Zawirusowany pendrive

15 kwietnia 2012

Wkurza mnie ten pendrive. Kupiłem go nie dawno na allegro i potem chcąc przenieść gry na kompa (z laptopa), bo mi nie działa stacja płyt, to sie zawirusował. Jednak potem go sformatowałem i było OK. Jednak gdy poszłem zgrać grę na pendriva, to u kumpla wyskoczyły pliki "Porn", "Sexy", "Passwords", czyli ten mój wirus. Zapomniałem dodać, że laptop ma wirusa z facebooka, bo moja lewa siostra nie wie, że w linki typu dvd.ipad, czy coś (właśnie w takie kliknęła) się nie klika! Nie wiem co mam robić, wszystkie pliki jakie mam wtedy na tym pendrive są zarażone i w foldery nie da się wejść. Nie otwierają się, lub czasem zmieniają się na .exe
Daje log z OTL, całego kompa, bo nie wiem jak zrobić i czym, żeby był skan pendrive, i dodatkowo boję się, że ten wir wejdzie na kompa. Czym mam to zeskanować? I pierwsze to mogę sformatować pena, dla bezpieczeństwa, a potem dopiero skan?

Log: [log]OTL logfile created on: 2012-04-15 14:56:38 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 73,12% Memory free
3,10 Gb Paging File | 2,48 Gb Available in Paging File | 80,15% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,74 Gb Total Space | 25,75 Gb Free Space | 48,82% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 67,68 Gb Free Space | 86,63% Space Free | Partition Type: NTFS
Drive E: | 18,18 Gb Total Space | 9,72 Gb Free Space | 53,46% Space Free | Partition Type: NTFS
Drive H: | 661,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-BDFB88E32823 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-15 14:55:32 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie\OTL.exe
PRC - [2012-03-22 21:05:58 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011-11-29 21:58:46 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 03:53:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-09-08 18:23:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 03:51:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2008-04-14 20:21:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-07-20 15:14:18 | 000,598,016 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\RaUI.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-04 07:54:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-03-29 08:59:57 | 008,797,344 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_6c825ce.dll
MOD - [2012-03-22 21:05:57 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-12-21 18:30:55 | 000,115,137 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
MOD - [2011-11-30 20:11:08 | 001,159,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
MOD - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011-11-29 08:48:25 | 000,758,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
MOD - [2011-11-29 08:48:14 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011-11-27 16:52:46 | 017,632,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3989b4ca6cf904061992daec9e7d5644\PresentationFramework.ni.dll
MOD - [2011-11-27 16:51:42 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\0b4eef4cf57751f56d89ff0314ee06b0\PresentationFramework.Luna.ni.dll
MOD - [2011-11-27 16:48:47 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2011-11-27 16:47:47 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011-11-27 16:47:08 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011-11-27 16:47:01 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011-11-27 16:46:43 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011-11-27 16:46:22 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011-11-27 16:46:09 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011-11-27 16:45:42 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011-11-08 22:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2007-08-21 14:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-03-29 08:59:57 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-06-19 19:56:16 | 004,122,968 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-03-10 19:14:40 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-27 03:25:48 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2011-10-27 03:25:48 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2011-10-27 03:25:48 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2011-10-27 03:25:48 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2011-10-27 03:25:44 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011-10-27 03:25:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2011-10-27 03:25:44 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2011-10-18 17:23:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011-10-07 03:53:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 03:51:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-09-13 04:00:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 03:38:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-10 22:44:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-10 22:44:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-10 22:44:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-10 22:44:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-07-06 08:43:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-11-18 04:47:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 04:46:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2005-07-01 09:52:00 | 000,339,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2002-07-17 06:23:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://start.facemoods.com/?a=ddr"]http://start.facemoods.com/?a=ddr[/url]
IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = [url="http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\WACICI~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-02 11:02:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 21:05:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-14 15:36:31 | 000,000,000 | ---D | M]

[2011-11-16 10:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions
[2012-03-20 16:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions
[2012-03-20 16:42:17 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012-03-10 17:37:32 | 000,000,000 | ---D | M] (DealBulldog Toolbar) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012-01-07 11:03:50 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\ffxtlbr@Facemoods.com
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZQL6VYW.DEFAULT\EXTENSIONS\{6AC85730-7D0F-4DE0-B3FA-21142DD85326}
[2012-04-14 09:11:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012-03-22 21:05:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-14 09:11:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-11-05 05:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-12-31 20:08:22 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-11-05 05:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011-11-05 05:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-11-05 05:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-11-05 05:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-11-05 05:41:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-28 23:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe File not found
O4 - HKCU..\Run: [Nickelback - This Means War (www.Miotacz-Muzy.pl)] G:\Nickelback - This Means War (www.Miotacz-Muzy.pl).exe /J File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{795B1BCF-3570-4CD4-98E3-A7D01E41B5FF}: DhcpNameServer = 192.168.88.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-05-18 09:19:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-14 11:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\allow_htm
[2012-04-14 10:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\cp
[2012-04-14 09:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-04-14 09:11:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-14 09:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-12 18:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\style
[2012-04-12 18:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\img
[2012-04-12 18:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ruins
[2012-04-11 16:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\pm
[2012-04-11 16:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\sub
[2012-04-08 20:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\PunPortal by Rudik Polish
[2012-04-07 10:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Nowy folder
[2012-04-06 16:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\famfam
[2012-04-03 17:21:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\naild
[2012-04-03 17:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deep Silver
[2012-04-03 17:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Deep Silver
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\PowerChallenge
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2012-03-30 15:59:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ikony
[2012-03-30 13:14:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
[2012-03-29 08:59:57 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-25 16:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SCREEN2EXE
[2012-03-25 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\SCREEN2EXE
[2012-03-24 21:58:27 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2012-03-24 21:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\WINDOWS
[2012-03-21 15:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\desski
[2012-03-20 18:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-03-20 18:23:18 | 000,000,000 | R--D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\Moje wideo
[2012-03-19 19:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Zdj. PBF
[2012-03-18 09:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Texty na PBF
[2012-03-17 18:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games
[2012-03-16 19:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\formularz
[2012-03-16 19:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-15 14:18:35 | 000,488,970 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-04-15 14:18:35 | 000,432,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-04-15 14:18:35 | 000,083,904 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-04-15 14:18:35 | 000,066,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-04-15 14:13:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-04-15 09:31:24 | 095,039,553 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-04-14 19:37:30 | 316,684,881 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 18:05:13 | 000,107,542 | ---- | M] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-14 18:05:13 | 000,010,170 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-14 10:59:43 | 000,032,670 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-14 10:06:38 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-14 09:11:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012-04-14 09:11:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:38 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-13 18:31:13 | 000,056,758 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-11 22:11:30 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Word 2003.lnk
[2012-04-11 20:42:03 | 000,067,927 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:38:15 | 000,016,330 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-10 20:30:53 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-04-10 19:21:55 | 000,185,718 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 14:02:10 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 18:57:55 | 000,180,988 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-04-08 17:53:14 | 000,009,341 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-05 17:11:05 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-04-05 17:07:58 | 000,039,438 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 17:06:37 | 000,011,418 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 17:05:13 | 000,036,989 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:42:59 | 000,034,375 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:39:54 | 000,027,897 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:29:42 | 000,169,431 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:22:04 | 000,243,839 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-29 08:59:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-29 08:59:57 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-03-27 19:20:42 | 000,259,907 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-27 10:03:45 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-25 17:11:09 | 000,001,527 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:31:31 | 001,297,345 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:11 | 000,604,162 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk
[2012-03-16 19:33:44 | 000,385,513 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\papirus.png
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-14 18:50:00 | 316,684,881 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 18:05:13 | 000,107,542 | ---- | C] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-14 10:59:42 | 000,032,670 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-11 20:42:02 | 000,067,927 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:35:48 | 000,016,330 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-11 16:17:37 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-10 19:21:54 | 000,185,718 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 19:49:02 | 000,010,170 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-09 14:02:10 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 17:53:14 | 000,009,341 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-07 12:34:43 | 000,056,758 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-05 16:29:41 | 000,169,431 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:28:45 | 000,011,418 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 16:26:19 | 000,034,375 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:25:02 | 000,036,989 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:23:45 | 000,027,897 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:22:11 | 000,039,438 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 16:22:03 | 000,243,839 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-27 19:20:41 | 000,259,907 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-25 17:11:09 | 000,001,527 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:29:52 | 001,297,345 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:09 | 000,604,162 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk
[2012-03-16 19:33:43 | 000,385,513 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\papirus.png
[2012-03-10 19:06:58 | 000,000,083 | ---- | C] () -- C:\WINDOWS\Wwp.INI
[2012-02-14 19:20:27 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-31 20:08:33 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-12-21 22:48:00 | 001,004,846 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1343024091-651377827-839522115-1003-0.dat
[2011-12-21 22:47:59 | 000,253,630 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-12-15 20:07:43 | 000,044,280 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011-12-13 19:11:54 | 000,134,130 | ---- | C] () -- C:\WINDOWS\ColorPic Uninstaller.exe
[2011-11-29 17:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011-11-29 17:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-11-29 17:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-11-29 17:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-11-29 17:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-11-17 14:44:37 | 000,126,063 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2011-11-17 14:44:37 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2011-11-16 10:23:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-16 10:23:47 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-16 10:23:47 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-16 10:23:47 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-16 10:16:06 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-11-16 09:26:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-11-16 09:26:04 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-11-16 08:39:31 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011-07-07 21:07:28 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-05 20:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-12-31 20:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-11-16 09:07:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-03-10 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-03-11 16:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-11-17 17:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-04-15 09:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-03-04 18:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-03-04 18:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2011-12-19 20:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-04-13 16:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin
[2011-12-21 18:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-03-02 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\.minecraft
[2011-11-16 09:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-12-31 20:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Babylon
[2012-01-01 11:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BabylonToolbar
[2012-03-10 19:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite
[2011-11-16 09:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\driveridentifier
[2012-01-07 18:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\facemoods.com
[2012-04-14 18:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
[2011-11-19 11:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu 10
[2012-04-14 18:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\gtk-2.0
[2011-11-17 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\LolClient
[2012-02-17 18:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Nvu
[2011-12-18 14:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenFM
[2012-03-11 16:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Origin
[2012-04-01 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2008-05-18 08:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PWNEncy2006
[2011-12-21 18:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Samsung
[2012-03-10 17:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Toolbar4

