Zaraz po tym komunikacie rozlacza sie internet i wiesi komputer
Komputer wyglada jak by mial zainstalowanego 98 a ja mam XP
HiJack
Logfile of HijackThis v1.99.1
Scan saved at 15:12:54, on 2007-12-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\G DATA AntiVirus\AVK\AVKService.exe
C:\Program Files\G DATA AntiVirus\AVK\AVKWCtl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\G DATA AntiVirus\AVKTray\AVKTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
F:\Logi\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA AntiVirus\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [hosted] C:\Windows\system32\hosted.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - G DATA Software AG - C:\Program Files\G DATA AntiVirus\AVK\AVKService.exe
O23 - Service: Strażnik AVK (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA AntiVirus\AVK\AVKWCtl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Comboscan
ComboScan v20070306.20 run by Piotrek on 2007-12-19 at 15:14:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created ComboScan Restore Point.
-- Last 5 Restore Point(s) --
34: 2007-12-19 14:14:11 UTC - RP34 - ComboScan Restore Point
33: 2007-12-18 20:14:06 UTC - RP33 - Punkt kontrolny systemu
32: 2007-12-17 15:46:12 UTC - RP32 - Punkt kontrolny systemu
31: 2007-12-15 17:14:45 UTC - RP31 - Installed Ventrilo Client
30: 2007-12-15 15:23:41 UTC - RP30 - Punkt kontrolny systemu
-- First Restore Point --
1: 2007-10-28 16:01:53 UTC - RP1 - Punkt kontrolny systemu
Performed disk cleanup.
-- HijackThis (run as Piotrek.exe) ---------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 15:14:30, on 2007-12-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\G DATA AntiVirus\AVK\AVKService.exe
C:\Program Files\G DATA AntiVirus\AVK\AVKWCtl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\G DATA AntiVirus\AVKTray\AVKTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
F:\Logi\comboscan.exe
F:\Logi\Piotrek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA AntiVirus\AVKTray\AVKTray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [hosted] C:\Windows\system32\hosted.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVKProxy - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - G DATA Software AG - C:\Program Files\G DATA AntiVirus\AVK\AVKService.exe
O23 - Service: Strażnik AVK (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA AntiVirus\AVK\AVKWCtl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-- HijackThis Fixed Entries (F:\Logi\backups\) ---------------------------------
backup-20070602-232035-661 O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
backup-20070602-232212-759 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
-- File Associations -----------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3R ALCXWDM (Service for Realtek AC97 Audio (WDM)) - C:\WINDOWS\system32\drivers\alcxwdm.sys
3R basic2 - C:\WINDOWS\system32\drivers\HSF_BSC2.sys
3R e4usbaw (USB ADSL2 WAN Adapter) - C:\WINDOWS\system32\drivers\e4usbaw.sys
2R Fallback - C:\WINDOWS\system32\drivers\HSF_FALL.sys
2R Fsks - C:\WINDOWS\system32\drivers\HSF_FSKS.sys
3R GDMnIcpt - C:\WINDOWS\system32\drivers\MiniIcpt.sys
2R GDTdiInterceptor - C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
3R HookCentre - C:\WINDOWS\system32\drivers\HookCentre.sys
3R hsf_msft - C:\WINDOWS\system32\drivers\HSF_MSFT.sys
0R IdeBusDr - C:\WINDOWS\system32\drivers\IdeBusDr.sys
0R IdeChnDr (Intel(R) Ultra ATA Controller) - C:\WINDOWS\system32\drivers\IdeChnDr.sys
2S IKANLOADER2 (General Purpose USB Driver (e4ldr.sys)) - C:\WINDOWS\system32\drivers\e4ldr.sys
2R K56 - C:\WINDOWS\system32\drivers\HSF_K56K.sys
3R MODEMCSA (Urządzenie filtru strumieniowego usługi Unimodem) - C:\WINDOWS\system32\drivers\MODEMCSA.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
3S PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCAMPR5.SYS (not found)
3S PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\PCANDIS5.SYS
3R Rksample - C:\WINDOWS\system32\drivers\HSF_SAMP.sys
3S se45bus (Sony Ericsson Device 069 driver (WDM)) - C:\WINDOWS\system32\drivers\se45bus.sys
