mathew07 utworzono 3 kwietnia 2010 utworzono 3 kwietnia 2010 Witam. Postanowiłem trochę wyczyścić system na laptopie, usunąłem pare zbędnych rzeczy i teraz chciałem prosić o sprawdzenie profilaktyczne loga, czy nie ma czasem jakiś niepotrzebnych śmieci. Oto logi z programu OTL: 1. OTL.txt [log]OTL logfile created on: 2010-04-03 12:52:07 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\piotr\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,06 Gb Total Space | 100,23 Gb Free Space | 53,87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-A42BD8878E Current User Name: piotr Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe PRC - [2010-03-18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-11-11 16:18:00 | 000,870,400 | ---- | M] () -- C:\Program Files\ALLPlayer\ALLUpdate.exe PRC - [2009-11-11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-10-26 17:26:22 | 000,753,664 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe PRC - [2009-09-25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\ApVxdWin.exe PRC - [2009-09-17 13:17:26 | 000,291,584 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSRV51.EXE PRC - [2009-09-07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\AVENGINE.EXE PRC - [2009-08-25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\psksvc.exe PRC - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrlS.exe PRC - [2009-08-10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PavFnSvr.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\WebProxy.exe PRC - [2009-04-17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-01-30 10:12:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-01-25 23:35:46 | 000,960,512 | ---- | M] (MarBit) -- C:\Program Files\MarBit\ALLPassword Manager\ALLPasswordManager.exe PRC - [2008-12-27 20:40:28 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2008-09-24 08:50:36 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe PRC - [2008-06-19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsImSvc.exe PRC - [2008-05-22 14:05:06 | 000,474,624 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe PRC - [2008-05-02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2008-05-02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008-04-25 17:25:20 | 000,787,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe PRC - [2008-04-25 17:25:12 | 000,191,752 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [PANDA] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [mi] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 19:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-03-20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-02-04 17:26:48 | 000,062,768 | R--- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe PRC - [2008-01-29 18:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2007-05-08 17:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-08-03 18:40:26 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2006-03-02 16:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2006-03-02 15:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe PRC - [2006-02-19 06:24:52 | 000,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2006-02-19 05:21:22 | 000,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-02-10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe PRC - [2006-02-02 22:19:10 | 001,753,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2006-02-02 21:32:08 | 000,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe PRC - [2006-02-02 21:31:04 | 000,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2006-02-02 13:11:38 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Tvs\TvsTray.exe PRC - [2006-01-27 18:17:50 | 000,221,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2006-01-26 15:06:38 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe PRC - [2006-01-05 15:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe PRC - [2005-12-20 12:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe PRC - [2005-12-10 00:49:42 | 015,691,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2005-12-05 16:50:08 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe PRC - [2005-12-05 13:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005-11-28 22:51:52 | 000,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe PRC - [2005-11-28 12:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005-11-28 12:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005-11-28 12:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005-11-28 12:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005-11-28 12:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005-11-17 15:44:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe PRC - [2005-11-02 16:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2005-10-15 15:29:08 | 000,088,203 | ---- | M] (Agere Systems) -- C:\WINDOWS\agrsmmsg.exe PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2005-09-16 15:44:58 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe PRC - [2005-09-16 15:44:58 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe PRC - [2005-08-11 17:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2005-08-04 15:16:02 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe PRC - [2005-08-04 15:15:48 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004-08-28 09:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe PRC - [2004-08-28 09:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe PRC - [2004-06-17 09:03:44 | 000,059,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE PRC - [2003-10-31 20:42:40 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-30 19:22:58 | 000,518,400 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\PavSHook.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-01-30 10:12:00 | 001,507,328 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2009-01-30 10:12:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll MOD - [2009-01-30 10:12:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-05-02 03:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2008-04-14 23:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 19:20:57 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 19:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 19:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 19:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 19:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 19:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-02-08 11:53:40 | 000,107,568 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\SYSTOOLS.DLL MOD - [2006-12-21 14:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2002-03-03 05:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-09-17 13:17:26 | 000,291,584 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\pavsrv51.exe -- (PAVSRV) SRV - [2009-08-25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe -- (PskSvcRetail) SRV - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrls.exe -- (Panda Software Controller) SRV - [2009-08-10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PavFnSvr.exe -- (PAVFNSVR) SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009-06-18 12:06:47 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe -- (TPSrv) SRV - [2008-12-26 14:57:19 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008-07-02 15:09:36 | 000,060,160 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\GWMsrv.dll -- (Gwmsrv) SRV - [2008-06-19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsImSvc.exe -- (PSIMSVC) SRV - [2008-02-04 17:26:48 | 000,062,768 | R--- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv) SRV - [2008-01-29 18:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service) SRV - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2006-08-03 18:40:26 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate) SRV - [2006-08-03 18:40:26 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Harmonogram automatycznej usługi LiveUpdate) SRV - [2005-12-20 12:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005-11-28 12:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 12:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 12:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004-08-28 09:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys) DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys) DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt) DRV - [2009-10-06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-06-30 17:17:12 | 000,163,336 | R--- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc) DRV - [2009-06-30 11:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\pavboot.sys -- (pavboot) DRV - [2009-01-30 10:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-12-17 09:35:52 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-28 18:35:14 | 000,084,024 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV) DRV - [2008-04-13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-03-04 15:59:42 | 000,041,144 | R--- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv) DRV - [2008-02-29 04:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2008-02-29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2008-02-29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006-06-30 01:53:44 | 000,003,712 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2006-05-30 16:42:52 | 000,045,696 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2006-05-10 10:56:54 | 000,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2006-05-10 10:56:50 | 000,071,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2006-05-10 10:56:08 | 000,013,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2006-03-21 23:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006-03-02 15:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-02-08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid) DRV - [2006-02-02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd) DRV - [2006-01-31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2005-12-14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2005-12-10 01:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005-11-28 13:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005-11-24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2005-11-15 18:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005-11-11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM) DRV - [2005-10-20 15:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2005-09-09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005-08-01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2005-07-11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt) DRV - [2005-06-02 12:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005-01-06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2004-08-18 09:00:00 | 000,067,584 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Wibukey.sys -- (WIBUKEY) DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O2 - BHO: (MSN Search Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O3 - HKLM\..\Toolbar: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\WebBrowser: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLPasswordManager] C:\Program Files\MarBit\ALLPassword Manager\ALLPasswordManager.exe (MarBit) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ExprOElauncher] C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe (Nektra S.A.) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\piotr\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &MSN Search - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O8 - Extra context menu item: Open in new background tab - C:\Program Files\MSN Toolbar Suite\en-ww\msntabres.dll.mui (Microsoft Corporation) O8 - Extra context menu item: Open in new foreground tab - C:\Program Files\MSN Toolbar Suite\en-ww\msntabres.dll.mui (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230029238109 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avldr: DllName - avldr.dll - C:\WINDOWS\System32\avldr.dll (Panda Security, S.L.) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA SATELLITE.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA SATELLITE.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{3771a073-f2da-11dd-97a8-00a0d152e537}\Shell\AutoRun\command - "" = G:\USBNB.exe -- File not found O33 - MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{606d8aad-7dcf-11de-98c7-00a0d152e537}\Shell\AutoRun\command - "" = StartPortableApps.exe O33 - MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\Shell\Auto\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 19:21:39 | 000,023,040 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2006-03-31 17:03:45 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: PskSvcRetail - C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe (Panda Security, S.L.) SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-04-03 12:47:53 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe [2010-04-03 12:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-04-03 12:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2010-04-03 10:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2010-04-03 10:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-04-03 10:43:55 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010-04-03 10:43:55 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-04-03 10:43:54 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-04-03 10:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-04-03 10:43:53 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010-04-03 10:43:53 | 000,017,664 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-04-03 10:40:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\piotr\Recent [2010-04-03 10:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-04-01 21:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Moje dokumenty\Mój notes [2010-03-31 19:32:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\piotr\Phone Browser [2010-03-09 23:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Application Data [2010-02-02 20:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2010-02-02 20:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft AutoRoute 2010 [2010-02-02 20:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2008-12-27 00:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-02-19 04:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll [2006-01-30 14:42:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe [2010-04-03 12:32:05 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-04-03 10:49:29 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-03 10:49:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2010-04-03 10:41:53 | 000,219,352 | ---- | M] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_104147.reg [2010-04-03 10:34:56 | 000,197,354 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-04-03 10:33:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-04-03 10:33:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-03 10:33:42 | 3219,181,568 | -HS- | M] () -- C:\hiberfil.sys [2010-04-03 09:20:10 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-04-03 09:09:15 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\piotr\NTUSER.DAT [2010-04-03 09:07:11 | 000,062,848 | ---- | M] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-04-03 09:04:04 | 000,228,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-04-01 21:14:38 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\piotr\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk [2010-03-31 09:21:44 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-28 18:34:25 | 000,503,756 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-03-28 18:34:25 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-03-28 18:34:25 | 000,090,292 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-03-28 18:34:24 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-03-28 18:34:22 | 001,124,634 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-03-26 23:14:45 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\piotr\Dane aplikacji\setup_ldm.iss [2010-03-15 16:04:17 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\piotr\ntuser.ini [2010-03-05 23:08:54 | 000,000,942 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-02 15:19:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-02-28 11:44:51 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-26 08:04:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-02-04 22:31:08 | 000,028,621 | ---- | M] () -- C:\WINDOWS\FontData.fdb [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-04-03 10:49:29 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-03 10:49:26 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2010-04-03 10:41:50 | 000,219,352 | ---- | C] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_104147.reg [2010-04-03 09:20:29 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-04-01 21:14:38 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\piotr\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk [2010-03-26 23:14:45 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\piotr\Dane aplikacji\setup_ldm.iss [2010-02-16 10:06:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-01-21 09:18:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI [2009-08-25 12:12:53 | 000,802,888 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-05-31 13:39:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-01-27 09:39:09 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2009-01-27 09:38:35 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2009-01-27 09:38:34 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2009-01-27 09:38:33 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2009-01-27 09:38:32 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2009-01-27 09:38:31 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2009-01-27 09:38:30 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2009-01-27 09:38:29 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2009-01-27 09:38:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2009-01-27 09:38:07 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2009-01-27 09:38:02 | 000,145,609 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2009-01-27 09:37:59 | 004,302,881 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2009-01-27 09:37:27 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2009-01-27 09:37:26 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2009-01-27 09:37:25 | 000,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2009-01-27 09:37:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2009-01-27 09:37:21 | 000,485,888 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2009-01-27 09:37:15 | 000,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2009-01-27 09:37:11 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2009-01-27 09:37:08 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2009-01-12 16:00:29 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2008-12-30 20:11:50 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2008-12-30 20:11:50 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2008-12-30 20:11:50 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2008-12-30 19:41:49 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2008-12-29 17:55:16 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-12-29 17:55:14 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-12-29 17:55:09 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-12-29 17:55:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-12-29 17:54:56 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-12-29 17:54:50 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-12-27 21:31:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-27 21:31:52 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-12-27 20:40:42 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-12-27 20:40:41 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\piotr\Dane aplikacji\PnkBstrK.sys [2008-12-23 10:03:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2008-12-23 10:00:21 | 000,001,334 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-12-22 13:13:52 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2006-08-24 13:46:51 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2006-08-24 13:34:30 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-08-24 13:34:30 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-08-24 13:34:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-08-24 13:34:28 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-01-30 16:16:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-01-30 16:05:34 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2006-01-30 15:56:46 | 000,000,649 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-01-30 15:36:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006-01-30 15:26:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-01-30 15:26:58 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-01-30 15:26:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-01-30 15:26:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-01-30 15:26:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-01-30 15:26:58 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-01-30 15:23:02 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2006-01-30 15:23:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2006-01-30 15:23:02 | 000,010,147 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-01-30 15:23:02 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-01-30 15:18:45 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-01-30 15:17:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll [2006-01-30 15:14:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2006-01-30 15:14:12 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2006-01-30 14:42:51 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2006-01-30 09:06:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-01-30 09:06:50 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-09-02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005-07-22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004-10-05 17:27:56 | 000,304,572 | ---- | C] () -- C:\WINDOWS\System32\Inter32.DLL [2004-07-20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004-01-15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2009-05-31 13:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Age of Empires 3 [2009-06-18 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-12-21 23:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2010-04-03 10:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2008-12-27 00:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-01-04 10:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2008-12-27 00:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\toshiba [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Windows Desktop Search [2009-06-18 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Autodesk [2009-02-12 08:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009-11-11 23:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Gadu-Gadu [2009-12-17 09:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Graphisoft [2009-01-10 23:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\InterVideo [2009-05-25 08:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Nokia [2008-12-27 01:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\NSeries [2008-12-30 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Opera [2010-01-04 10:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Panda Security [2010-04-03 10:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\PC Suite [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\toshiba [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Windows Desktop Search [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2008-12-28 11:15:03 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-04-03 10:33:42 | 3219,181,568 | -HS- | M] () -- C:\hiberfil.sys [2006-01-30 09:20:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006-01-30 09:20:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-12-23 15:33:13 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-04-03 