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

[/log]

15 kwietnia 2012

[quote]Czym mam to zeskanować?[/quote]
Pobierz USBfix http://eldesaparecido.com/tools/UsbFix.exe
podepnij urządzenia wymienne i wykonaj skan z opcji [b]Listing[/b]

Log z OTL jest z tego lapka, czy z innego komputera?

15 kwietnia 2012

Skan jest z komputera nie z laptopa.
Skan z USBfix:
[log]############################## | UsbFix V 7.087 | [Listing]

User: Właściciel (Administrator) # PC-BDFB88E32823
Updated 05/04/2012 by El Desaparecido
Started at 16:39:41 | 15/04/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) D CPU 3.20GHz (3215)
RAM -> [ Total : 2559 | Free : 1705 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 53 Gb (26 Mb free - 49%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 78 Gb (68 Mb free - 87%) [DANE] # NTFS
E:\ -> Fixed drive # 18 Gb (10 Mb free - 53%) [DOKUMENTY] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 7 Gb (4 Mb free - 57%) [] # FAT32
H:\ -> CD-ROM

################## | Listing |

[21/12/2011 - 16:56:36 | HD ] C:\$AVG
[16/11/2011 - 08:34:19 | D ] C:\ATI
[18/05/2008 - 09:19:04 | A | 0] C:\AUTOEXEC.BAT
[18/05/2008 - 09:14:38 | SH | 211] C:\boot.ini
[28/09/2002 - 23:00:00 | RASH | 4952] C:\Bootfont.bin
[14/04/2012 - 09:12:01 | HD ] C:\Config.Msi
[18/05/2008 - 09:19:04 | A | 0] C:\CONFIG.SYS
[16/11/2011 - 09:26:59 | D ] C:\Documents and Settings
[01/02/2012 - 17:24:18 | D ] C:\games
[18/12/2011 - 14:20:23 | D ] C:\GAMIGO
[18/05/2008 - 07:30:32 | D ] C:\Intel
[18/05/2008 - 09:19:04 | RASH | 0] C:\IO.SYS
[18/05/2008 - 09:19:04 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/11/2011 - 08:56:38 | RASH | 251152] C:\ntldr
[16/11/2011 - 09:25:18 | D ] C:\NVIDIA
[15/04/2012 - 14:13:17 | ASH | 805306368] C:\pagefile.sys
[14/04/2012 - 09:11:35 | RD ] C:\Program Files
[11/03/2012 - 11:58:30 | D ] C:\ProgramData
[16/11/2011 - 08:32:12 | SHD ] C:\RECYCLER
[17/11/2011 - 18:40:31 | D ] C:\Riot Games
[15/02/2012 - 11:00:08 | SHD ] C:\System Volume Information
[15/04/2012 - 16:39:42 | D ] C:\UsbFix
[15/04/2012 - 16:39:43 | A | 805] C:\UsbFix.txt
[31/12/2011 - 20:08:39 | A | 237] C:\user.js
[18/05/2008 - 07:44:19 | D ] C:\VPlayer
[03/04/2012 - 18:21:52 | D ] C:\WINDOWS
[07/01/2012 - 10:30:19 | HD ] D:\$AVG
[12/03/2012 - 13:29:15 | D ] D:\Documents and Settings
[10/04/2012 - 10:31:36 | D ] D:\Dragonmt2
[28/12/2011 - 12:54:24 | D ] D:\LC
[28/11/2011 - 21:16:38 | HD ] D:\msdownld.tmp
[31/01/2012 - 17:23:47 | D ] D:\Nagrywarka
[11/03/2012 - 14:49:45 | D ] D:\Pandoramt2
[16/11/2011 - 16:45:07 | SHD ] D:\RECYCLER
[16/11/2011 - 08:51:08 | SHD ] D:\System Volume Information
[13/03/2012 - 20:56:36 | D ] D:\The Sims 3
[18/05/2008 - 09:35:21 | D ] E:\Documents and Settings
[16/11/2011 - 08:51:40 | HD ] E:\DyskC
[20/01/2011 - 15:54:56 | SHD ] E:\RECYCLER
[14/01/2011 - 16:17:02 | SHD ] E:\System Volume Information
[04/03/2012 - 17:48:18 | D ] E:\Vindictus
[16/04/2003 - 20:25:38 | RD ] H:\Audio
[09/05/2003 - 07:41:58 | RD ] H:\Crack
[16/04/2003 - 16:50:18 | R | 512] H:\data3.cab

################## | E.O.F |

[/log]

15 kwietnia 2012

Czy na pewno przed skanowaniem podłaczyłeś pendraiw?

15 kwietnia 2012

Tak.

@

Może teraz:

[log]############################## | UsbFix V 7.087 | [Listing]

User: Właściciel (Administrator) # PC-BDFB88E32823
Updated 05/04/2012 by El Desaparecido
Started at 16:55:21 | 15/04/2012

Website: [url="http://eldesaparecido.com"]http://eldesaparecido.com[/url]
Suspicious file ? : [url="http://eldesaparecido.com/upload.html"]http://eldesaparecido.com/upload.html[/url]
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel® Pentium® D CPU 3.20GHz (3215)
RAM -> [ Total : 2559 | Free : 1680 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 53 Gb (26 Mb free - 49%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 78 Gb (68 Mb free - 87%) [DANE] # NTFS
E:\ -> Fixed drive # 18 Gb (10 Mb free - 53%) [DOKUMENTY] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 7 Gb (4 Mb free - 57%) [] # FAT32
H:\ -> CD-ROM

