. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17 Run by Koniczynka at 18:55:58 on 2012-04-20 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1526.851 [GMT 2:00] . AV: G Data AntiVirus 2012 *Enabled/Updated* {71310606-6F3B-49F2-9A81-8315AA75FBB3} FW: Norton Internet Worm Protection *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Java\jre6\bin\jucheck.exe c:\windows\system32\cidaemon.exe c:\windows\system32\cidaemon.exe C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.gazeta.pl/0,0.html?p=135 uSearch Page = uSearch Bar = uInternet Settings,ProxyServer = 208.69.147.43:80 mSearchAssistant = BHO: G Data WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - c:\program files\g data\antivirus\webfilter\AVKWebIE.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: YouTube To ALLPlayer: {61db16c5-b733-43f4-872e-b20dc9e72740} - c:\progra~1\allpla~1\YOUTUB~1.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: G Data BankGuard: {ba3295cf-17ed-4f49-9e95-d999a0adbfdc} - c:\program files\common files\g data\avkproxy\BanksafeBHO.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: IplexToALLPlayer: {df925ef3-7a87-44e4-9caf-8d7b280bf616} - c:\progra~1\allpla~1\iplex\IPLEXT~1.DLL BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No File TB: G Data WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - c:\program files\g data\antivirus\webfilter\AVKWebIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [ALLUpdate] "c:\program files\allplayer\ALLUpdate.exe" "sleep" mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe mRun: [RecGuard] c:\windows\sminst\RecGuard.exe mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd.exe" mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [G Data AntiVirus Tray Application] c:\program files\g data\antivirus\avktray\AVKTray.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\konicz~1.pc1\menust~1\programy\autost~1\tworze~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Wyślij do interfejsu &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239922137065 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262954427718 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 0.0.0.0 TCP: Interfaces\{26A55E20-96B5-412E-8DCF-47F4E51F784A} : DhcpNameServer = 192.168.1.1 0.0.0.0 Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\koniczynka.pc145382213120\dane aplikacji\mozilla\firefox\profiles\5qzbmm13.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - component: c:\program files\mozilla firefox\extensions\{9aa46f4f-4dc7-4c06-97af-5035170633fe}\components\AvkWebFilterFF.dll FF - plugin: c:\documents and settings\all users\dane aplikacji\gadu-gadu 10\_userdata\npgg.3.dll FF - plugin: c:\documents and settings\all users\dane aplikacji\gadu-gadu 10\_userdata\nppl3260.dll FF - plugin: c:\documents and settings\all users\dane aplikacji\gadu-gadu 10\_userdata\nprpjplug.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll . ============= SERVICES / DRIVERS =============== . R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-6 40440] R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-6 79608] R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-12 69112] R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-6 39544] R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-4-24 16688] R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\common files\g data\avkproxy\AVKProxy.exe [2011-6-17 1499656] R2 AVKService;G Data Scheduler;c:\program files\g data\antivirus\avk\AVKService.exe [2011-6-17 409608] R2 AVKWCtl;G Data Strażnik systemu plików;c:\program files\g data\antivirus\avk\AVKWCtl.exe [2011-5-3 1371904] R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2011-11-6 52216] R3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [2006-6-6 61952] R3 GDScan;G Data Scanner;c:\program files\common files\g data\gdscan\GDScan.exe [2011-6-17 360768] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-31 253088] S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336] . =============== Created Last 30 ================ . 2012-04-08 12:54:55 -------- d-----w- c:\program files\JDownloader 2012-04-08 06:52:52 -------- d-----w- c:\program files\Real Alternative 2012-04-08 06:52:52 -------- d-----w- c:\documents and settings\koniczynka.pc145382213120\ustawienia lokalne\dane aplikacji\Real 2012-04-07 19:49:15 -------- d-----w- c:\documents and settings\koniczynka.pc145382213120\ustawienia lokalne\dane aplikacji\ALLConverter 2012-04-07 19:48:39 -------- d-----w- c:\program files\NapiProjekt 2012-04-07 19:48:39 -------- d-----w- c:\program files\ALLConverter PRO 2012-04-07 19:47:58 644608 ----a-w- c:\windows\system32\xvidcore.dll 2012-04-07 19:47:57 797184 ----a-w- c:\windows\system32\ac3filter.ax 2012-03-30 23:32:16 -------- d-----w- c:\documents and settings\koniczynka.pc145382213120\dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2012-03-30 23:32:13 -------- d-----w- c:\program files\e-Deklaracje 2012-03-30 23:29:48 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-23 16:00:45 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-03-23 16:00:45 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll . ==================== Find3M ==================== . 2012-04-19 22:38:33 613213 ----a-w- c:\windows\system32\sig.bin 2012-04-14 11:58:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-08 06:57:45 258048 ----a-w- c:\windows\system32\libFLAC.dll . ============= FINISH: 18:56:26,26 ===============