10:33:39 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2006-08-25 20:38:46 | 000,000,176 | -H-- | M] () -- C:\SWSTAMP.TXT [2008-12-31 17:25:58 | 000,000,510 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] 2. Extras.Txt[log]OTL Extras logfile created on: 2010-04-03 12:52:07 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\piotr\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,06 Gb Total Space | 100,23 Gb Free Space | 53,87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-A42BD8878E Current User Name: piotr Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .js [@ = JSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .jse [@ = JSEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .vbe [@ = VBEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .vbs [@ = VBSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .wsf [@ = WSFFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .wsh [@ = WSHFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) [HKEY_USERS\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8461:TCP" = 8461:TCP:*:Enabled:GoD High Port "8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found "C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package "{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}" = PL "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{20749F76-4228-43AD-8AB5-E7B20D8040C4}" = hph_readme "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2 "{3004FB81-7B9E-4808-BD13-BC5A530BA60B}" = cp_PrintOnCDConfig "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4 "{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder "{36DC3E2F-CD8C-4953-9E8F-9A1916D10AA1}" = hph_software "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{3EB6332B-AF02-457C-A31C-835458C5B48B}" = Podreczniki TOSHIBA "{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1 "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI "{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009 "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{5783F2D7-6009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - Polski "{5783F2D7-7009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2009 - Polski "{5783F2D7-8009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2010 - Polski "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Program narzędziowy TOSHIBA Zooming Utility "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3 "{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig "{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English) "{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003 "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA "{91A10415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003 "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{94824ADD-8F26-43D2-84DB-22E11F377E5E}" = Microsoft English TTS Engine "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{96172E04-BB14-45F6-A77B-8EE7A421B903}" = SAPI Wrapper "{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}" = TTS Wrapper "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9F1868CA-BF34-45A7-A2C6-AF9EB7A8007E}" = MSN Search Toolbar "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Wyciszacz napędu CD/DVD "{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACCCEE83-B49B-4964-8A4F-378B8FBC9F75}" = hph_ProductContext "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req "{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig "{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour "{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery "{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = Moduł zabezpieczający SD "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C82185E8-C27B-4EF4-2010-3333BC2C2B6D}" = Microsoft AutoRoute 2010 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}" = HP Photosmart and Deskjet 7.0 Software (plk) "{D8185007-3F98-413E-B22D-BA513517383A}" = D5100_Help "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E14B8A08-42B3-4676-9E91-1D39F8158DA1}" = HP Print Diagnostic Utility "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E55FB276-73C9-4776-AB53-BC028C0509ED}" = Panda Antivirus Pro 2010 "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1 "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{F71D0C1A-B739-4DD9-8304-8271E67E00CD}" = MSN Search Toolbar Multilingual User Interface Pack "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FD100EAE-33D2-420D-BCEB-361AC512B0BB}" = D5100 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "001FFFFFFF09FF00FF0701F00F02F000-R1" = ArchiCAD 9 INT "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "AutoCAD LT 2008 - Polski" = AutoCAD LT 2008 - Polski "AutoCAD LT 2009 - Polski" = AutoCAD LT 2009 - Polski "AutoCAD LT 2010 - Polski" = AutoCAD LT 2010 - Polski "Autodesk Design Review 2009" = Autodesk Design Review 2009 "CCleaner" = CCleaner "Gadu-Gadu" = Gadu-Gadu 7.7 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer Participation Program 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "NeroVision!UninstallKey" = NeroVision Express 2 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NMPUninstallKey" = Nero Media Player "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Power Saver" = Program firmy TOSHIBA do oszczędzania energii "Program PC Diagnostic Tool" = Program TOSHIBA PC Narzędzie diagnostyczne "ProInst" = Oprogramowanie Intel(R) PROSet/Wireless "PROSet" = Intel(R) PRO Network Connections Drivers "Przegląd i kontrola budynku_is1" = Przegląd i kontrola budynku 1.60 "PunkBusterSvc" = PunkBuster Services "QuickTime" = QuickTime "RealAlt_is1" = Real Alternative 1.9.0 Lite "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-04-01 14:19:01 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OUTLOOK.EXE, wersja 11.0.5510.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-01 14:19:03 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OUTLOOK.EXE, wersja 11.0.5510.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-01 15:14:46 | Computer Name = YOUR-A42BD8878E | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft Office OneNote 2003 -- Błąd 2884. Wystąpił błąd wewnętrzny. (ErrorDialog ) Error - 2010-04-01 15:14:46 | Computer Name = YOUR-A42BD8878E | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft Office OneNote 2003 -- Błąd 2884. Wystąpił błąd wewnętrzny. (FirstRunEx ) Error - 2010-04-01 15:14:49 | Computer Name = YOUR-A42BD8878E | Source = Microsoft Office 11 | ID = 1000 Description = Faulting application onenote.exe, version 11.0.6360.0, stamp 40ca76c4, faulting module msocf.dll, version 11.0.6254.0, stamp 40509d17, debug? 0, fault address 0x000120d2. Error - 2010-04-02 00:59:50 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd TPSrv.exe, wersja 9.2.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 00:59:54 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd PnkBstrA.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 01:01:07 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1004 Description = Aplikacja powodująca błąd TPSrv.exe, wersja 9.2.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 01:02:51 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1004 Description = Aplikacja powodująca błąd PnkBstrA.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-03 04:21:23 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2010-04-03 06:38:25 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą Pml Driver HPZ12. Error - 2010-04-03 06:38:25 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Pml Driver HPZ12 z powodu następującego błędu: %%1053 < End of report > [/log]