################## | Listing |

[21/12/2011 - 16:56:36 | HD ] C:\$AVG
[16/11/2011 - 08:34:19 | D ] C:\ATI
[18/05/2008 - 09:19:04 | A | 0] C:\AUTOEXEC.BAT
[18/05/2008 - 09:14:38 | SH | 211] C:\boot.ini
[28/09/2002 - 23:00:00 | RASH | 4952] C:\Bootfont.bin
[14/04/2012 - 09:12:01 | HD ] C:\Config.Msi
[18/05/2008 - 09:19:04 | A | 0] C:\CONFIG.SYS
[16/11/2011 - 09:26:59 | D ] C:\Documents and Settings
[01/02/2012 - 17:24:18 | D ] C:\games
[18/12/2011 - 14:20:23 | D ] C:\GAMIGO
[18/05/2008 - 07:30:32 | D ] C:\Intel
[18/05/2008 - 09:19:04 | RASH | 0] C:\IO.SYS
[18/05/2008 - 09:19:04 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/11/2011 - 08:56:38 | RASH | 251152] C:\ntldr
[16/11/2011 - 09:25:18 | D ] C:\NVIDIA
[15/04/2012 - 14:13:17 | ASH | 805306368] C:\pagefile.sys
[14/04/2012 - 09:11:35 | RD ] C:\Program Files
[11/03/2012 - 11:58:30 | D ] C:\ProgramData
[16/11/2011 - 08:32:12 | SHD ] C:\RECYCLER
[17/11/2011 - 18:40:31 | D ] C:\Riot Games
[15/02/2012 - 11:00:08 | SHD ] C:\System Volume Information
[15/04/2012 - 16:55:23 | D ] C:\UsbFix
[15/04/2012 - 16:55:23 | A | 756] C:\UsbFix.txt
[31/12/2011 - 20:08:39 | A | 237] C:\user.js
[18/05/2008 - 07:44:19 | D ] C:\VPlayer
[03/04/2012 - 18:21:52 | D ] C:\WINDOWS
[07/01/2012 - 10:30:19 | HD ] D:\$AVG
[12/03/2012 - 13:29:15 | D ] D:\Documents and Settings
[10/04/2012 - 10:31:36 | D ] D:\Dragonmt2
[28/12/2011 - 12:54:24 | D ] D:\LC
[28/11/2011 - 21:16:38 | HD ] D:\msdownld.tmp
[31/01/2012 - 17:23:47 | D ] D:\Nagrywarka
[11/03/2012 - 14:49:45 | D ] D:\Pandoramt2
[16/11/2011 - 16:45:07 | SHD ] D:\RECYCLER
[16/11/2011 - 08:51:08 | SHD ] D:\System Volume Information
[13/03/2012 - 20:56:36 | D ] D:\The Sims 3
[18/05/2008 - 09:35:21 | D ] E:\Documents and Settings
[16/11/2011 - 08:51:40 | HD ] E:\DyskC
[20/01/2011 - 15:54:56 | SHD ] E:\RECYCLER
[14/01/2011 - 16:17:02 | SHD ] E:\System Volume Information
[04/03/2012 - 17:48:18 | D ] E:\Vindictus
[16/04/2003 - 20:25:38 | RD ] H:\Audio
[09/05/2003 - 07:41:58 | RD ] H:\Crack
[16/04/2003 - 16:50:18 | R | 512] H:\data3.cab

################## | E.O.F |

[/log]

@

A i jeszcze jedno, czy z aplikacji .exe można zrobić folder? Bo te foldery, które miałem na penie (Max Payne 2) zrobiły się aplikacjami przez tego wira.

Edytowane 15 kwietnia 2012 przez Exemu

15 kwietnia 2012

Jeśli pen wystepuje pod literą G (a tak wynika z loga to na nim nic nie ma). Czyli musiałeś zrobić format?

15 kwietnia 2012

Nie formata nie robiłem.

@

Czekaj jeszcze jedną opcję sprawdzę.

@

Teraz?

[log]############################## | UsbFix V 7.087 | [Listing]

User: Właściciel (Administrator) # PC-BDFB88E32823
Updated 05/04/2012 by El Desaparecido
Started at 17:02:15 | 15/04/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) D CPU 3.20GHz (3215)
RAM -> [ Total : 2559 | Free : 1674 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 53 Gb (26 Mb free - 49%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 78 Gb (68 Mb free - 87%) [DANE] # NTFS
E:\ -> Fixed drive # 18 Gb (10 Mb free - 53%) [DOKUMENTY] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 7 Gb (4 Mb free - 57%) [] # FAT32

################## | Listing |

[21/12/2011 - 16:56:36 | HD ] C:\$AVG
[16/11/2011 - 08:34:19 | D ] C:\ATI
[18/05/2008 - 09:19:04 | A | 0] C:\AUTOEXEC.BAT
[18/05/2008 - 09:14:38 | SH | 211] C:\boot.ini
[28/09/2002 - 23:00:00 | RASH | 4952] C:\Bootfont.bin
[14/04/2012 - 09:12:01 | HD ] C:\Config.Msi
[18/05/2008 - 09:19:04 | A | 0] C:\CONFIG.SYS
[16/11/2011 - 09:26:59 | D ] C:\Documents and Settings
[01/02/2012 - 17:24:18 | D ] C:\games
[18/12/2011 - 14:20:23 | D ] C:\GAMIGO
[18/05/2008 - 07:30:32 | D ] C:\Intel
[18/05/2008 - 09:19:04 | RASH | 0] C:\IO.SYS
[18/05/2008 - 09:19:04 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/11/2011 - 08:56:38 | RASH | 251152] C:\ntldr
[16/11/2011 - 09:25:18 | D ] C:\NVIDIA
[15/04/2012 - 14:13:17 | ASH | 805306368] C:\pagefile.sys
[14/04/2012 - 09:11:35 | RD ] C:\Program Files
[11/03/2012 - 11:58:30 | D ] C:\ProgramData
[16/11/2011 - 08:32:12 | SHD ] C:\RECYCLER
[17/11/2011 - 18:40:31 | D ] C:\Riot Games
[15/02/2012 - 11:00:08 | SHD ] C:\System Volume Information
[15/04/2012 - 17:02:17 | D ] C:\UsbFix
[15/04/2012 - 17:02:18 | A | 805] C:\UsbFix.txt
[31/12/2011 - 20:08:39 | A | 237] C:\user.js
[18/05/2008 - 07:44:19 | D ] C:\VPlayer
[15/04/2012 - 16:56:38 | D ] C:\WINDOWS
[07/01/2012 - 10:30:19 | HD ] D:\$AVG
[12/03/2012 - 13:29:15 | D ] D:\Documents and Settings
[10/04/2012 - 10:31:36 | D ] D:\Dragonmt2
[28/12/2011 - 12:54:24 | D ] D:\LC
[28/11/2011 - 21:16:38 | HD ] D:\msdownld.tmp
[31/01/2012 - 17:23:47 | D ] D:\Nagrywarka
[11/03/2012 - 14:49:45 | D ] D:\Pandoramt2
[16/11/2011 - 16:45:07 | SHD ] D:\RECYCLER
[16/11/2011 - 08:51:08 | SHD ] D:\System Volume Information
[13/03/2012 - 20:56:36 | D ] D:\The Sims 3
[18/05/2008 - 09:35:21 | D ] E:\Documents and Settings
[16/11/2011 - 08:51:40 | HD ] E:\DyskC
[20/01/2011 - 15:54:56 | SHD ] E:\RECYCLER
[14/01/2011 - 16:17:02 | SHD ] E:\System Volume Information
[04/03/2012 - 17:48:18 | D ] E:\Vindictus

################## | E.O.F |

[/log]

Edytowane 15 kwietnia 2012 przez Exemu

15 kwietnia 2012

Pod jak literą jest czytany pendrak? Odpowiedz krótko.

15 kwietnia 2012

G

15 kwietnia 2012

I jak wejdziesz na pendraka to widzisz jakieś pliki? Bo w logu nic nie ma, poza informacją że na dysku G jest 57%

[code]G:\ -> Removable drive # 7 Gb (4 Mb free - 57%) [] # FAT32[/code]

15 kwietnia 2012

Tak widzę Max Payne 2 jako aplikację (wcześniej folder, kiedy pen nie był zawirusowany) i film polowanie na czarownice.

15 kwietnia 2012

No tak teraz załapałem co żle robisz. Masz wuykonać skan z opcji [b]Listing[/b]. Powtórze jeszcze raz:
pendrak podpiety Uruchamiasz USBfix i klikasz butonik z napisem [b]Listing[/b]. Po skanowaniu dajesz raport

15 kwietnia 2012

Teraz chyba dobrze:

[log]############################## | UsbFix V 7.087 | [Listing]

User: Właściciel (Administrator) # PC-BDFB88E32823
Updated 05/04/2012 by El Desaparecido
Started at 18:04:08 | 15/04/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) D CPU 3.20GHz (3215)
RAM -> [ Total : 2559 | Free : 1826 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 53 Gb (26 Mb free - 49%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 78 Gb (68 Mb free - 87%) [DANE] # NTFS
E:\ -> Fixed drive # 18 Gb (10 Mb free - 53%) [DOKUMENTY] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 7 Gb (4 Mb free - 57%) [] # FAT32