3S se45mdfl (Sony Ericsson Device 069 USB WMC Modem Filter) - C:\WINDOWS\system32\drivers\se45mdfl.sys
3S se45mdm (Sony Ericsson Device 069 USB WMC Modem Driver) - C:\WINDOWS\system32\drivers\se45mdm.sys
3S se45mgmt (Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)) - C:\WINDOWS\system32\drivers\se45mgmt.sys
3S se45nd5 (Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)) - C:\WINDOWS\system32\drivers\se45nd5.sys
3S se45obex (Sony Ericsson Device 069 USB WMC OBEX Interface) - C:\WINDOWS\system32\drivers\se45obex.sys
3S se45unic (Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)) - C:\WINDOWS\system32\drivers\se45unic.sys
2R SoftFax - C:\WINDOWS\system32\drivers\HSF_FAXX.sys
2R SpeakerPhone - C:\WINDOWS\system32\drivers\HSF_SPKP.sys
2R Tones - C:\WINDOWS\system32\drivers\HSF_TONE.sys
3S usbccgp (Rodzajowy sterownik nadrzędny USB Microsoft) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft) - C:\WINDOWS\system32\drivers\usbehci.sys
3R USBSTOR (Sterownik magazynu masowego USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
2R V124 - C:\WINDOWS\system32\drivers\HSF_V124.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R AVKProxy - "C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe"
2R AVKService (AVK Service) - C:\Program Files\G DATA AntiVirus\AVK\AVKService.exe
2R AVKWCtl (Strażnik AVK) - C:\Program Files\G DATA AntiVirus\AVK\AVKWCtl.exe
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
3S FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
2R FTRTSVC (France Telecom Routing Table Service) - C:\WINDOWS\System32\FTRTSVC.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"
3S idsvc (Windows CardSpace) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
4S NetTcpPortSharing (Net.Tcp Port Sharing Service) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
2R NVSvc (NVIDIA Display Driver Service) - C:\WINDOWS\system32\nvsvc32.exe
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
-- Files created between 2007-11-19 and 2007-12-19 -----------------------------
2007-12-18 15:06:22 0 d--hs---- C:\FOUND.004
2007-12-16 19:18:42 572928 --a------ C:\hosted.exe
2007-12-15 18:32:55 0 d-------- C:\Automap
2007-12-15 18:14:55 0 d-------- C:\Program Files\Ventrilo
2007-12-15 18:12:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-12-06 13:29:32 0 d-------- C:\Program Files\Skype
2007-12-06 13:29:31 0 d-------- C:\Program Files\Common Files\Skype
2007-12-03 15:00:36 0 d--hs---- C:\FOUND.003
2007-11-29 18:42:10 0 d-------- C:\Program Files\Ubisoft
2007-11-23 16:10:59 0 d-------- C:\Program Files\FOTR
2007-11-22 18:50:20 0 d--hs---- C:\FOUND.002
-- Find3M Report ---------------------------------------------------------------
2007-12-15 18:18:34 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Ventrilo
2007-12-06 13:32:40 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\skypePM
2007-12-06 13:30:04 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Skype
2007-11-22 17:18:24 488194 --a------ C:\WINDOWS\system32\perfh015.dat
2007-11-22 17:18:24 83486 --a------ C:\WINDOWS\system32\perfc015.dat
2007-11-02 19:15:14 0 d-------- C:\Program Files\Disney Interactive<DISNEY~1>
2007-11-02 17:04:16 0 d-------- C:\Program Files\AWS
2007-11-02 17:04:08 0 d-------- C:\Program Files\GameSpy Arcade<GAMESP~1>
2007-11-02 16:59:34 0 dr------- C:\Program Files\Liquid Entertainment<LIQUID~1>
2007-11-01 20:18:00 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Tibia
2007-11-01 20:15:06 0 d-------- C:\Program Files\Tibia
2007-10-31 21:42:08 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Gadu-Gadu<GADU-G~1>
2007-10-31 21:41:20 0 d-------- C:\Program Files\Gadu-Gadu<GADU-G~1>
2007-10-31 21:32:06 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Media Player Classic<MEDIAP~1>
2007-10-31 21:04:06 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Teleca
2007-10-31 21:02:38 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Sony Ericsson<SONYER~1>
2007-10-31 20:50:58 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared<SONYER~1>
