1904 31.12.2019 14:40
Ostatni post: Illidan
Ściana Prośba o sprawdzenie logów Maciek8998 2 958 28.12.2019 17:51
Ostatni post: Maciek8998
Question Prośba o sprawdzenie logów MrMelan 1 898 28.12.2019 16:29
Ostatni post: morderca
  watchstream.best virus finestyle 1 870 28.12.2019 12:25
Ostatni post: morderca
  Sprawdzenie logów, dzięki z góry Neal 1 864 26.12.2019 16:21
Ostatni post: morderca
  prośba o sprawdzenie logów proxlee 2 1053 18.12.2019 10:31
Ostatni post: proxlee
  Laptop zawiesza się po 5 minutach od uruchomienia - prośba o ocenę logów. robert14-83 3 923 11.12.2019 14:08
Ostatni post: robert14-83
  Spowolnienie komputera, blue screen – prośba o spr. logów Gummi_bear 2 899 07.12.2019 22:12
Ostatni post: wlisik
  Prośba o sprawdzenie logów - podejrzane działanie systemu Azrael 1 1570 07.11.2019 10:33
Ostatni post: morderca
  LOGI - Prośba o sprawdzenie kamil1249 2 1481 05.11.2019 18:20
Ostatni post: kamil1249
  Wielka prośba o sprawdzenie logów (kradzież) bboygutass 3 1834 10.10.2019 13:38
Ostatni post: morderca
  Prośba o sprawdzenie logów dawcios99 1 1838 05.10.2019 19:29
Ostatni post: morderca
  Prośba o sprawdzenie logów proxlee 3 2243 17.09.2019 22:29
Ostatni post: morderca
  Proszę o sprawdzenie loga specyk1990 3 2521 23.08.2019 15:36
Ostatni post: morderca
  Prosze o sprawdzenie logów ricardo59 2 2624 08.08.2019 15:11
Ostatni post: ricardo59