################## | Listing |

[21/12/2011 - 16:56:36 | HD ] C:\$AVG
[16/11/2011 - 08:34:19 | D ] C:\ATI
[18/05/2008 - 09:19:04 | A | 0] C:\AUTOEXEC.BAT
[18/05/2008 - 09:14:38 | SH | 211] C:\boot.ini
[28/09/2002 - 23:00:00 | RASH | 4952] C:\Bootfont.bin
[14/04/2012 - 09:12:01 | HD ] C:\Config.Msi
[18/05/2008 - 09:19:04 | A | 0] C:\CONFIG.SYS
[16/11/2011 - 09:26:59 | D ] C:\Documents and Settings
[01/02/2012 - 17:24:18 | D ] C:\games
[18/12/2011 - 14:20:23 | D ] C:\GAMIGO
[18/05/2008 - 07:30:32 | D ] C:\Intel
[18/05/2008 - 09:19:04 | RASH | 0] C:\IO.SYS
[18/05/2008 - 09:19:04 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/11/2011 - 08:56:38 | RASH | 251152] C:\ntldr
[16/11/2011 - 09:25:18 | D ] C:\NVIDIA
[15/04/2012 - 14:13:17 | ASH | 805306368] C:\pagefile.sys
[14/04/2012 - 09:11:35 | RD ] C:\Program Files
[11/03/2012 - 11:58:30 | D ] C:\ProgramData
[16/11/2011 - 08:32:12 | SHD ] C:\RECYCLER
[17/11/2011 - 18:40:31 | D ] C:\Riot Games
[15/02/2012 - 11:00:08 | SHD ] C:\System Volume Information
[15/04/2012 - 18:04:09 | D ] C:\UsbFix
[15/04/2012 - 18:04:10 | A | 805] C:\UsbFix.txt
[31/12/2011 - 20:08:39 | A | 237] C:\user.js
[18/05/2008 - 07:44:19 | D ] C:\VPlayer
[15/04/2012 - 16:56:38 | D ] C:\WINDOWS
[07/01/2012 - 10:30:19 | HD ] D:\$AVG
[12/03/2012 - 13:29:15 | D ] D:\Documents and Settings
[10/04/2012 - 10:31:36 | D ] D:\Dragonmt2
[28/12/2011 - 12:54:24 | D ] D:\LC
[28/11/2011 - 21:16:38 | HD ] D:\msdownld.tmp
[31/01/2012 - 17:23:47 | D ] D:\Nagrywarka
[11/03/2012 - 14:49:45 | D ] D:\Pandoramt2
[16/11/2011 - 16:45:07 | SHD ] D:\RECYCLER
[16/11/2011 - 08:51:08 | SHD ] D:\System Volume Information
[13/03/2012 - 20:56:36 | D ] D:\The Sims 3
[18/05/2008 - 09:35:21 | D ] E:\Documents and Settings
[16/11/2011 - 08:51:40 | HD ] E:\DyskC
[20/01/2011 - 15:54:56 | SHD ] E:\RECYCLER
[14/01/2011 - 16:17:02 | SHD ] E:\System Volume Information
[04/03/2012 - 17:48:18 | D ] E:\Vindictus
[14/04/2012 - 19:37:32 | A | 316684881] G:\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[15/04/2012 - 13:50:36 | SHD ] G:\Max Payne 2
[15/04/2012 - 14:30:58 | RSH | 667] G:\autorun.inf
[15/04/2012 - 14:31:00 | RSH | 102400] G:\mmquh.exe
[15/04/2012 - 14:31:00 | A | 102400] G:\Max Payne 2.exe

################## | E.O.F |

[/log]

15 kwietnia 2012

[quote]Teraz chyba dobrze:[/quote]
Tak - teraz dobrze.

[b]Pendraiw ma być cały czas podpiety.[/b]

Uruchom OTL i w oknie [b]własne opcje skanowania skrypt [/b]wklej:

[code]:Files
G:\autorun.inf
G:\mmquh.exe
G:\Max Payne 2.exe

:Commands
[emptyflash]
[emptytemp]
[/code]

Kliknij w [color=#0000cd][b]Wykonaj skrypt.[/b][/color] [color=#0000ff][b]Zebyś sie nie pomylił i nie kliknął w Skanuj[/b][/color]

[b]2.[/b] Po usuwaniu. Odinstaluj następujące śmieci:[b] facemoods Toolbar, Babylon Toolbar.[/b]

[b]3.[/b] Wykonaj nowy skan OTL wg tej instrukcji mają być dwa logi. [b]OTL.txt i Extras.txt[/b]

http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

15 kwietnia 2012

Nie wiem czy się na coś przyda:

[log]All processes killed
========== FILES ==========
G:\autorun.inf moved successfully.
File move failed. G:\mmquh.exe scheduled to be moved on reboot.
File move failed. G:\Max Payne 2.exe scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: UpdatusUser

User: Właściciel
->Flash cache emptied: 79733 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Właściciel
->Temp folder emptied: 949235478 bytes
->Temporary Internet Files folder emptied: 2753204 bytes
->Java cache emptied: 27234400 bytes
->FireFox cache emptied: 785823584 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 549357 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 686,00 mb

OTL by OldTimer - Version 3.2.39.2 log created on 04152012_181926

Files\Folders moved on Reboot...
File move failed. G:\mmquh.exe scheduled to be moved on reboot.
File move failed. G:\Max Payne 2.exe scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1dc.dat not found!

Registry entries deleted on Reboot...

[/log]

zaraz odinstaluje śmieci i wykonam skan.

Edit

Otl.txt:

[log]OTL logfile created on: 2012-04-15 18:34:11 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 73,56% Memory free
3,10 Gb Paging File | 2,48 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,74 Gb Total Space | 27,40 Gb Free Space | 51,96% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 67,68 Gb Free Space | 86,63% Space Free | Partition Type: NTFS
Drive E: | 18,18 Gb Total Space | 9,72 Gb Free Space | 53,46% Space Free | Partition Type: NTFS
Drive G: | 7,26 Gb Total Space | 4,12 Gb Free Space | 56,72% Space Free | Partition Type: FAT32

Computer Name: PC-BDFB88E32823 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-15 14:55:32 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie\OTL.exe
PRC - [2012-03-22 21:05:58 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011-11-29 21:58:46 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 03:53:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-09-08 18:23:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 03:51:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2008-04-14 20:21:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-07-20 15:14:18 | 000,598,016 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\RaUI.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-15 18:24:24 | 000,115,137 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
MOD - [2012-04-04 07:54:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-03-29 08:59:57 | 008,797,344 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_6c825ce.dll
MOD - [2012-03-22 21:05:57 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-11-30 20:11:08 | 001,159,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
MOD - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011-11-29 08:48:25 | 000,758,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
MOD - [2011-11-29 08:48:14 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011-11-27 16:52:46 | 017,632,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3989b4ca6cf904061992daec9e7d5644\PresentationFramework.ni.dll
MOD - [2011-11-27 16:51:42 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\0b4eef4cf57751f56d89ff0314ee06b0\PresentationFramework.Luna.ni.dll
MOD - [2011-11-27 16:48:47 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2011-11-27 16:47:47 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011-11-27 16:47:08 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011-11-27 16:47:01 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011-11-27 16:46:43 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011-11-27 16:46:22 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011-11-27 16:46:09 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011-11-27 16:45:42 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2007-08-21 14:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-03-29 08:59:57 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-06-19 19:56:16 | 004,122,968 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-03-10 19:14:40 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-27 03:25:48 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2011-10-27 03:25:48 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2011-10-27 03:25:48 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2011-10-27 03:25:48 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2011-10-27 03:25:44 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011-10-27 03:25:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2011-10-27 03:25:44 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2011-10-18 17:23:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011-10-07 03:53:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 03:51:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-09-13 04:00:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 03:38:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-10 22:44:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-10 22:44:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-10 22:44:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-10 22:44:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-07-06 08:43:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-11-18 04:47:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 04:46:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2005-07-01 09:52:00 | 000,339,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2002-07-17 06:23:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\WACICI~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-02 11:02:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 21:05:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-14 15:36:31 | 000,000,000 | ---D | M]