2007-10-31 20:50:50 0 d-------- C:\Program Files\Common Files\Teleca Shared<TELECA~1>
2007-10-31 20:50:48 0 d-------- C:\Program Files\Sony Ericsson<SONYER~1>
2007-10-31 17:28:54 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Google
2007-10-30 21:28:10 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Adobe
2007-10-29 21:36:22 1156 --a------ C:\WINDOWS\mozver.dat
2007-10-29 17:58:50 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Opera
2007-10-29 17:57:28 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Talkback
2007-10-29 17:57:18 0 --a------ C:\WINDOWS\nsreg.dat
2007-10-29 17:57:12 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Mozilla
2007-10-29 17:49:14 0 d-------- C:\Program Files\Opera
2007-10-29 17:48:34 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-10-29 16:48:22 0 d-------- C:\Program Files\SAGEM
2007-10-29 16:44:54 0 d-------- C:\Program Files\neostrada tp<NEOSTR~1>
2007-10-29 16:44:28 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Macromedia<MACROM~1>
2007-10-29 16:41:06 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\CyberLink<CYBERL~1>
2007-10-29 16:19:20 0 d-------- C:\Program Files\directx
2007-10-29 16:01:08 0 d-------- C:\Program Files\3DO
2007-10-28 18:11:44 581 --a------ C:\WINDOWS\eReg.dat
2007-10-28 18:00:24 0 d-------- C:\Program Files\Maxis
2007-10-28 17:52:54 0 d-------- C:\Program Files\Microsoft Works<MICROS~4>
2007-10-28 17:52:12 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-10-28 17:44:54 0 d-------- C:\Program Files\G DATA AntiVirus<GDATAA~1>
2007-10-28 17:44:54 0 d-------- C:\Program Files\Common Files\G DATA<GDATA~1>
2007-10-28 17:44:36 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\InstallShield<INSTAL~1>
2007-10-28 17:43:40 34 --a------ C:\Turbo Mahjonggpath.sys<TURBOM~1.SYS>
2007-10-28 17:43:40 0 d-------- C:\Program Files\Turbo Mahjongg<TURBOM~1>
2007-10-28 17:41:28 0 d-------- C:\Program Files\CyberLink<CYBERL~1>
2007-10-28 17:39:26 0 d-------- C:\Program Files\MSBuild
2007-10-28 17:38:54 0 d-------- C:\Program Files\Common Files\ODBC
2007-10-28 17:38:52 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-10-28 17:38:24 62 --ahs---- C:\Documents and Settings\Piotrek\Dane aplikacji\desktop.ini
2007-10-28 17:38:04 0 d---s---- C:\Documents and Settings\Piotrek\Dane aplikacji\Microsoft<MICROS~1>
2007-10-28 17:32:14 0 d-------- C:\Program Files\Reference Assemblies<REFERE~1>
2007-10-28 17:25:44 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Ahead
2007-10-28 17:24:50 0 d-------- C:\Program Files\Common Files\Ahead
2007-10-28 17:24:46 0 d-------- C:\Program Files\Ahead
2007-10-28 17:23:26 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\FastStone<FASTST~1>
2007-10-28 17:23:18 0 d-------- C:\Program Files\FastStone Image Viewer<FASTST~1>
2007-10-28 17:22:08 0 d-------- C:\Program Files\eMule
2007-10-28 17:20:20 0 d-------- C:\Program Files\MarBit
2007-10-28 17:19:18 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-28 17:17:44 0 d-------- C:\Program Files\AVIcodec
2007-10-28 17:17:20 0 d-------- C:\Program Files\Google
2007-10-28 17:16:46 0 d-------- C:\Program Files\K-Lite Codec Pack<K-LITE~1>
2007-10-28 17:15:00 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Sun
2007-10-28 17:14:50 0 d-------- C:\Program Files\Java
2007-10-28 17:14:50 0 d-------- C:\Program Files\Common Files\Java
2007-10-28 17:14:26 0 d-------- C:\Program Files\Intel Desktop Board<INTELD~1>
2007-10-28 17:13:06 8 --a------ C:\WINDOWS\system32\nvModes.dat
2007-10-28 17:07:08 0 d-------- C:\Program Files\Realtek Sound Manager<REALTE~2>
2007-10-28 17:07:08 0 d-------- C:\Program Files\AvRack
2007-10-28 17:06:58 0 d-------- C:\Program Files\Realtek AC97<REALTE~1>
2007-10-28 17:06:22 0 d-------- C:\Program Files\Intel
2007-10-28 17:05:46 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-10-28 17:05:40 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-10-28 17:01:40 0 d-------- C:\Documents and Settings\Piotrek\Dane aplikacji\Identities<IDENTI~1>
2007-10-28 16:52:48 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-10-28 16:52:20 0 -rahs---- C:\MSDOS.SYS
