x-kom hosting

Thumbs.db i Desktop.ini

Mariuszysko
utworzono
utworzono (edytowane)

Witam! mam problem z tymi plikami które znajdują się w Tytule tematu. Tak wiem, że są to pliki systemowe. Z reguły powinny być one ukryte, tymczasem na moim kompie wszystkie są nie ukryte. Pliki te pojawiły mi się w niemalże każdym folderze. Jak je schować?
W folderze z muzyką, na dodatek pojawiły mi się pliki graficzne z okładkami płyt (które również powinny być ukryte). Co robić? W jaki sposób je ukryć? Przecież nie będę każdego po kolei zaznaczał, że ma być ukryty. Proszę o pomoc.
[color="#ff0000"]
//przenoszę do Bezpieczeństwa
//dan[/color]

danielek316
komentarz
komentarz

Masz zaznaczone ukrywanie plików w Opcjach folderów?

Mariuszysko
komentarz
komentarz (edytowane)

No rzecz jasna! Tak.

I co mam robić?

raazor90
komentarz
komentarz

Jesteś pewien że to nie żadna infekcja? Daj log z OTL: http://www.forumpc.pl/index.php?showtopic=104338

Mariuszysko
komentarz
komentarz (edytowane)

oto log [log]OTL logfile created on: 2010-03-15 21:24:28 - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 67,87 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 66,04 Gb Free Space | 96,60% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 85,54 Gb Free Space | 99,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 410,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIUSZ
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-03-15 21:23:17 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-02-22 15:46:30 | 003,162,090 | ---- | M] () -- E:\metin\metin2.bin
PRC - [2010-02-18 17:35:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-11-20 22:41:40 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009-05-30 15:03:59 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-04-22 12:58:28 | 001,298,432 | ---- | M] () -- C:\Program Files\TP-LINK\TL-WN321G\COMMON\TWCU.exe
PRC - [2009-03-27 23:03:00 | 000,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009-01-05 16:16:12 | 000,069,632 | ---- | M] () -- C:\Program Files\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2007-03-18 23:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2007-01-02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2006-12-10 21:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-03-15 21:23:17 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-07 15:50:23 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:15 | 012,903,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 18:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 17:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-03-18 23:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2006-12-21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-11-20 22:41:40 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009-11-20 22:41:37 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009-11-16 12:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-01-21 12:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009-01-07 11:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009-01-05 16:16:12 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe -- (RalinkRegistryWriter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-09-22 19:18:46 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-05-29 23:48:24 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l151x86.sys -- (AtcL001)
DRV - [2009-04-03 10:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009-03-27 23:03:00 | 006,280,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-10-21 11:16:58 | 000,465,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2008-04-13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-10 02:56:00 | 004,449,280 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-11-07 09:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006-11-07 09:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM)
DRV - [2006-11-07 09:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006-11-07 09:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006-11-07 09:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-08-13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [1997-04-22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1078081533-115176313-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p2
IE - HKU\S-1-5-21-1078081533-115176313-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8


FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-18 17:35:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-18 17:35:42 | 000,000,000 | ---D | M]