[2011-11-16 10:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions
[2012-03-20 16:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions
[2012-03-20 16:42:17 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012-03-10 17:37:32 | 000,000,000 | ---D | M] (DealBulldog Toolbar) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012-01-07 11:03:50 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\ffxtlbr@Facemoods.com
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZQL6VYW.DEFAULT\EXTENSIONS\{6AC85730-7D0F-4DE0-B3FA-21142DD85326}
[2012-04-14 09:11:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012-03-22 21:05:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-14 09:11:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-11-05 05:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-12-31 20:08:22 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-11-05 05:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011-11-05 05:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-11-05 05:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-11-05 05:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-11-05 05:41:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-28 23:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1343024091-651377827-839522115-1003\..\Toolbar\WebBrowser: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe File not found
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [Nickelback - This Means War (www.Miotacz-Muzy.pl)] G:\Nickelback - This Means War (www.Miotacz-Muzy.pl).exe /J File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{795B1BCF-3570-4CD4-98E3-A7D01E41B5FF}: DhcpNameServer = 192.168.88.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-05-18 09:19:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-15 18:19:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-15 16:56:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012-04-15 16:39:09 | 000,000,000 | ---D | C] -- C:\UsbFix
[2012-04-14 11:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\allow_htm
[2012-04-14 10:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\cp
[2012-04-14 09:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-04-14 09:11:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-14 09:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-12 18:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\style
[2012-04-12 18:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\img
[2012-04-12 18:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ruins
[2012-04-11 16:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\pm
[2012-04-11 16:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\sub
[2012-04-08 20:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\PunPortal by Rudik Polish
[2012-04-07 10:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Nowy folder
[2012-04-06 16:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\famfam
[2012-04-03 17:21:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\naild
[2012-04-03 17:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deep Silver
[2012-04-03 17:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Deep Silver
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\PowerChallenge
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2012-03-30 15:59:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ikony
[2012-03-30 13:14:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
[2012-03-29 08:59:57 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-25 16:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SCREEN2EXE
[2012-03-25 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\SCREEN2EXE
[2012-03-24 21:58:27 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2012-03-24 21:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\WINDOWS
[2012-03-21 15:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\desski
[2012-03-20 18:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-03-20 18:23:18 | 000,000,000 | R--D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\Moje wideo
[2012-03-19 19:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Zdj. PBF
[2012-03-18 09:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Texty na PBF
[2012-03-17 18:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games
[2012-03-16 19:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\formularz
[2012-03-16 19:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-15 18:26:57 | 000,488,970 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-04-15 18:26:57 | 000,432,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-04-15 18:26:57 | 000,083,904 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-04-15 18:26:57 | 000,066,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-04-15 18:26:34 | 095,083,502 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-04-15 18:22:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-04-15 16:20:24 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Word 2003.lnk
[2012-04-14 19:37:30 | 316,684,881 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 18:05:13 | 000,107,542 | ---- | M] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-14 18:05:13 | 000,010,170 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-14 10:59:43 | 000,032,670 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-14 10:06:38 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-14 09:11:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012-04-14 09:11:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:38 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-13 18:31:13 | 000,056,758 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-11 20:42:03 | 000,067,927 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:38:15 | 000,016,330 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-10 20:30:53 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-04-10 19:21:55 | 000,185,718 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 14:02:10 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 18:57:55 | 000,180,988 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-04-08 17:53:14 | 000,009,341 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-05 17:11:05 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-04-05 17:07:58 | 000,039,438 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 17:06:37 | 000,011,418 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 17:05:13 | 000,036,989 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:42:59 | 000,034,375 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:39:54 | 000,027,897 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:29:42 | 000,169,431 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:22:04 | 000,243,839 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-29 08:59:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-29 08:59:57 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-03-27 19:20:42 | 000,259,907 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-27 10:03:45 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-25 17:11:09 | 000,001,527 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:31:31 | 001,297,345 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:11 | 000,604,162 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk
[2012-03-16 19:33:44 | 000,385,513 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\papirus.png

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-14 18:50:00 | 316,684,881 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 18:05:13 | 000,107,542 | ---- | C] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-14 10:59:42 | 000,032,670 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-11 20:42:02 | 000,067,927 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:35:48 | 000,016,330 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-11 16:17:37 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-10 19:21:54 | 000,185,718 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 19:49:02 | 000,010,170 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-09 14:02:10 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 17:53:14 | 000,009,341 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-07 12:34:43 | 000,056,758 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-05 16:29:41 | 000,169,431 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:28:45 | 000,011,418 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 16:26:19 | 000,034,375 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:25:02 | 000,036,989 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:23:45 | 000,027,897 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:22:11 | 000,039,438 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 16:22:03 | 000,243,839 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-27 19:20:41 | 000,259,907 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-25 17:11:09 | 000,001,527 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:29:52 | 001,297,345 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:09 | 000,604,162 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk
[2012-03-16 19:33:43 | 000,385,513 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\papirus.png
[2012-03-10 19:06:58 | 000,000,083 | ---- | C] () -- C:\WINDOWS\Wwp.INI
[2012-02-14 19:20:27 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-31 20:08:33 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-12-21 22:48:00 | 001,004,846 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1343024091-651377827-839522115-1003-0.dat
[2011-12-21 22:47:59 | 000,253,630 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-12-15 20:07:43 | 000,044,280 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011-12-13 19:11:54 | 000,134,130 | ---- | C] () -- C:\WINDOWS\ColorPic Uninstaller.exe
[2011-11-29 17:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011-11-29 17:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-11-29 17:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-11-29 17:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-11-29 17:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-11-17 14:44:37 | 000,126,063 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2011-11-17 14:44:37 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2011-11-16 10:23:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-16 10:23:47 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-16 10:23:47 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-16 10:23:47 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-16 10:16:06 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-11-16 09:26:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-11-16 09:26:04 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-11-16 08:39:31 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011-07-07 21:07:28 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-05 20:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-12-31 20:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2011-11-16 09:07:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-03-10 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-03-11 16:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-11-17 17:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-04-15 18:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-03-04 18:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-03-04 18:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2011-12-19 20:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-04-13 16:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin
[2011-12-21 18:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-03-02 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\.minecraft
[2011-11-16 09:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2011-12-31 20:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Babylon
[2012-03-10 19:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite
[2011-11-16 09:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\driveridentifier
[2012-01-07 18:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\facemoods.com
[2012-04-15 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
[2011-11-19 11:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu 10
[2012-04-14 18:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\gtk-2.0
[2011-11-17 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\LolClient
[2012-02-17 18:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Nvu
[2011-12-18 14:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenFM
[2012-03-11 16:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Origin
[2012-04-01 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2008-05-18 08:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PWNEncy2006
[2011-12-21 18:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Samsung
[2012-03-10 17:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Toolbar4

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

[/log]

Extras.txt:

[log]OTL Extras logfile created on: 2012-04-15 18:34:11 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 73,56% Memory free
3,10 Gb Paging File | 2,48 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,74 Gb Total Space | 27,40 Gb Free Space | 51,96% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 67,68 Gb Free Space | 86,63% Space Free | Partition Type: NTFS
Drive E: | 18,18 Gb Total Space | 9,72 Gb Free Space | 53,46% Space Free | Partition Type: NTFS
Drive G: | 7,26 Gb Total Space | 4,12 Gb Free Space | 56,72% Space Free | Partition Type: FAT32

Computer Name: PC-BDFB88E32823 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{069C1AD7-AC72-40E0-A156-7442EA6A48D7}" = AVG 2012
"{18BBF24A-6D04-4CA4-B6B4-1CF372162EEC}" = Adobe Flash Player 10 ActiveX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9FD0988D-2781-4160-AF88-29DD82E53EF1}_is1" = Nail'd
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A56028FC-1F40-4369-9941-7AAAC6ACE924}" = LastChaosPoland
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Software 9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EF901A4B-A25A-4962-83C6-C6691D062ED9}" = Nero Mega Plugin Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface
"AVG" = AVG 2012
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"ColorPic" = ColorPic
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"DAEMON Tools Lite" = DAEMON Tools Lite
"DealBulldog Toolbar" = DealBulldog Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.5.2
"FLVPlayer" = FLV Player 1.3.3
"Gadu-Gadu 10" = Gadu-Gadu 10
"Indeo® Software" = Indeo® Software
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"kED_is1" = kED 2.1.4.0
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0
"Metin2_is1" = Metin2
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Nvu_is1" = Nvu 1.0
"OS_is1" = Overspeed: High Performance Street Racing
"Powszechna encyklopedia PWN 2007" = Powszechna encyklopedia PWN 2007
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"SCREEN2EXE_is1" = SCREEN2EXE 3.2 (build:2498)
"Usbfix" = UsbFix By El Desaparecido
"UserBar Generator_is1" = UserBar Generator 1.2
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"FoxTab PDF Creator" = FoxTab PDF Creator
"Power Loader" = Power Challenge Game Plugin
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-03-17 12:10:27 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00180f0e.

Error - 2012-03-17 12:11:52 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00180f0e.

Error - 2012-03-24 04:10:00 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00240d0b.

Error - 2012-03-24 08:05:52 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x0004b684.

Error - 2012-04-01 08:12:33 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd d3d8.dll, wersja 5.3.2600.5512, adres błędu 0x0004c9ab.

Error - 2012-04-01 08:13:12 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd d3d8.dll, wersja 5.3.2600.5512, adres błędu 0x0004c9ab.

