Logfile of random's system information tool 1.09 (written by random/random) Run by Administrator at 2012-08-10 16:59:19 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 68 GB (68%) free of 100 GB Total RAM: 2047 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:59:25, on 2012-08-10 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\opsrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Opiekun\optray.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\vsnp325.exe C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\PC Tools Security\BDT\FGuard.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe d:\Moje dokumenty\Downloads\RSIT.exe C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Program Files\trend micro\Administrator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe O4 - HKLM\..\Run: [AutoRegisterCerts] "C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe" /AUTORUN O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - S-1-5-18 Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'Default user') O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pobierz za pomocą Mega Manager... - E:\mm_file.htm O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\oplsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\oplsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\oplsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\oplsp.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1309155648687 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Opiekun (OpSrv) - SoftStory - C:\WINDOWS\system32\opsrv.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O24 - Desktop Component 0: (no name) - http://konto.gazeta.pl/info/cookie_profil.js -- End of file - 13723 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1229272821-682003330-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1229272821-682003330-500UA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{17CE8D6D-366F-41AD-9F55-74AEA01184C4}.job C:\WINDOWS\tasks\WGASetup.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\xzrlrwxf.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q=" "{cb84136f-9c44-433a-9048-c5cd9df1dc16}"=C:\Program Files\PC Tools Security\BDT\FireFox\ "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=Wtyczka wykrywacza iTunes "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"=DivX Plus Web Player "Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69] "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In "Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69] "Description"=6.0.12.69 "Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ aboutCertError.js aboutPrivateBrowsing.js aboutRights.js aboutRobots.js aboutSessionRestore.js browser.xpt browserdirprovider.dll brwsrcmp.dll compreg.dat FeedConverter.js FeedProcessor.js FeedWriter.js fuelApplication.js jsconsole-clhandler.js NetworkGeolocationProvider.js nppl3260.xpt nsAddonRepository.js nsBadCertHandler.js nsBlocklistService.js nsBrowserContentHandler.js nsBrowserGlue.js nsContentDispatchChooser.js nsContentPrefService.js nsDefaultCLH.js nsDownloadManagerUI.js nsExtensionManager.js nsHandlerService.js nsHelperAppDlg.js nsIQTScriptablePlugin.xpt nsJSRealPlayerPlugin.xpt nsLivemarkService.js nsLoginInfo.js nsLoginManager.js nsLoginManagerPrompter.js nsMicrosummaryService.js nsPlacesDBFlush.js nsPlacesTransactionsService.js nsPostUpdateWin.js nsPrivateBrowsingService.js nsProxyAutoConfig.js nsSafebrowsingApplication.js nsSearchService.js nsSearchSuggestions.js nsSessionStartup.js nsSessionStore.js nsSetDefaultBrowser.js nsSidebar.js nsTaggingService.js nsTryToClose.js nsUpdateService.js nsUrlClassifierLib.js nsUrlClassifierListManager.js nsURLFormatter.js nsWebHandlerApp.js pluginGlue.js storage-Legacy.js storage-mozStorage.js txEXSLTRegExFunctions.js WebContentConverter.js C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll npnul32.dll nppdf32.dll nppl3260.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll npqtplugin8.dll nprpjplug.dll QuickTimePlugin.class C:\Program Files\Mozilla Firefox\searchplugins\ allegro-pl.xml babylon.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\xzrlrwxf.default\extensions\ cacaoweb@cacaoweb.org DTToolbar@toolbarnet.com ffxtlbr@babylon.com {40a1f5d7-afc2-498f-b264-02668d616ff6} C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\xzrlrwxf.default\searchplugins\ bing.xml daemon-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}] PC Tools Browser Guard BHO - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-01-07 1132496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-24 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-18 192112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-12 1003576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-24 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-24 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800] {472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-01-07 1132496] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-18 192112] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792] {eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544] "FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480] "snp325"=C:\WINDOWS\vsnp325.exe [2007-04-25 835584] "AutoRegisterCerts"=C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe [2009-04-08 114440] "DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152] "vilaunch"=C:\WINDOWS\system32\vilaunch.exe [2009-09-09 146412] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "PCTools FGuard"=C:\Program Files\PC Tools Security\BDT\FGuard.exe [2011-01-07 108496] "QuickTime Task"=C:\Program Files\QuickTime Alternative\qttask.exe [2010-11-29 421888] "DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-06-07 421776] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-06-09 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-19 39408] "ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-07-14 1961984] "Google Update"=C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2012-07-11 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe -noplayer [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2009-06-09 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /installquiet [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-07-20 847872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe [2006-05-03 36975] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office10\OSA.EXE -b -l [] C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-06-09 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableStatusMessages"=1 "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "ForceClassicControlPanel"=1 "NoInstrumentation"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDesktopCleanupWizard"=1 "NoRun"=0 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed" "D:\gg\Gadu-Gadu 10\gg.exe"="D:\gg\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:Konfiguracja urządzenia HP" "C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Deskjet 3000 J310 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:Komunikator sieciowy HP" "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " "C:\Program Files\cacaoweb\cacaoweb.exe"="C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb" "d:\Moje dokumenty\Downloads\cacaoweb (1).exe"="d:\Moje dokumenty\Downloads\cacaoweb (1).exe:*:Enabled:cacaoweb" "C:\Program Files\ChomikBox\chomikbox.exe"="C:\Program Files\ChomikBox\chomikbox.exe:*:Enabled:ChomikBox" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV" "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace" "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote" "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "VIDC.I420"=lvcodec2.dll "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "VIDC.YVYU"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=DivX.