[2009-05-29 22:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions
[2010-03-14 20:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\extensions
[2009-09-02 18:39:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-22 20:05:46 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-01-07 13:56:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-09-24 16:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\extensions\zrzuta.eu@gmail.com
[2010-03-14 20:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-18 17:35:40 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-18 17:35:40 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-18 17:35:40 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-18 17:35:40 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-18 17:35:40 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-18 17:35:40 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-23 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1078081533-115176313-839522115-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-1078081533-115176313-839522115-1003..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\TL-WN321G Wireless Utility.lnk = C:\Program Files\TP-LINK\TL-WN321G\COMMON\TWCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-115176313-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244308404453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-05-08 16:29:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-09-26 13:13:12 | 000,494,048 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0e0a0b06-27ba-11df-bbd3-001fc61f90b4}\Shell\AutoRun\command - "" = F:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{0e0a0b06-27ba-11df-bbd3-001fc61f90b4}\Shell\open\Command - "" = F:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{9463a6c2-1d54-11dd-9624-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9463a6c2-1d54-11dd-9624-806d6172696f}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2007-06-06 12:18:32 | 000,513,624 | R--- | M] (Hewlett-Packard)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-05-29 21:46:31 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "LightScribeService"
MsConfig - StartUpFolder: C:^Documents and Settings^Dom^Menu Start^Programy^Autostart^desktop.ini - C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\desktop.ini - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 1
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-15 16:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2010-03-15 16:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010-03-15 16:38:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-03-13 18:53:26 | 000,000,000 | ---D | C] -- C:\Orange
[2010-03-13 18:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2010-03-13 18:48:09 | 000,465,152 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt73.sys
[2010-03-13 18:48:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver
[2010-03-13 18:35:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dom\Recent
[2010-03-07 18:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\zeszyt
[2010-03-01 22:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Infonetax
[2010-03-01 22:36:59 | 000,000,000 | ---D | C] -- C:\Infonetax
[2010-03-01 21:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Pity 2009
[2010-03-01 21:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\PITy
[2010-03-01 20:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\PITy2005
[2010-02-24 22:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\AdobeUM
[2010-02-24 17:16:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-02-23 19:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Siemens
[2010-02-13 14:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\HPSSUPPLY
[2010-02-13 14:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2010-02-13 14:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Hewlett-Packard
[2010-02-13 14:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010-02-13 14:05:31 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2009-03-26 14:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2009-03-25 20:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2008-10-28 19:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\HP
[2008-10-28 19:33:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2008-10-28 18:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-10-16 17:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-10-16 17:12:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-03-15 21:00:02 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-03-15 17:17:38 | 000,333,460 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\polski 1.jpg
[2010-03-15 17:17:38 | 000,267,103 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\hist 1.jpg
[2010-03-15 17:17:38 | 000,168,913 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\polski 2.jpg
[2010-03-15 17:17:38 | 000,112,494 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\hist 2.jpg
[2010-03-15 17:05:31 | 000,156,887 | ---- | M] () -- C:\WINDOWS\hpwins18.dat
[2010-03-15 17:01:57 | 000,001,379 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-03-15 17:00:46 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Centrum obsługi HP.lnk
[2010-03-15 17:00:01 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
[2010-03-15 16:18:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-15 16:18:09 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010-03-15 16:18:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-15 16:18:03 | 000,195,721 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-03-15 16:17:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-15 16:12:31 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2010-03-13 18:48:23 | 000,001,894 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\TL-WN321G Wireless Utility.lnk
[2010-03-13 18:48:23 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\TL-WN321G Wireless Utility.lnk
[2010-03-13 18:48:17 | 000,376,832 | ---- | M] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010-03-13 18:40:36 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-03-13 18:40:36 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010-03-10 22:05:45 | 000,000,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010-03-01 22:37:13 | 000,002,245 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\PIT-OPP 2009.lnk
[2010-03-01 21:12:45 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Pity 2009.lnk
[2010-03-01 21:01:26 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\PITy 2009.lnk
[2010-02-13 13:31:29 | 004,816,068 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-13 11:10:22 | 000,073,744 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010-02-13 11:09:15 | 000,283,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-12 19:43:02 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2010-02-11 11:01:46 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-04 17:15:40 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\Dom\default.pls
[2010-01-29 22:17:59 | 001,096,384 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-01-29 22:17:59 | 000,493,976 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-01-29 22:17:59 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-01-29 22:17:59 | 000,085,136 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-01-29 22:17:59 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-01-29 22:09:48 | 000,016,084 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2010-01-29 21:51:33 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010-01-25 14:20:54 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-15 17:08:31 | 000,112,494 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\hist 2.jpg
[2010-03-15 17:07:47 | 000,267,103 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\hist 1.jpg
[2010-03-15 17:07:07 | 000,168,913 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\polski 2.jpg
[2010-03-15 17:06:11 | 000,333,460 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\polski 1.jpg
[2010-03-15 17:00:46 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Centrum obsługi HP.lnk
[2010-03-15 17:00:00 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
[2010-03-15 16:38:50 | 000,156,887 | ---- | C] () -- C:\WINDOWS\hpwins18.dat
[2010-03-13 18:48:23 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\TL-WN321G Wireless Utility.lnk
[2010-03-13 18:48:23 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\TL-WN321G Wireless Utility.lnk
[2010-03-13 18:48:17 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010-03-01 22:37:00 | 000,002,245 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\PIT-OPP 2009.lnk
[2010-03-01 21:12:45 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Pity 2009.lnk
[2010-03-01 21:01:26 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\PITy 2009.lnk
[2010-01-29 22:08:29 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2010-01-29 21:51:32 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2009-11-28 20:05:32 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-22 19:33:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\LauncherAccess.dt
[2009-09-22 18:51:05 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009-06-22 14:25:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-05-31 12:53:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-05-31 12:53:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-05-31 12:53:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-05-31 12:53:26 | 002,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-05-31 12:53:26 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-05-31 12:53:26 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-05-31 12:53:25 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-05-31 12:53:25 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-05-30 15:02:26 | 000,018,253 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\hpzinstall.log
[2009-05-29 21:48:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-05-29 21:48:53 | 000,016,084 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-05-29 21:48:45 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-01-09 08:23:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-01-09 08:23:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-01-09 08:23:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-01-09 08:23:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-01-09 08:23:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-12-26 16:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AlawarWrapper
[2009-12-07 18:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Farm Frenzy
[2010-02-13 11:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
[2010-03-13 18:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver
[2009-08-21 13:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TuneUp Software
[2009-08-21 13:06:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2010-01-11 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Audacity
[2009-11-20 22:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Cream Software
[2009-05-29 22:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Gadu-Gadu
[2009-09-02 18:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Image Zone Express
[2009-08-21 13:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\TuneUp Software
[2010-03-15 21:00:02 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010-03-15 16:18:09 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-05-08 16:29:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-03-13 18:40:36 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2002-09-23 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-05-08 16:29:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-05-08 16:29:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-05-08 16:29:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-09-18 23:02:34 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-03-15 16:17:54 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-02-12 23:40:44 | 000,000,316 | ---- | M] () -- C:\updatedatfix.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2002-09-23 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-06-07 10:59:36 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:671329E4
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:DFC5A2B2
< End of report >
[/log]