Error - 2012-04-01 08:15:43 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-01 08:22:37 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-01 08:23:07 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-10 04:38:02 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0073e46d.

[ System Events ]
Error - 2012-04-14 02:54:15 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-14 09:38:52 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-14 11:46:12 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-14 14:49:58 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-15 03:11:13 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-15 06:03:09 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-15 08:15:17 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-15 12:19:27 | Computer Name = PC-BDFB88E32823 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2012-04-15 12:19:27 | Computer Name = PC-BDFB88E32823 | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Driver Helper Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2012-04-15 12:24:54 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

< End of report >

[/log]

Edytowane 15 kwietnia 2012 przez Exemu

15 kwietnia 2012

Pobierz AdwCleaner i wykonaj nim skan z opcji [b]Search[/b]. Przedstaw raport
http://general-changelog-team.fr/outils/289-adwcleaner

Jak tam pendraczek, w szystko w porządku?

15 kwietnia 2012

Taa, tyle że musiałem usunąc Max Payne
Jutro dam skan z cleanera.

Skan:

[log]# AdwCleaner v1.600 - Logfile created 04/16/2012 at 14:35:26
# Updated 15/04/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# User : Właściciel - PC-BDFB88E32823
# Running from : C:\Documents and Settings\Właściciel\Pulpit\Pobieranie\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Właściciel\Dane aplikacji\Babylon
Folder Found : C:\Documents and Settings\Właściciel\Dane aplikacji\facemoods.com
Folder Found : C:\Documents and Settings\Właściciel\Dane aplikacji\Toolbar4
Folder Found : C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\ffxtlbr@Facemoods.com
Folder Found : C:\Documents and Settings\All Users\Dane aplikacji\Babylon
Folder Found : C:\Program Files\DealBulldog Toolbar
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

***** [H. Navipromo] *****

***** [Registry] *****

[*] Key Found : HKCU\Software\SMTTB2009
[*] Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
[*] Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
[*] Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
[*] Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealBulldog Toolbar

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddr
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

-\\ Mozilla Firefox v11.0 (pl)

## File : C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\prefs.js

Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "7d0740f90000000000000016e65f5ecf");
Found : user_pref("extensions.BabylonToolbar_i.id", "7d0740f90000000000000016e65f5ecf");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15339");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1719:08:33");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

*************************

AdwCleaner[R1].txt - [9675 octets] - [16/04/2012 14:35:26]

########## EOF - C:\AdwCleaner[R1].txt - [9803 octets] ##########
[/log]

Jeszcze jedno, kiedy znowu chciałem zgrać Maxa na pena, to wyskoczyło, że już tam jest, ale niczego tam nie widziałem. Zgrałem 2 raz i nadal nie widzę. Co robić?

Wpisałem nazwę na pasku adresu i wyskoczyło, ale nie mogę zmienić atrybutu "Ukryty". Jest zaznaczony i nie można na niego kliknąć.

Edytowane 16 kwietnia 2012 przez Exemu

17 kwietnia 2012

1. Zamknij przegladarki koniecznie. Uruchom AdwCleaner i kliknij Delete.

2. Daj nowy log z USBfix z opcji [b]Listing[/b]

17 kwietnia 2012

Czy pena muszę mieć załączonego do pkt. 1?

17 kwietnia 2012

[quote]Czy pena muszę mieć załączonego do pkt. 1? [/quote]

A niby jak program ma odczytać, co zawiera pendrajw?

[quote]kiedy znowu chciałem zgrać Maxa [/quote]

co to jest Max?

17 kwietnia 2012

Max Payne 2 ^^

Adwcleaner:

[log]# AdwCleaner v1.600 - Logfile created 04/17/2012 at 17:36:15
# Updated 15/04/2012 by Xplode
# Operating system : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)
# User : Właściciel - PC-BDFB88E32823
# Running from : C:\Documents and Settings\Właściciel\Pulpit\Pobieranie\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [H. Navipromo] *****

***** [Registry] *****

***** [Registre - GUID] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (pl)

## File : C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9804 octets] - [16/04/2012 14:35:26]
AdwCleaner[S1].txt - [10287 octets] - [17/04/2012 14:46:13]
AdwCleaner[S2].txt - [903 octets] - [17/04/2012 17:36:15]

########## EOF - C:\AdwCleaner[S2].txt - [1030 octets] ##########
[/log]

Dodam, że wcześniej robiłem to samo, tylko bez pendrive bo mi się zapomniało.

Z USBFix
[log]############################## | UsbFix V 7.087 | [Listing]

User: Właściciel (Administrator) # PC-BDFB88E32823
Updated 05/04/2012 by El Desaparecido
Started at 17:41:13 | 17/04/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: GBT___ (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) D CPU 3.20GHz (3215)
RAM -> [ Total : 2559 | Free : 1897 ]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ (!) Disabled ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Fixed drive # 53 Gb (24 Mb free - 45%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 78 Gb (68 Mb free - 87%) [DANE] # NTFS
E:\ -> Fixed drive # 18 Gb (10 Mb free - 53%) [DOKUMENTY] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 7 Gb (7 Mb free - 100%) [] # FAT32

################## | Listing |

[21/12/2011 - 16:56:36 | HD ] C:\$AVG
[16/04/2012 - 14:35:29 | A | 9804] C:\AdwCleaner[R1].txt
[17/04/2012 - 14:46:22 | A | 10287] C:\AdwCleaner[S1].txt
[17/04/2012 - 17:39:47 | A | 1031] C:\AdwCleaner[S2].txt
[16/11/2011 - 08:34:19 | D ] C:\ATI
[18/05/2008 - 09:19:04 | A | 0] C:\AUTOEXEC.BAT
[18/05/2008 - 09:14:38 | SH | 211] C:\boot.ini
[28/09/2002 - 23:00:00 | RASH | 4952] C:\Bootfont.bin
[14/04/2012 - 09:12:01 | HD ] C:\Config.Msi
[18/05/2008 - 09:19:04 | A | 0] C:\CONFIG.SYS
[16/11/2011 - 09:26:59 | D ] C:\Documents and Settings
[01/02/2012 - 17:24:18 | D ] C:\games
[18/12/2011 - 14:20:23 | D ] C:\GAMIGO
[18/05/2008 - 07:30:32 | D ] C:\Intel
[18/05/2008 - 09:19:04 | RASH | 0] C:\IO.SYS
[18/05/2008 - 09:19:04 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/11/2011 - 08:56:38 | RASH | 251152] C:\ntldr
[16/11/2011 - 09:25:18 | D ] C:\NVIDIA
[17/04/2012 - 17:37:23 | ASH | 805306368] C:\pagefile.sys
[17/04/2012 - 14:46:19 | RD ] C:\Program Files
[11/03/2012 - 11:58:30 | D ] C:\ProgramData
[16/11/2011 - 08:32:12 | SHD ] C:\RECYCLER
[17/11/2011 - 18:40:31 | D ] C:\Riot Games
[15/02/2012 - 11:00:08 | SHD ] C:\System Volume Information
[17/04/2012 - 17:41:15 | D ] C:\UsbFix
[17/04/2012 - 17:41:16 | A | 805] C:\UsbFix.txt
[31/12/2011 - 20:08:39 | A | 237] C:\user.js
[18/05/2008 - 07:44:19 | D ] C:\VPlayer
[15/04/2012 - 18:21:05 | D ] C:\WINDOWS
[15/04/2012 - 18:19:26 | D ] C:\_OTL
[07/01/2012 - 10:30:19 | HD ] D:\$AVG
[12/03/2012 - 13:29:15 | D ] D:\Documents and Settings
[10/04/2012 - 10:31:36 | D ] D:\Dragonmt2
[28/12/2011 - 12:54:24 | D ] D:\LC
[28/11/2011 - 21:16:38 | HD ] D:\msdownld.tmp
[31/01/2012 - 17:23:47 | D ] D:\Nagrywarka
[11/03/2012 - 14:49:45 | D ] D:\Pandoramt2
[16/11/2011 - 16:45:07 | SHD ] D:\RECYCLER
[16/11/2011 - 08:51:08 | SHD ] D:\System Volume Information
[13/03/2012 - 20:56:36 | D ] D:\The Sims 3
[18/05/2008 - 09:35:21 | D ] E:\Documents and Settings
[16/11/2011 - 08:51:40 | HD ] E:\DyskC
[20/01/2011 - 15:54:56 | SHD ] E:\RECYCLER
[14/01/2011 - 16:17:02 | SHD ] E:\System Volume Information
[04/03/2012 - 17:48:18 | D ] E:\Vindictus
[15/04/2012 - 13:50:36 | SHD ] G:\Max Payne 2
[15/04/2012 - 14:31:00 | RSH | 102400] G:\mmquh.exe

################## | E.O.F |

[/log]

Widać ze na G (pen) jest jeszcze folder Max Payne 2 i jakis mmquh.exe. Jak je usunąc bo zapewne w mmquh jest wirus. Tak podejzewam.