Mateusz J. komentarz 3 kwietnia 2010 komentarz 3 kwietnia 2010 Głównie kosmetyka, ale są również pozostałości po infekcji z pendrive: Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :Processes explorer.exe :OTL O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [NDSTray.exe] File not found O33 - MountPoints2\{3771a073-f2da-11dd-97a8-00a0d152e537}\Shell\AutoRun\command - "" = G:\USBNB.exe -- File not found O33 - MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{606d8aad-7dcf-11de-98c7-00a0d152e537}\Shell\AutoRun\command - "" = StartPortableApps.exe O33 - MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\Shell\Auto\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 19:21:39 | 000,023,040 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\Shell - "" = AutoRun O33 - MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found :Files C:\Windows\SysWow64\sshnas21.DLL C:\Windows\Lluhua.exe C:\Users\Dawid\AppData\Local\Temp\Lsr.exe :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli. Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753 Usuwasz wszystko co znajdzie program, a raport pokazuje na forum. Pisałeś, że usunąłeś parę rzeczy, rozumiem pewnie wywaliłeś je z komputera. Jednak w autostarcie można zauważyć wiele programów uruchamiających się z systemem: [code]O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Symantec PIF alertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLPasswordManager] C:\Program Files\MarBit\ALLPassword Manager\ALLPasswordManager.exe (MarBit) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ExprOElauncher] C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe (Nektra S.A.) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\piotr\Menu Start\Programy\Autostart\Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)[/code] Wejdź w start=>uruchom=>msconfig=>zakładka:Uruchamianie Następnie odznaczasz programy, które znasz i nie są potrzebne podczas startu. Wejdź także do folderu: C:\Documents and Settings\piotr\Menu Start\Programy\Autostart Usuń w nim również programy które uważasz za zbędne.
mathew07 komentarz 3 kwietnia 2010 Autor komentarz 3 kwietnia 2010 Log, który wyskoczył po uruchomieniu ponownym komputera: [log]All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85F685C3-20D9-4943-95E4-EB4224056C3F}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85F685C3-20D9-4943-95E4-EB4224056C3F}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{85F685C3-20D9-4943-95E4-EB4224056C3F} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85F685C3-20D9-4943-95E4-EB4224056C3F}\ not found. Registry value HKEY_USERS\S-1-5-21-3019153171-1456520892-898896029-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-21-3019153171-1456520892-898896029-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CFSServ.exe not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3771a073-f2da-11dd-97a8-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3771a073-f2da-11dd-97a8-00a0d152e537}\ not found. File G:\USBNB.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{606d8aac-7dcf-11de-98c7-00a0d152e537}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{606d8aac-7dcf-11de-98c7-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{606d8aac-7dcf-11de-98c7-00a0d152e537}\ not found. File E:\LaunchU3.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{606d8aad-7dcf-11de-98c7-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{606d8aad-7dcf-11de-98c7-00a0d152e537}\ not found. File StartPortableApps.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87d93c3b-0755-11de-97dd-00a0d152e537}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87d93c3b-0755-11de-97dd-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87d93c3b-0755-11de-97dd-00a0d152e537}\ not found. File F:\LaunchU3.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d010017-0341-11df-99e3-00a0d152e537}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d010017-0341-11df-99e3-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d010017-0341-11df-99e3-00a0d152e537}\ not found. C:\WINDOWS\system32\setup.exe moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3092294-fbf8-11dd-97bf-00a0d152e537}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3092294-fbf8-11dd-97bf-00a0d152e537}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3092294-fbf8-11dd-97bf-00a0d152e537}\ not found. File E:\AutoRun.exe not found. ========== FILES ========== File\Folder C:\Windows\SysWow64\sshnas21.DLL not found. File\Folder C:\Windows\Lluhua.exe not found. File\Folder C:\Users\Dawid\AppData\Local\Temp\Lsr.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 65536 bytes ->Temporary Internet Files folder emptied: 57119 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: piotr ->Temp folder emptied: 40909061 bytes ->Temporary Internet Files folder emptied: 68317 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 42228 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 220273 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 25889683 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 64,00 mb OTL by OldTimer - Version 3.1.37.3 log created on 04032010_141951 Files\Folders moved on Reboot... C:\WINDOWS\temp\cace2423dfb97c58fe7dd9f120557063PSK_PLUGINS_0 moved successfully. Registry entries deleted on Reboot... [/log] Do tego nowy log z programu: 1. [log]OTL logfile created on: 2010-04-03 15:02:05 - Run 2 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\piotr\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,06 Gb Total Space | 99,11 Gb Free Space | 53,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-A42BD8878E Current User Name: piotr Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe PRC - [2010-03-29 15:24:52 | 001,086,856 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010-03-18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-01-31 00:27:38 | 000,141,061 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe PRC - [2009-09-25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\ApVxdWin.exe PRC - [2009-09-17 13:17:26 | 000,291,584 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSRV51.EXE PRC - [2009-09-07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\AVENGINE.EXE PRC - [2009-08-25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\psksvc.exe PRC - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrlS.exe PRC - [2009-08-10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PavFnSvr.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-04-23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\WebProxy.exe PRC - [2009-04-17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-01-30 10:12:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2008-12-27 20:40:28 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2008-09-24 08:50:36 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe PRC - [2008-06-19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsImSvc.exe PRC - [2008-05-02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2008-05-02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [PANDA] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [mi] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 19:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 19:21:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-03-20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-02-04 17:26:48 | 000,062,768 | R--- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe PRC - [2008-01-29 18:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2007-05-08 17:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-08-03 18:40:26 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2006-03-02 16:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2006-03-02 15:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe PRC - [2006-02-02 22:19:10 | 001,753,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2006-02-02 21:32:08 | 000,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe PRC - [2006-02-02 21:31:04 | 000,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2006-02-02 13:11:38 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Tvs\TvsTray.exe PRC - [2006-01-27 18:17:50 | 000,221,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2006-01-26 15:06:38 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe PRC - [2006-01-05 15:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe PRC - [2005-12-20 12:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe PRC - [2005-12-10 00:49:42 | 015,691,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2005-12-05 16:50:08 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe PRC - [2005-12-05 13:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005-11-28 22:51:52 | 000,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe PRC - [2005-11-28 12:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005-11-28 12:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005-11-28 12:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005-11-28 12:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005-11-28 12:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005-10-15 15:29:08 | 000,088,203 | ---- | M] (Agere Systems) -- C:\WINDOWS\agrsmmsg.exe PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2005-09-16 15:44:58 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe PRC - [2005-09-16 15:44:58 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe PRC - [2005-08-11 17:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2005-08-04 15:16:02 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe PRC - [2005-08-04 15:15:48 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004-08-28 09:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe PRC - [2004-08-28 09:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe MOD - [2009-12-21 21:08:54 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2009-12-21 21:08:53 | 001,208,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2009-12-21 21:08:50 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-30 19:22:58 | 000,518,400 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\PavSHook.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-01-30 10:12:00 | 001,507,328 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2009-01-30 10:12:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll MOD - [2009-01-30 10:12:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-05-02 03:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll MOD - [2008-04-14 23:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 19:20:57 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 19:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 19:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 19:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 19:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 19:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 19:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 19:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 19:19:59 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-02-08 11:53:40 | 000,107,568 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\SYSTOOLS.DLL MOD - [2006-12-21 14:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll MOD - [2006-03-13 13:11:14 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll MOD - [2002-03-03 05:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-09-17 13:17:26 | 000,291,584 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\pavsrv51.exe -- (PAVSRV) SRV - [2009-08-25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe -- (PskSvcRetail) SRV - [2009-08-10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrls.exe -- (Panda Software Controller) SRV - [2009-08-10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PavFnSvr.exe -- (PAVFNSVR) SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009-06-18 12:06:47 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe -- (TPSrv) SRV - [2008-12-26 14:57:19 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008-07-02 15:09:36 | 000,060,160 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\GWMsrv.dll -- (Gwmsrv) SRV - [2008-06-19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsImSvc.exe -- (PSIMSVC) SRV - [2008-02-04 17:26:48 | 000,062,768 | R--- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv) SRV - [2008-01-29 18:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service) SRV - [2007-08-09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2006-08-03 18:40:26 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate) SRV - [2006-08-03 18:40:26 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Harmonogram automatycznej usługi LiveUpdate) SRV - [2005-12-20 12:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005-11-28 12:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 12:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 12:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004-08-28 09:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys) DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys) DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt) DRV - [2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009-10-06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-06-30 17:17:12 | 000,163,336 | R--- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc) DRV - [2009-06-30 11:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\pavboot.sys -- (pavboot) DRV - [2009-01-30 10:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-12-17 09:35:52 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-04-28 18:35:14 | 000,084,024 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV) DRV - [2008-04-13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-03-04 15:59:42 | 000,041,144 | R--- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv) DRV - [2008-02-29 04:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2008-02-29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2008-02-29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2006-06-30 01:53:44 | 000,003,712 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2006-05-30 16:42:52 | 000,045,696 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2006-05-10 10:56:54 | 000,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2006-05-10 10:56:50 | 000,071,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2006-05-10 10:56:08 | 000,013,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2006-03-21 23:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006-03-02 15:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-02-08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid) DRV - [2006-02-02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd) DRV - [2006-01-31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2005-12-14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2005-12-10 01:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005-11-28 13:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005-11-24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2005-11-15 18:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005-11-11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM) DRV - [2005-10-20 15:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2005-09-09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005-08-01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2005-07-11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt) DRV - [2005-06-02 12:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005-01-06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2004-08-18 09:00:00 | 000,067,584 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Wibukey.sys -- (WIBUKEY) DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com IE - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (MSN Search Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\..\Toolbar\WebBrowser: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &MSN Search - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation) O8 - Extra context menu item: Open in new background tab - C:\Program Files\MSN Toolbar Suite\en-ww\msntabres.dll.mui (Microsoft Corporation) O8 - Extra context menu item: Open in new foreground tab - C:\Program Files\MSN Toolbar Suite\en-ww\msntabres.dll.mui (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230029238109 (WUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avldr: DllName - avldr.dll - C:\WINDOWS\System32\avldr.dll (Panda Security, S.L.) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA SATELLITE.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA SATELLITE.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2006-03-31 17:03:45 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Development Company, L.P.