Logfile of random's system information tool 1.06 (written by random/random) Run by Ja at 2010-03-28 20:30:12 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 4 GB (11%) free of 40 GB Total RAM: 3070 MB (84% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:30:16, on 2010-03-28 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\WINDOWS\system32\JMRaidTool.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SkyTel.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NetLimiter 2 Pro\nlsvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\NetLimiter 2 Pro\NLClient.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\totalcmd\TOTALCMD.EXE D:\RSIT.exe C:\Program Files\trend micro\HijackThis\Ja.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [w3dr.exe] D:\Warcraft III\w3dr.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 6659 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\RegCure Program Check.job C:\WINDOWS\tasks\RegCure.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-01 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-01 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168] "CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912] "JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-04-20 385024] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-04-24 1448960] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-01 148888] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "w3dr.exe"=D:\Warcraft III\w3dr.exe [2008-08-03 61440] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe [2007-11-14 2131392] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-20 217544] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=FFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Gadu-Gadu\gg.exe"="D:\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny" "C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher" "D:\Unreal Tournament III\Binaries\UT3.exe"="D:\Unreal Tournament III\Binaries\UT3.exe:*:Enabled:UT3" "D:\Unreal Tournament 3\Binaries\UT3.exe"="D:\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:UT3" "D:\Heroes V juhuuu\bina1\H5_Game.exe"="D:\Heroes V juhuuu\bina1\H5_Game.exe:*:Enabled:Heroes of Might and Magic V" "C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny" "D:\Warcraft III\Warcraft III.exe"="D:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "D:\Warcraft III\war3.exe"="D:\Warcraft III\war3.exe:*:Enabled:Warcraft III" "D:\Rakion\Bin\rakion.bin"="D:\Rakion\Bin\rakion.bin:*:Enabled:rakion" "D:\World of Warcraft\Repair.exe"="D:\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Uruchamia plik DLL jako aplikację" "C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver" "D:\bATTLEFIELD 2142\BF2142.exe"="D:\bATTLEFIELD 2142\BF2142.exe:*:Enabled:BF2142" "C:\Soldat\Soldat.exe"="C:\Soldat\Soldat.exe:*:Enabled:Soldat" "C:\Program Files\RndLabs\BaboViolent 2\bv2.exe"="C:\Program Files\RndLabs\BaboViolent 2\bv2.exe:*:Enabled:bv2" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "D:\Dead Spacee\Dead Space.exe"="D:\Dead Spacee\Dead Space.exe:*:Enabled:Dead Space ™" "D:\bATTLEIFELD 2142\BF2142.exe"="D:\bATTLEIFELD 2142\BF2142.exe:*:Enabled:Battlefield 2" "C:\Program Files\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V" "D:\Battle Forge\Bootstrapper.exe"="D:\Battle Forge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher" "D:\Battle Forge\BattleForge.exe"="D:\Battle Forge\BattleForge.exe:*:Enabled:BattleForge™" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Documents and Settings\Ja.ZMUD\Ustawienia lokalne\Temp\_tc\wtvClient.exe"="C:\Documents and Settings\Ja.ZMUD\Ustawienia lokalne\Temp\_tc\wtvClient.exe:*:Enabled:wtvClient" "D:\Warcraft III\Dotarank\client.exe"="D:\Warcraft III\Dotarank\client.exe:*:Enabled:client" "D:\LoL\Air\LolClient.exe"="D:\LoL\Air\LolClient.exe:*:Enabled:League of Legends Lobby" "D:\LoL\Game\League of Legends.exe"="D:\LoL\Game\League of Legends.exe:*:Enabled:League of Legends Game Client" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Riot Games\League of Legends\Air\LolClient.exe"="C:\Riot Games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby" "C:\Riot Games\League of Legends\Game\League of Legends.exe"="C:\Riot Games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client" "C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe" "C:\Program Files\LittleFighter2\LF2_v2.0a\lf2.exe"="C:\Program Files\LittleFighter2\LF2_v2.0a\lf2.exe:*:Enabled:lf2" "D:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="D:\Borderlands\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands" "C:\Program Files\PFPortChecker\PFPortChecker.exe"="C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded." "C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena" "D:\Warcraft III\Dotarank\rgc.exe"="D:\Warcraft