Edytowane 17 kwietnia 2012 przez Exemu

17 kwietnia 2012

Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt[/b] wklej:

[code]:Files
G:\Max Payne 2
G:\mmquh.exe

:Commands
[emptytemp][/code]

Po usuwaniu wykonaj pełny format tego pena. Wgraj na nowo Max Payne. Jeśli znowu coś bedzie nie tak znaczy że nagrywasz zawirusowany plik. I infekcja stale wraca.

Zrób nowy skan OTL i przedstaw raport

17 kwietnia 2012

Maxa Payne'a mam już na kompie nie na penie

17 kwietnia 2012

[quote]Zrób nowy skan OTL i przedstaw raport [/quote]

co ja napisałem?

17 kwietnia 2012

[log]All processes killed
========== FILES ==========
G:\Max Payne 2 folder moved successfully.
File move failed. G:\mmquh.exe scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Właściciel
->Temp folder emptied: 4204656 bytes
->Temporary Internet Files folder emptied: 203523 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 681975633 bytes
->Flash cache emptied: 3113 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49268 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 655,00 mb

OTL by OldTimer - Version 3.2.39.2 log created on 04172012_201409

Files\Folders moved on Reboot...
File move failed. G:\mmquh.exe scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_73c.dat not found!

Registry entries deleted on Reboot...

[/log]

Proszę. Z tego co ja się doczytałem, to nie wykasował się plik mmquh.exe chyba

Zaraz dalsze skany...

Skan:

[log]OTL logfile created on: 2012-04-17 20:22:12 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 74,72% Memory free
3,10 Gb Paging File | 2,52 Gb Available in Paging File | 81,28% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,74 Gb Total Space | 24,54 Gb Free Space | 46,54% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 67,68 Gb Free Space | 86,63% Space Free | Partition Type: NTFS
Drive E: | 18,18 Gb Total Space | 9,71 Gb Free Space | 53,42% Space Free | Partition Type: NTFS
Drive G: | 7,25 Gb Total Space | 7,25 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PC-BDFB88E32823 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-15 14:55:32 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie\OTL.exe
PRC - [2012-03-22 21:05:58 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011-11-29 21:58:46 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 03:53:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-09-08 18:23:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 03:51:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2008-04-14 20:21:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-07-20 15:14:18 | 000,598,016 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\RaUI.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-17 20:18:49 | 000,115,137 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
MOD - [2012-04-04 07:54:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2012-03-29 08:59:57 | 008,797,344 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_6c825ce.dll
MOD - [2012-03-22 21:05:57 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-11-30 20:11:08 | 001,159,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
MOD - [2011-11-29 21:58:56 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011-11-29 08:48:25 | 000,758,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
MOD - [2011-11-29 08:48:14 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011-11-27 16:52:46 | 017,632,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3989b4ca6cf904061992daec9e7d5644\PresentationFramework.ni.dll
MOD - [2011-11-27 16:51:42 | 000,656,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\0b4eef4cf57751f56d89ff0314ee06b0\PresentationFramework.Luna.ni.dll
MOD - [2011-11-27 16:48:47 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2011-11-27 16:47:47 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011-11-27 16:47:08 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011-11-27 16:47:01 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011-11-27 16:46:43 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011-11-27 16:46:22 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011-11-27 16:46:09 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011-11-27 16:45:42 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2007-08-21 14:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-03-29 08:59:57 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-03-27 19:08:23 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2011-10-12 03:55:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-08-02 03:39:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-06-19 19:56:16 | 004,122,968 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-03-10 19:14:40 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-10-27 03:25:48 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2011-10-27 03:25:48 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2011-10-27 03:25:48 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2011-10-27 03:25:48 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2011-10-27 03:25:44 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011-10-27 03:25:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2011-10-27 03:25:44 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2011-10-18 17:23:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011-10-07 03:53:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 03:51:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-21 11:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-09-13 04:00:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 03:38:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-10 22:44:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-10 22:44:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-10 22:44:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-10 22:44:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-07-06 08:43:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-11-18 04:47:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 04:46:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2005-07-01 09:52:00 | 000,339,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2002-07-17 06:23:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\WACICI~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-02 11:02:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 21:05:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-14 15:36:31 | 000,000,000 | ---D | M]

[2011-11-16 10:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Extensions
[2012-04-17 14:46:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions
[2012-03-20 16:42:17 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012-03-10 17:37:32 | 000,000,000 | ---D | M] (DealBulldog Toolbar) -- C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\6zql6vyw.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-04-14 09:11:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\WĹ‚AĹ›CICIEL\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZQL6VYW.DEFAULT\EXTENSIONS\{6AC85730-7D0F-4DE0-B3FA-21142DD85326}
[2012-04-14 09:11:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012-03-22 21:05:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-14 09:11:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-11-05 05:41:38 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-11-05 05:41:38 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011-11-05 05:41:38 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-11-05 05:41:38 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-11-05 05:41:38 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-11-05 05:41:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-28 23:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe File not found
O4 - HKU\S-1-5-21-1343024091-651377827-839522115-1003..\Run: [Nickelback - This Means War (www.Miotacz-Muzy.pl)] G:\Nickelback - This Means War (www.Miotacz-Muzy.pl).exe /J File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.88.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{795B1BCF-3570-4CD4-98E3-A7D01E41B5FF}: DhcpNameServer = 192.168.88.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-05-18 09:19:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-16 16:01:23 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\Max Payne 2 Savegames
[2012-04-16 15:54:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Max Payne 2
[2012-04-15 18:19:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-15 16:56:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012-04-15 16:39:09 | 000,000,000 | ---D | C] -- C:\UsbFix
[2012-04-14 11:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\allow_htm
[2012-04-14 10:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\cp
[2012-04-14 09:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-04-14 09:11:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:50 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-14 09:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-04-12 18:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\style
[2012-04-12 18:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\img
[2012-04-12 18:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ruins
[2012-04-11 16:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\pm
[2012-04-11 16:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\sub
[2012-04-08 20:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\PunPortal by Rudik Polish
[2012-04-07 10:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Nowy folder
[2012-04-06 16:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\famfam
[2012-04-03 17:21:28 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\naild
[2012-04-03 17:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deep Silver
[2012-04-03 17:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Deep Silver
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\PowerChallenge
[2012-04-01 15:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2012-03-30 15:59:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Ikony
[2012-03-30 13:14:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
[2012-03-29 08:59:57 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-25 16:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\SCREEN2EXE
[2012-03-25 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\SCREEN2EXE
[2012-03-24 21:58:27 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2012-03-24 21:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\WINDOWS
[2012-03-21 15:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\desski
[2012-03-20 18:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2012-03-20 18:23:18 | 000,000,000 | R--D | C] -- E:\Documents and Settings\Właściciel\Moje dokumenty\Moje wideo
[2012-03-19 19:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Pulpit\Zdj. PBF