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Photosmart Premier - Szybkie uruchomienie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Development Company, L.P.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe - (Logitech, Inc.) MsConfig - StartUpFolder: C:^Documents and Settings^piotr^Menu Start^Programy^Autostart^Szybkie uruchamianie programu Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE - (Microsoft Corporation) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]ALLPasswordManager[/b] - hkey= - key= - C:\Program Files\MarBit\ALLPassword Manager\ALLPasswordManager.exe (MarBit) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe File not found MsConfig - StartUpReg: [b]ExprOElauncher[/b] - hkey= - key= - C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe (Nektra S.A.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: PskSvcRetail - C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe (Panda Security, S.L.) SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-04-03 15:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Pulpit\Nowy folder [2010-04-03 14:44:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Dane aplikacji\Malwarebytes [2010-04-03 14:43:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-04-03 14:43:49 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-04-03 14:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-04-03 14:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-04-03 14:43:04 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\piotr\Pulpit\mbam-setup.exe [2010-04-03 14:04:53 | 000,000,000 | ---D | C] -- C:\_OTL [2010-04-03 13:48:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\piotr\Recent [2010-04-03 13:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Pulpit\Muzyka [2010-04-03 13:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Dane aplikacji\skypePM [2010-04-03 13:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Dane aplikacji\Skype [2010-04-03 13:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-04-03 13:33:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-04-03 13:33:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-04-03 13:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Dane aplikacji\vlc [2010-04-03 13:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2010-04-03 12:47:53 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe [2010-04-03 12:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-04-03 12:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2010-04-03 10:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite [2010-04-03 10:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-04-03 10:43:55 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010-04-03 10:43:55 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010-04-03 10:43:54 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010-04-03 10:43:53 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010-04-03 10:43:53 | 000,017,664 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010-04-03 10:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010-04-01 21:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Moje dokumenty\Mój notes [2010-03-31 19:32:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\piotr\Phone Browser [2010-03-09 23:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\piotr\Application Data [2010-02-02 20:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2010-02-02 20:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft AutoRoute 2010 [2010-02-02 20:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2008-12-27 00:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2006-02-19 04:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll [2006-01-30 14:42:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-04-03 14:49:51 | 000,000,942 | ---- | M] () -- C:\WINDOWS\win.ini [2010-04-03 14:49:51 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-04-03 14:49:51 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010-04-03 14:43:54 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-03 14:43:12 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\piotr\Pulpit\mbam-setup.exe [2010-04-03 14:39:44 | 000,198,595 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-04-03 14:38:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-04-03 14:38:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-03 14:38:36 | 3219,181,568 | -HS- | M] () -- C:\hiberfil.sys [2010-04-03 13:55:25 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\piotr\NTUSER.DAT [2010-04-03 13:50:36 | 000,005,322 | ---- | M] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_135033.reg [2010-04-03 13:34:37 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-04-03 13:34:00 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-04-03 12:48:09 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\piotr\Pulpit\OTL.exe [2010-04-03 12:32:05 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2010-04-03 10:49:29 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-03 10:49:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2010-04-03 10:41:53 | 000,219,352 | ---- | M] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_104147.reg [2010-04-03 09:20:10 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-04-03 09:07:11 | 000,062,848 | ---- | M] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-04-03 09:04:04 | 000,228,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-31 09:21:44 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-28 18:34:25 | 000,503,756 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-03-28 18:34:25 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-03-28 18:34:25 | 000,090,292 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-03-28 18:34:24 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-03-28 18:34:22 | 001,124,634 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-03-26 23:14:45 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\piotr\Dane aplikacji\setup_ldm.iss [2010-03-15 16:04:17 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\piotr\ntuser.ini [2010-03-02 15:19:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-02-28 11:44:51 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-26 08:04:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-02-04 22:31:08 | 000,028,621 | ---- | M] () -- C:\WINDOWS\FontData.fdb [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-04-03 14:43:54 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-03 13:50:35 | 000,005,322 | ---- | C] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_135033.reg [2010-04-03 13:34:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-04-03 13:34:00 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-04-03 10:49:29 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf [2010-04-03 10:49:26 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2010-04-03 10:41:50 | 000,219,352 | ---- | C] () -- C:\Documents and Settings\piotr\Moje dokumenty\cc_20100403_104147.reg [2010-04-03 09:20:29 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-03-26 23:14:45 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\piotr\Dane aplikacji\setup_ldm.iss [2010-02-16 10:06:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-01-21 09:18:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI [2009-08-25 12:12:53 | 000,802,888 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-05-31 13:39:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-01-27 09:39:09 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2009-01-27 09:38:35 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2009-01-27 09:38:34 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2009-01-27 09:38:33 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2009-01-27 09:38:32 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll [2009-01-27 09:38:31 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2009-01-27 09:38:30 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2009-01-27 09:38:29 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2009-01-27 