III\Dotarank\rgc.exe:*:Enabled:rgc" "C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "D:\STeam\Steam.exe"="D:\STeam\Steam.exe:*:Enabled:Steam" "D:\STeam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="D:\STeam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2" "D:\STeam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="D:\STeam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{192f4d02-92d5-11db-8c65-806d6172696f}] shell\AutoRun\command - E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59a1cf1f-fa7c-11dc-a991-001617b426c1}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59a1cf20-fa7c-11dc-a991-001617b426c1}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe ======List of files/folders created in the last 1 months====== 2010-03-31 12:22:35 ----A---- C:\WINDOWS\ntbtlog.txt 2010-03-28 20:30:12 ----D---- C:\rsit 2010-03-28 20:26:44 ----D---- C:\Avenger 2010-03-28 20:26:44 ----A---- C:\avenger.txt 2010-03-28 20:13:04 ----RASHD---- C:\autorun.inf 2010-03-28 11:44:46 ----D---- C:\Program Files\trend micro 2010-03-27 22:11:41 ----D---- C:\Documents and Settings\Ja.ZMUD\Dane aplikacji\Malwarebytes 2010-03-27 22:11:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Malwarebytes 2010-03-27 22:11:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-27 17:09:39 ----A---- C:\WINDOWS\imsins.BAK 2010-03-27 14:08:10 ----D---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RegCure 2010-03-27 14:08:09 ----D---- C:\Program Files\RegCure 2010-03-20 23:28:26 ----A---- C:\WINDOWS\CROCCLIP.INI ======List of files/folders modified in the last 1 months====== 2010-03-30 15:01:59 ----D---- C:\WINDOWS\Minidump 2010-03-30 14:30:04 ----D---- C:\Program Files\Gadu-Gadu 2010-03-28 20:30:05 ----A---- C:\WINDOWS\wincmd.ini 2010-03-28 20:27:54 ----D---- C:\WINDOWS\Temp 2010-03-28 20:26:44 ----D---- C:\WINDOWS\system32\drivers 2010-03-28 20:26:44 ----D---- C:\WINDOWS 2010-03-28 20:20:36 ----D---- C:\WINDOWS\Prefetch 2010-03-28 20:18:06 ----D---- C:\Program Files\Mozilla Firefox 2010-03-28 13:36:08 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-28 11:44:46 ----RD---- C:\Program Files 2010-03-28 01:55:17 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-27 22:21:22 ----D---- C:\WINDOWS\Debug 2010-03-27 14:45:17 ----D---- C:\WINDOWS\system32 2010-03-27 14:45:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-03-27 14:31:39 ----D---- C:\Documents and Settings 2010-03-27 14:08:14 ----SD---- C:\WINDOWS\Tasks 2010-03-27 14:05:43 ----SHD---- C:\System Volume Information 2010-03-27 13:56:30 ----D---- C:\WINDOWS\system32\LogFiles 2010-03-25 00:02:06 ----D---- C:\Program Files\Garena 2010-03-24 23:10:10 ----D---- C:\Documents and Settings\Ja.ZMUD\Dane aplikacji\uTorrent 2010-03-20 23:27:40 ----D---- C:\WINDOWS\system32\Restore 2010-03-18 18:43:54 ----D---- C:\Documents and Settings\Ja.ZMUD\Dane aplikacji\Skype 2010-03-18 17:05:47 ----D---- C:\Documents and Settings\Ja.ZMUD\Dane aplikacji\skypePM 2010-03-17 00:05:02 ----A---- C:\WINDOWS\NeroDigital.ini 2010-03-17 00:00:37 ----HD---- C:\WINDOWS\inf 2010-03-15 00:03:36 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-03-15 00:03:36 ----D---- C:\Program Files\Movie Maker 2010-03-15 00:02:42 ----HD---- C:\WINDOWS\$hf_mig$ 2010-03-12 23:09:48 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft 2010-03-09 23:44:01 ----D---- C:\WINDOWS\system32\config 2010-03-09 23:43:47 ----D---- C:\WINDOWS\system32\wbem 2010-03-09 23:43:47 ----D---- C:\WINDOWS\Registration 2010-03-07 18:39:02 ----HD---- C:\Program Files\InstallShield Installation Information 2010-03-07 14:39:38 ----D---- C:\Documents and Settings\Ja.ZMUD\Dane aplikacji\Winamp 2010-03-06 23:49:43 ----D---- C:\Program Files\mIRC 2010-03-02 07:30:12 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys [] R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys [] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-29 278984] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-29 25416] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 project; service tool ; C:\WINDOWS\System32\Drivers\register.sys [2001-11-28 1950] S3 a8rfc1os;a8rfc1os; C:\WINDOWS\system32\drivers\a8rfc1os.sys [] S3 a9hzl4at;a9hzl4at; C:\WINDOWS\system32\drivers\a9hzl4at.sys [] S3 Bcim;Bandwidth Controller kernel component; C:\WINDOWS\system32\DRIVERS\bcim.sys [] S3 ddsxeiservice;ddsxeiservice2; \??\C:\Program Files\sXe Injected\ddsxei.sys [] S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\JAD8F9~1.ZMU\USTAWI~1\Temp\WVOF1.tmp [] S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [] S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040] S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-13 17480] S3 nm;Sterownik monitora sieci; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512] S3 NRKCTL32;NRKCTL32; \??\D:\NRKCTL32.SYS [] S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys [] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Sterownik filtru Przywracania systemu; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-01 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-04 75064] R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-07-19 188968] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------