i drugi [log]OTL Extras logfile created on: 2010-03-15 21:24:28 - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 67,87 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 66,04 Gb Free Space | 96,60% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 85,54 Gb Free Space | 99,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 410,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIUSZ
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1078081533-115176313-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (Gadu-Gadu S.A.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\metin\metin2.bin" = E:\metin\metin2.bin:*:Enabled:metin2 -- ()
"E:\metin\metin2client.bin" = E:\metin\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"G:\Release\Orange.exe" = G:\Release\Orange.exe:*:Enabled:Instalator Orange -- File not found


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18DDD804-59E9-48DD-AEDB-9D4EE6389C0A}" = 7400_Help
"{1FF78023-EFA4-491F-9F5A-284DE97AA326}" = TL-WN321G Wireless Utility
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{2D43FD89-B225-4334-B4AA-0983400BE61B}" = Windows Presentation Foundation Language Pack (PLK)
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{495998C4-FC8A-4302-82E0-53DE4D7A8F56}" = Windows Communication Foundation Language Pack - PLK
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3
"{868BA6F4-881C-45a4-B78F-1F48F36B870D}" = L7400
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CE4CB34-8187-42A1-B597-517760BEE8EC}" = BPD_Scan
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{988948C2-76F3-42b1-825B-E0990021FD24}" = ProductContext
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7646-A70000000000}" = Adobe Reader 7.0
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DB27B1CA-A19D-4253-81C4-70968CBA1F0E}" = MPM
"{DB76863D-D4D9-4AB3-AFDC-26717BA1E11C}" = Windows Workflow Foundation PL Language Pack
"{DC3D10C1-8E4B-4583-A8A7-EEBEC92F5E3A}" = BPDSoftware_Ini
"{E2906574-DAC9-4B74-914D-7447177BC091}" = PIT-OPP 2009
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{EFF55B46-106F-4151-A0BB-E327F8844FD3}" = HP Officejet Pro L7400 Series
"{F61DD673-0030-4BB2-A382-7E57E97F1045}" = Nero 7 Essentials
"{FD593DE6-C3A0-4722-8E86-9DEEF0A93290}" = Microsoft .NET Framework 3.0 Polish Language Pack
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3
"ALLPlayer_is1" = ALLPlayer V4.X
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Gadu-Gadu" = Gadu-Gadu 7.7
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.0
"Microsoft .NET Framework 3.0 Polish Language Pack" = Pakiet języka polskiego dla systemu Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NVIDIA Drivers" = NVIDIA Drivers
"Odkurzacz 12.0_is1" = Odkurzacz 12.0
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Pity 2009_is1" = Pity 2009
"PITy2005_is1" = PITy2005 ver. 2.0.1.1
"SkanerOnline" = Skaner on-line mks_vir
"Spyware Doctor" = Spyware Doctor 6.0
"Unlocker" = Unlocker 1.8.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = Archiwizator WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-08-23 14:00:41 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\Moje obrazy\Zdjęcia\One\Sylwia\wycieczka 09'\do wyslania\IMGP4034.JPG failed,
0000001E.