2007-10-28 16:52:20 0 -rahs---- C:\IO.SYS
2007-10-28 16:52:20 0 --a------ C:\CONFIG.SYS
2007-10-28 16:52:20 0 --a------ C:\AUTOEXEC.BAT
2007-10-28 16:50:38 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-10-28 16:50:34 0 d-------- C:\Program Files\Usługi online<USŁUGI~1>
2007-10-28 16:49:40 0 d-------- C:\Program Files\Common Files\MSSoap
2007-10-28 16:49:28 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-10-28 16:48:12 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-10-28 16:47:40 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-10-28 16:47:36 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-10-28 16:47:06 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
-- Registry Dump ---------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Gadu-Gadu"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"AVKTray"="\"C:\\Program Files\\G DATA AntiVirus\\AVKTray\\AVKTray.exe\""
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"WOOWATCH"="C:\\PROGRA~1\\NEOSTR~1\\Watch.exe"
"WOOTASKBARICON"="C:\\PROGRA~1\\NEOSTR~1\\GestMaj.exe TaskBarIcon.exe"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"hosted"="C:\\Windows\\system32\\hosted.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
-- End of ComboScan: finished at 2007-12-19 at 15:15:25 ------------------------
Silent Runners
"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"lxcgmon.exe" = ""C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"" ["Lexmark International, Inc."]
"EzPrint" = ""C:\Program Files\Lexmark 2300 Series\ezprint.exe"" ["Lexmark International Inc."]
"FaxCenterServer" = ""C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s" [null data]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"LVCOMSX" = "C:\WINDOWS\System32\LVCOMSX.EXE" ["Logitech Inc."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"BigDogPath" = "C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam" ["BIGDOG"]
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"LXCGCATS" = "rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\WinRAR\rarext.dll" [null data]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\WinRAR\rarext.dll" [null data]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}
"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "Maciek" & "All Users" startup folders:
--------------------------------------------------------
C:\Documents and Settings\Maciek\Menu Start\Programy\Autostart
"Adobe Gamma" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
"Configuration & Monitor Utility" -> shortcut to: "C:\Program Files\WLAN\802.11 Wireless LAN\WlanMonitor.exe" ["ATMEL"]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"BlueSoleil" -> shortcut to: "E:\IVT Corporation\BlueSoleil\BlueSoleil.exe" ["IVT Corporation"]
"Kalendarz XP" -> shortcut to: "C:\Program Files\Kalendarz XP\Kalendarz.exe" [null data]
"TrayMin210.exe" -> shortcut to: "C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe" [empty string]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\System32\imon.dll ["Eset "], 01 - 05, 21
%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 11 - 20
%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll" ["Sun Microsystems, Inc."]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
BlueSoleil Hid Service, BlueSoleil Hid Service, "E:\IVT Corporation\BlueSoleil\BTNtService.exe" [null data]
LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" ["Hewlett-Packard Company"]
Logitech Process Monitor, LVPrcSrv, "c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe" ["Logitech Inc."]
lxcg_device, lxcg_device, "C:\WINDOWS\System32\lxcgcoms.exe -service" [" "]
MioNet Service, MioNet, ""C:\Program Files\MioNet\MioNetManager.exe" -s "C:\Program Files\MioNet\wrapper.conf"" [null data]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
Print Monitors:
---------------
HKLM\System\CurrentControlSet\Control\Print\Monitors\
2300 Series Port\Driver = "lxcglmpm.DLL" [" "]
Lexmark Print-2-Fax Port\Driver = "LXPRMON.DLL" [null data]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 4197 seconds, including 5 seconds for message boxes)