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-17 20:21:22 | 000,488,970 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-04-17 20:21:22 | 000,432,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-04-17 20:21:22 | 000,083,904 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-04-17 20:21:22 | 000,066,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-04-17 20:16:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-04-17 17:03:17 | 095,332,207 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-04-17 16:45:20 | 000,009,568 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Chronicles.tps
[2012-04-17 16:45:02 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-04-17 16:43:30 | 000,104,212 | ---- | M] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-17 16:43:30 | 000,043,436 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\pncz.png
[2012-04-15 16:20:24 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Word 2003.lnk
[2012-04-14 19:37:30 | 316,684,881 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 18:05:13 | 000,010,170 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-14 10:59:43 | 000,032,670 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-14 10:06:38 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-14 09:11:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012-04-14 09:11:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012-04-14 09:11:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012-04-14 09:11:38 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012-04-13 18:31:13 | 000,056,758 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-11 20:42:03 | 000,067,927 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:38:15 | 000,016,330 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-10 20:30:53 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-04-10 19:21:55 | 000,185,718 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 14:02:10 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 18:57:55 | 000,180,988 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-04-08 17:53:14 | 000,009,341 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-05 17:07:58 | 000,039,438 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 17:06:37 | 000,011,418 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 17:05:13 | 000,036,989 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:42:59 | 000,034,375 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:39:54 | 000,027,897 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:29:42 | 000,169,431 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:22:04 | 000,243,839 | ---- | M] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-29 08:59:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-03-29 08:59:57 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012-03-27 19:20:42 | 000,259,907 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-27 10:03:45 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-25 17:11:09 | 000,001,527 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:31:31 | 001,297,345 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:11 | 000,604,162 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-17 16:45:19 | 000,009,568 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Chronicles.tps
[2012-04-17 16:43:30 | 000,104,212 | ---- | C] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel
[2012-04-17 16:43:30 | 000,043,436 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\pncz.png
[2012-04-14 18:50:00 | 316,684,881 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Polowanie Na Czarownice - RMVB - LEKTOR PL.rmvb
[2012-04-14 10:59:42 | 000,032,670 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannepun.png
[2012-04-11 20:42:02 | 000,067,927 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bannerr.png
[2012-04-11 16:35:48 | 000,016,330 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellp.png
[2012-04-11 16:17:37 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\mody.html
[2012-04-10 19:21:54 | 000,185,718 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Mordekaiser_Splash_4.jpg
[2012-04-09 19:49:02 | 000,010,170 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cellpicc.png
[2012-04-09 14:02:10 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\nonew.png
[2012-04-09 14:01:36 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\new.png
[2012-04-08 17:53:14 | 000,009,341 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\pbb.png
[2012-04-07 12:34:43 | 000,056,758 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\logo.png
[2012-04-05 16:29:41 | 000,169,431 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\pustynia.jpg
[2012-04-05 16:28:45 | 000,011,418 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\lasyy.jpg
[2012-04-05 16:26:19 | 000,034,375 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\wodospad.jpg
[2012-04-05 16:25:02 | 000,036,989 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\jaskinia.jpg
[2012-04-05 16:23:45 | 000,027,897 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\zamek.jpg
[2012-04-05 16:22:11 | 000,039,438 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\gory.jpg
[2012-04-05 16:22:03 | 000,243,839 | ---- | C] () -- E:\Documents and Settings\Właściciel\Moje dokumenty\polana.jpg
[2012-04-03 17:18:38 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nail'd.lnk
[2012-04-02 16:43:51 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\belka.png
[2012-03-29 08:59:59 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-03-27 19:20:41 | 000,259,907 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\1280-1024-25063.jpg
[2012-03-25 17:11:09 | 000,001,527 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Tablica znaków.lnk
[2012-03-25 16:23:17 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SCREEN2EXE.lnk
[2012-03-24 09:29:52 | 001,297,345 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Nickelback - Lullaby.mp3
[2012-03-22 21:23:09 | 000,604,162 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\koty.gif
[2012-03-20 18:30:09 | 000,000,233 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do Realtek Konfiguracja audio HD.lnk
[2012-03-19 18:34:33 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Skrót do gta-vc.exe.lnk
[2012-03-10 19:06:58 | 000,000,083 | ---- | C] () -- C:\WINDOWS\Wwp.INI
[2012-02-14 19:20:27 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-12-31 20:08:33 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-12-21 22:48:00 | 001,004,846 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1343024091-651377827-839522115-1003-0.dat
[2011-12-21 22:47:59 | 000,253,630 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-12-15 20:07:43 | 000,044,280 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011-12-13 19:11:54 | 000,134,130 | ---- | C] () -- C:\WINDOWS\ColorPic Uninstaller.exe
[2011-11-29 17:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011-11-29 17:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-11-29 17:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-11-29 17:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-11-29 17:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-11-17 14:44:37 | 000,126,063 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2011-11-17 14:44:37 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2011-11-16 10:23:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-11-16 10:23:47 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-11-16 10:23:47 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-11-16 10:23:47 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-11-16 10:16:06 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-11-16 09:26:23 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-11-16 09:26:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-11-16 09:26:04 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-11-16 08:39:31 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011-07-07 21:07:28 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012-04-05 20:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
[2011-11-16 09:07:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2012-03-10 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-03-11 16:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-11-17 17:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-04-17 17:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2012-03-04 18:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2012-03-04 18:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2011-12-19 20:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2012-04-13 16:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin
[2011-12-21 18:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2012-03-02 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\.minecraft
[2011-11-16 09:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\AVG2012
[2012-03-10 19:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools Lite
[2011-11-16 09:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\driveridentifier
[2012-04-17 17:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
[2011-11-19 11:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu 10
[2012-04-17 16:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\gtk-2.0
[2011-11-17 08:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\LolClient
[2012-02-17 18:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Nvu
[2011-12-18 14:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenFM
[2012-03-11 16:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Origin
[2012-04-01 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PowerChallenge
[2008-05-18 08:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\PWNEncy2006
[2011-12-21 18:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Samsung

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

[/log]

i Extras:

[log]OTL Extras logfile created on: 2012-04-17 20:22:12 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Właściciel\Pulpit\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 74,72% Memory free
3,10 Gb Paging File | 2,52 Gb Available in Paging File | 81,28% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,74 Gb Total Space | 24,54 Gb Free Space | 46,54% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 67,68 Gb Free Space | 86,63% Space Free | Partition Type: NTFS
Drive E: | 18,18 Gb Total Space | 9,71 Gb Free Space | 53,42% Space Free | Partition Type: NTFS
Drive G: | 7,25 Gb Total Space | 7,25 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PC-BDFB88E32823 | User Name: Właściciel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{069C1AD7-AC72-40E0-A156-7442EA6A48D7}" = AVG 2012
"{18BBF24A-6D04-4CA4-B6B4-1CF372162EEC}" = Adobe Flash Player 10 ActiveX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9FD0988D-2781-4160-AF88-29DD82E53EF1}_is1" = Nail'd
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A56028FC-1F40-4369-9941-7AAAC6ACE924}" = LastChaosPoland
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Software 9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EF901A4B-A25A-4962-83C6-C6691D062ED9}" = Nero Mega Plugin Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface
"AVG" = AVG 2012
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"ColorPic" = ColorPic
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"DAEMON Tools Lite" = DAEMON Tools Lite
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.5.2
"FLVPlayer" = FLV Player 1.3.3
"Gadu-Gadu 10" = Gadu-Gadu 10
"Indeo® Software" = Indeo® Software
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"kED_is1" = kED 2.1.4.0
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0
"Metin2_is1" = Metin2
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Nvu_is1" = Nvu 1.0
"OS_is1" = Overspeed: High Performance Street Racing
"Powszechna encyklopedia PWN 2007" = Powszechna encyklopedia PWN 2007
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"SCREEN2EXE_is1" = SCREEN2EXE 3.2 (build:2498)
"Usbfix" = UsbFix By El Desaparecido
"UserBar Generator_is1" = UserBar Generator 1.2
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1343024091-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"FoxTab PDF Creator" = FoxTab PDF Creator
"Power Loader" = Power Challenge Game Plugin
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-03-17 12:10:27 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00180f0e.

Error - 2012-03-17 12:11:52 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00180f0e.

Error - 2012-03-24 04:10:00 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x00240d0b.

Error - 2012-03-24 08:05:52 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd gta-vc.exe, wersja 0.0.0.0, adres błędu 0x0004b684.

Error - 2012-04-01 08:12:33 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd d3d8.dll, wersja 5.3.2600.5512, adres błędu 0x0004c9ab.

Error - 2012-04-01 08:13:12 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd d3d8.dll, wersja 5.3.2600.5512, adres błędu 0x0004c9ab.

Error - 2012-04-01 08:15:43 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-01 08:22:37 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-01 08:23:07 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący
błąd vc-mp.flt, wersja 0.0.0.0, adres błędu 0x0000e465.

Error - 2012-04-10 04:38:02 | Computer Name = PC-BDFB88E32823 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0073e46d.

[ System Events ]
Error - 2012-04-16 09:48:18 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-16 12:58:06 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 01:54:05 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 08:34:22 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 08:49:40 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 11:35:32 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 11:39:39 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012-04-17 14:14:10 | Computer Name = PC-BDFB88E32823 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2012-04-17 14:14:10 | Computer Name = PC-BDFB88E32823 | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Driver Helper Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2012-04-17 14:19:06 | Computer Name = PC-BDFB88E32823 | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi
upnphost z argumentami „” w celu uruchomienia serwera: {204810B9-73B2-11D4-BF42-00B0D0118B56}

< End of report >

[/log]

Edytowane 17 kwietnia 2012 przez Exemu

Zaloguj się

Zawirusowany pendrive

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Gość

Exemu

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Strona główna

Powiadomienie o plikach cookie