Error - 2009-09-20 12:21:52 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
K:\DCIM\100NIKON\DSCN4893.JPG failed, 0000A420.

Error - 2009-10-02 14:05:18 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\DSCN4778.JPG failed, 0000001E.

Error - 2009-10-02 14:06:57 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\DSCN4785.JPG failed, 0000A420.

Error - 2009-11-09 04:19:52 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://pl10.the-west.pl/game.php?sid=155f19566b16f1eb failed, 0000A413.

Error - 2009-12-04 14:12:46 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnFileScan()
GetTempPath() failed: 0.

Error - 2009-12-21 13:36:16 | Computer Name = MARIUSZ | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Dom\Dane aplikacji\Microsoft\Office\Ostatnie\Który z
władców Rzeczypospolitej XVII w.LNK failed, 00000005.

[ Application Events ]
Error - 2010-02-11 13:08:21 | Computer Name = MARIUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd metin2.bin, wersja 0.0.0.0, moduł powodujący
błąd metin2.bin, wersja 0.0.0.0, adres błędu 0x001faf94.

Error - 2010-02-11 13:08:24 | Computer Name = MARIUSZ | Source = Application Error | ID = 1001
Description = Pakiet błędów 1516878522.

Error - 2010-02-11 13:09:50 | Computer Name = MARIUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd metin2.bin, wersja 0.0.0.0, moduł powodujący
błąd metin2.bin, wersja 0.0.0.0, adres błędu 0x001faf94.

Error - 2010-02-11 13:13:37 | Computer Name = MARIUSZ | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca Photoshop.exe, wersja 10.0.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-02-13 10:01:19 | Computer Name = MARIUSZ | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 2010-02-13 10:01:40 | Computer Name = MARIUSZ | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 2010-02-13 10:02:00 | Computer Name = MARIUSZ | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 2010-02-23 15:01:51 | Computer Name = MARIUSZ | Source = Application Error | ID = 1005
Description = System Windows nie może uzyskać dostępu do pliku G:\Release\Orange.exe
z jednej z następujących przyczyn: istnieje problem z połączeniem sieciowym, dyskiem,
na którym przechowywany jest plik, sterownikami magazynu zainstalowanymi na tym
komputerze; lub brak dysku. System Windows zamknął program OrangeInstaller z powodu
następującego błędu. Program: OrangeInstaller Plik: G:\Release\Orange.exe Wartość
błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie.
Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym
uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest
w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią, i
czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce
lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i
napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK,
kliknij przycisk Start, kliknij polecenie Uruchom, wpisz CMD, a następnie kliknij
przycisk OK. W wierszu polecenia wpisz CHKDSK /F, a następnie naciśnij klawisz
ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy
można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony.
Jeśli jest to dysk twardy, skontaktuj się z administratorem lub dostawcą sprzętu
komputerowego,
aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: C0000240 Typ dysku: 5

Error - 2010-02-23 15:01:54 | Computer Name = MARIUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Orange.exe, wersja 3.1.78.0, moduł powodujący
błąd Orange.exe, wersja 3.1.78.0, adres błędu 0x001d35a3.

Error - 2010-02-25 17:06:45 | Computer Name = MARIUSZ | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd metin2.bin, wersja 0.0.0.0, moduł powodujący
błąd metin2.bin, wersja 0.0.0.0, adres błędu 0x001fb0cf.

[ System Events ]
Error - 2010-03-15 11:18:13 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „nasza-klasa,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2010-03-15 11:18:13 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2010-03-15 11:33:11 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „nasza-klasa,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 30 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2010-03-15 11:33:11 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 29 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2010-03-15 12:03:12 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „nasza-klasa,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 60 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2010-03-15 12:03:12 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 59 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2010-03-15 13:03:12 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „nasza-klasa,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 120 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2010-03-15 13:03:12 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 119 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2010-03-15 15:03:13 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „nasza-klasa,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 240 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2010-03-15 15:03:13 | Computer Name = MARIUSZ | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 239 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.


< End of report >
[/log]

a więc co?