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll "MSVideo8"=VfWWDM32.dll "MSVideo"=vfwwdm32.dll "vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll "vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll "vidc.DIVX"=DivX.dll ======List of files/folders created in the last 1 month====== 2012-08-10 16:59:19 ----D---- C:\rsit 2012-08-10 11:55:19 ----A---- C:\TDSSKiller.2.7.48.0_10.08.2012_11.55.19_log.txt 2012-08-10 11:53:12 ----A---- C:\WINDOWS\explorer.exe 2012-08-10 10:15:07 ----A---- C:\WINDOWS\EurekaLog.ini 2012-08-10 10:07:58 ----D---- C:\_OTL 2012-08-09 22:02:33 ----A---- C:\TDSSKiller.2.7.48.0_09.08.2012_22.02.33_log.txt 2012-08-09 21:41:39 ----A---- C:\TDSSKiller.2.7.48.0_09.08.2012_21.41.39_log.txt 2012-08-09 16:08:14 ----A---- C:\TDSSKiller.2.7.48.0_09.08.2012_16.08.14_log.txt 2012-08-09 13:28:11 ----D---- C:\Program Files\Trend Micro 2012-08-09 12:17:37 ----D---- C:\Program Files\iPod 2012-08-09 12:16:17 ----D---- C:\Program Files\Apple Software Update 2012-08-09 12:15:41 ----D---- C:\Program Files\Bonjour ======List of files/folders modified in the last 1 month====== 2012-08-10 16:56:05 ----HD---- C:\WINDOWS\Temp 2012-08-10 16:48:04 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2012-08-10 14:39:10 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-08-10 14:02:20 ----SHD---- C:\WINDOWS\Installer 2012-08-10 13:55:47 ----D---- C:\WINDOWS\Prefetch 2012-08-10 13:51:32 ----D---- C:\Program Files\Mozilla Firefox 2012-08-10 11:59:22 ----D---- C:\WINDOWS 2012-08-10 11:58:21 ----D---- C:\WINDOWS\system32\CatRoot2 2012-08-10 11:55:19 ----D---- C:\WINDOWS\system32\drivers 2012-08-10 11:46:46 ----D---- C:\Program Files\EA GAMES 2012-08-10 10:08:43 ----D---- C:\WINDOWS\system32 2012-08-10 10:08:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SoftStory 2012-08-10 10:08:00 ----SD---- C:\WINDOWS\Tasks 2012-08-09 13:28:11 ----RD---- C:\Program Files 2012-08-09 13:13:35 ----D---- C:\WINDOWS\SoftwareDistribution 2012-08-09 12:18:17 ----D---- C:\Program Files\iTunes 2012-08-09 12:18:03 ----D---- C:\WINDOWS\system32\CatRoot 2012-08-09 12:17:34 ----D---- C:\Program Files\Common Files\Apple 2012-08-09 12:16:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple 2012-08-09 12:16:06 ----DC---- C:\WINDOWS\system32\DRVSTORE 2012-08-09 12:16:05 ----HD---- C:\WINDOWS\inf 2012-08-09 10:49:16 ----SHD---- C:\System Volume Information 2012-08-09 10:49:16 ----D---- C:\WINDOWS\system32\Restore 2012-08-09 10:33:29 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2012-08-09 10:25:45 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer 2012-08-08 15:06:06 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Media Player Classic 2012-08-06 16:48:15 ----A---- C:\WINDOWS\NeroDigital.ini 2012-08-05 14:07:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp 2012-08-05 14:07:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite 2012-08-05 14:06:43 ----D---- C:\WINDOWS\Logs 2012-08-05 14:01:30 ----D---- C:\Program Files\CCleaner 2012-08-04 14:51:08 ----D---- C:\Program Files\Szkola na miare klasa 2a 2012-08-04 14:50:20 ----D---- C:\Program Files\Common Files\PC Tools 2012-08-04 14:48:54 ----D---- C:\Program Files\DownloadManager 2012-07-11 17:20:54 ----D---- C:\Program Files\Google ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Jraid;Jraid; C:\WINDOWS\system32\DRIVERS\jraid.sys [2009-09-24 65152] R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2009-09-24 105344] R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-09 145952] R0 ohci1394;Kontroler hosta IEEE 1394 VIA zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2009-06-09 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648] R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2009-09-24 62208] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-24 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256] R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2012-07-03 18544] R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2009-06-09 12032] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-07-25 247296] R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2009-06-09 144384] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856] R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S2 CARMANSCAN_II;CARMANSCAN_xp.sys PDIUSBD12 Bulk IO driver; C:\WINDOWS\System32\Drivers\CARMANSCAN_xp.sys [2008-04-08 16908] S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2006-03-24 33536] S3 ao935gnh;ao935gnh; C:\WINDOWS\system32\drivers\ao935gnh.sys [] S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2009-09-24 60800] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [] S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [] S3 LVUVC;QuickCam Pro for Notebooks(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2009-09-24 61824] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-26 10343168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984] S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;Urządzenie wideo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-06-09 38528] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808] R2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe [2011-01-07 247760] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-24 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216] R2 OpSrv;Opiekun; C:\WINDOWS\system32\opsrv.exe [2010-12-03 861696] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-06-09 14336] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 821648] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03 135664] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864] S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03 135664] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-19 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880] -----------------EOF-----------------