Psycholandia
komentarz
komentarz

Wykonaj i daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621

Mariuszysko
komentarz
komentarz

Log z Combofix

[log]ComboFix 10-03-15.06 - Dom 2010-03-16 16:25:35.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1506 [GMT 1:00]
Uruchomiony z: C:\Documents and Settings\Dom\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100316-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\RECYCLER\S-1-5-21-1229272821-492894223-839522115-1003

.
((((((((((((((((((((((((( Pliki utworzone od 2010-02-16 do 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-15 15:59:39 . 2010-03-15 15:59:39 -------- d-----w- C:\Program Files\Common Files\HP
2010-03-15 15:58:59 . 2010-03-15 15:58:59 -------- d-----w- C:\Program Files\Hewlett-Packard
2010-03-15 15:38:50 . 2010-03-15 16:05:31 156887 ----a-w- C:\WINDOWS\hpwins18.dat
2010-03-13 17:53:26 . 2010-03-13 17:53:29 -------- d-----w- C:\Orange
2010-03-13 17:48:17 . 2010-03-13 17:48:17 376832 ----a-w- C:\WINDOWS\system32\AegisI5Installer.exe
2010-03-13 17:48:17 . 2010-03-13 17:48:17 21361 ----a-w- C:\WINDOWS\system32\drivers\AegisP.sys
2010-03-13 17:48:15 . 2010-03-13 17:48:15 -------- d-----w- C:\Program Files\TP-LINK
2010-03-13 17:48:09 . 2008-10-21 10:16:58 465152 ----a-w- C:\WINDOWS\system32\drivers\rt73.sys
2010-03-13 17:48:06 . 2008-10-21 10:16:58 465152 ----a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver\TL-WN321G Wireless Utility\Driver\rt73.sys
2010-03-13 17:48:06 . 2008-07-10 18:34:16 528384 ----a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver\TL-WN321G Wireless Utility\Driver\RaInst.exe
2010-03-13 17:48:06 . 2006-11-02 06:21:54 319456 ----a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver\TL-WN321G Wireless Utility\Driver\difxapi.dll
2010-03-13 17:48:06 . 2006-11-01 23:33:24 77312 ----a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver\TL-WN321G Wireless Utility\Driver\devcon.exe
2010-03-13 17:48:05 . 2010-03-13 17:48:05 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver
2010-03-13 17:48:05 . 2007-05-17 10:17:20 192512 ----a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TP-LINK Driver\TL-WN321G Wireless Utility\Driver\CoInstaller.dll
2010-03-10 13:00:21 . 2009-10-23 15:28:37 3558912 -c----w- C:\WINDOWS\system32\dllcache\moviemk.exe
2010-03-08 20:26:33 . 2010-02-12 10:03:03 293376 ------w- C:\WINDOWS\system32\browserchoice.exe
2010-03-01 21:44:31 . 2010-03-01 21:44:31 -------- d-----w- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Infonetax
2010-03-01 21:36:59 . 2010-03-01 21:36:59 -------- d-----w- C:\Infonetax
2010-03-01 20:12:42 . 2010-03-01 21:34:24 -------- d-----w- C:\Program Files\Pity 2009
2010-03-01 20:01:25 . 2010-03-01 20:01:25 -------- d-----w- C:\Program Files\PITy
2010-03-01 19:40:37 . 2010-03-01 19:40:39 -------- d-----w- C:\Program Files\PITy2005
2010-02-24 21:01:34 . 2010-02-24 21:01:34 -------- d-----w- C:\Documents and Settings\Dom\Dane aplikacji\AdobeUM
2010-02-24 16:16:23 . 2010-03-10 17:53:01 -------- d--h--w- C:\WINDOWS\$hf_mig$
2010-02-24 10:02:54 . 2009-12-09 10:11:30 2190464 -c----w- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2010-02-24 10:02:54 . 2009-12-09 10:11:26 2146816 -c----w- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2010-02-24 10:02:53 . 2009-12-09 10:11:32 2067328 -c----w- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2010-02-24 10:02:53 . 2009-12-09 10:11:23 2025472 -c----w- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2010-02-24 08:31:58 . 2009-12-09 05:55:33 726528 -c----w- C:\WINDOWS\system32\dllcache\jscript.dll
2010-02-23 18:57:42 . 2010-02-23 18:57:42 -------- d-----w- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Siemens

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-15 16:10:24 . 2009-05-30 15:28:18 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
2010-03-15 16:00:36 . 2009-06-06 11:11:27 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\HP
2010-03-13 17:48:05 . 2008-05-08 15:41:01 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2010-03-08 20:38:29 . 2009-05-30 13:58:06 -------- d-----w- C:\Program Files\CCleaner
2010-02-13 13:10:26 . 2010-02-13 13:05:38 -------- d-----w- C:\Program Files\HP
2010-02-13 13:10:25 . 2010-02-13 13:10:25 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\HPSSUPPLY
2010-02-13 13:08:55 . 2010-02-13 13:08:55 -------- d-----w- C:\Program Files\Common Files\Hewlett-Packard
2010-02-13 13:07:48 . 2010-02-13 13:07:48 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Hewlett-Packard
2010-02-13 10:49:35 . 2009-10-10 15:08:52 -------- d-----w- C:\Documents and Settings\Dom\Dane aplikacji\skypePM
2010-02-13 10:22:18 . 2009-05-31 12:51:21 -------- d-----w- C:\Program Files\Spyware Doctor
2010-02-13 10:15:33 . 2009-12-04 18:11:01 -------- d---a-w- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
2010-02-13 10:10:22 . 2009-06-07 12:11:47 73744 ----a-w- C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2010-02-12 22:53:03 . 2009-12-18 13:58:15 -------- d-----w- C:\Program Files\Odkurzacz 12
2010-01-30 10:18:07 . 2009-08-30 16:47:23 -------- d-----w- C:\Documents and Settings\Dom\Dane aplikacji\Skype
2010-01-29 21:17:59 . 2002-09-23 13:00:00 85136 ----a-w- C:\WINDOWS\system32\perfc015.dat
2010-01-29 21:17:59 . 2002-09-23 13:00:00 493976 ----a-w- C:\WINDOWS\system32\perfh015.dat
2010-01-23 20:33:24 . 2009-05-31 11:46:31 -------- d-----w- C:\Program Files\NAPI-PROJEKT
2009-12-31 16:50:03 . 2004-08-03 22:14:46 353792 ----a-w- C:\WINDOWS\system32\drivers\srv.sys
2009-12-21 19:08:54 . 2004-08-03 23:44:16 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-12-17 07:42:39 . 2009-05-29 18:00:46 345088 ----a-w- C:\WINDOWS\system32\mspaint.exe
.

------- Sigcheck -------

[-] 2008-04-14 17:21:16 . F042E3426D45D86D9BB55F6A79AB441A . 977408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[-] 2008-04-14 17:21:16 . F042E3426D45D86D9BB55F6A79AB441A . 977408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 22:05:02 630784]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 10:04:46 2127296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 23:51:40 81000]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-03-27 22:03:00 13684736]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52:38 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:21:10 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
TL-WN321G Wireless Utility.lnk - C:\Program Files\TP-LINK\TL-WN321G\COMMON\TWCU.exe [2010-3-13 1298432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^Dom^Menu Start^Programy^Autostart^desktop.ini]
path=C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"E:\\metin\\metin2.bin"=
"E:\\metin\\metin2client.bin"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [2009-05-31 13:51:31 130936]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2009-05-29 23:07:33 114768]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [2009-05-29 23:07:33 20560]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\drivers\l151x86.sys [2009-05-29 21:49:17 36864]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-05-31 13:51:23 348752]
S3 VAD_DEV;Virtual Audio Service;C:\WINDOWS\system32\drivers\vad.sys --> C:\WINDOWS\system32\drivers\vad.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Zawartość folderu 'Zaplanowane zadania'

2010-03-16 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 15:54:12 . 2009-11-16 15:54:12]

2010-03-16 C:\WINDOWS\Tasks\OGALogon.job
- C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 13:07:42 . 2009-08-03 13:07:42]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.gazeta.pl/0,0.html?p2
IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\f7a1g3w4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 16:28:02
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
[/log]

i jak?

Psycholandia
komentarz
komentarz

Uruchom OTL i klik na CleanUP. Czysto. :)

Mariuszysko
komentarz
komentarz

No dobra - logi mam w porządku. Ale to i tak nie rozwiązuje mojego problemu.

Co mam dalej robić?

Psycholandia
komentarz
komentarz

Musisz w innym dziale napisać, chyba, że masz temat już - to czekaj. Tu sprawdzamy logi. ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.