09:38:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2009-01-27 09:38:07 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2009-01-27 09:38:02 | 000,145,609 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2009-01-27 09:37:59 | 004,302,881 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2009-01-27 09:37:27 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2009-01-27 09:37:26 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2009-01-27 09:37:25 | 000,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2009-01-27 09:37:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2009-01-27 09:37:21 | 000,485,888 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2009-01-27 09:37:15 | 000,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2009-01-27 09:37:11 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2009-01-27 09:37:08 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2009-01-12 16:00:29 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2008-12-30 20:11:50 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2008-12-30 20:11:50 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2008-12-30 20:11:50 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2008-12-30 19:41:49 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2008-12-29 17:55:16 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-12-29 17:55:14 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-12-29 17:55:09 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-12-29 17:55:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-12-29 17:54:56 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-12-29 17:54:50 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-12-27 21:31:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-27 21:31:52 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-12-27 20:40:42 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-12-27 20:40:41 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\piotr\Dane aplikacji\PnkBstrK.sys [2008-12-23 10:03:50 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2008-12-23 10:00:21 | 000,001,334 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-12-22 13:13:52 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2006-08-24 13:46:51 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2006-08-24 13:34:30 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-08-24 13:34:30 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-08-24 13:34:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-08-24 13:34:28 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-01-30 16:16:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-01-30 16:05:34 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2006-01-30 15:56:46 | 000,000,649 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-01-30 15:36:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006-01-30 15:26:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-01-30 15:26:58 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-01-30 15:26:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-01-30 15:26:58 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-01-30 15:26:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-01-30 15:26:58 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-01-30 15:23:02 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2006-01-30 15:23:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2006-01-30 15:23:02 | 000,010,147 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-01-30 15:23:02 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-01-30 15:18:45 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006-01-30 15:17:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll [2006-01-30 15:14:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2006-01-30 15:14:12 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2006-01-30 14:42:51 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2006-01-30 09:06:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-01-30 09:06:50 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-09-02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005-07-22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004-10-05 17:27:56 | 000,304,572 | ---- | C] () -- C:\WINDOWS\System32\Inter32.DLL [2004-07-20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004-01-15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [color=#E56717]========== LOP Check ==========[/color] [2009-05-31 13:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Age of Empires 3 [2009-06-18 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-12-21 23:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2010-04-03 10:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2008-12-27 00:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2010-01-04 10:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security [2008-12-27 00:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\toshiba [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Windows Desktop Search [2009-06-18 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Autodesk [2009-02-12 08:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009-11-11 23:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Gadu-Gadu [2009-12-17 09:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Graphisoft [2009-01-10 23:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\InterVideo [2009-05-25 08:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Nokia [2008-12-27 01:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\NSeries [2008-12-30 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Opera [2010-01-04 10:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Panda Security [2010-04-03 10:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\PC Suite [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\toshiba [2008-12-22 21:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\piotr\Dane aplikacji\Windows Desktop Search [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-04-03 14:49:51 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2006-01-30 09:20:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-04-03 14:38:36 | 3219,181,568 | -HS- | M] () -- C:\hiberfil.sys [2006-01-30 09:20:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006-01-30 09:20:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-12-23 15:33:13 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-04-03 14:38:32 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2006-08-25 20:38:46 | 000,000,176 | -H-- | M] () -- C:\SWSTAMP.TXT [2008-12-31 17:25:58 | 000,000,510 | ---- | M] () -- C:\updatedatfix.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-12-23 15:30:53 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] 2. [log]OTL Extras logfile created on: 2010-04-03 15:02:05 - Run 2 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\piotr\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 186,06 Gb Total Space | 99,11 Gb Free Space | 53,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-A42BD8878E Current User Name: piotr Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .js [@ = JSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .jse [@ = JSEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .vbe [@ = VBEFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .vbs [@ = VBSFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .wsf [@ = WSFFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) .wsh [@ = WSHFile] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PAVSCRIP.EXE (Panda Security, S.L.) [HKEY_USERS\S-1-5-21-3019153171-1456520892-898896029-1006\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8461:TCP" = 8461:TCP:*:Enabled:GoD High Port "8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found "C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package "{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}" = PL "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{20749F76-4228-43AD-8AB5-E7B20D8040C4}" = hph_readme "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2 "{3004FB81-7B9E-4808-BD13-BC5A530BA60B}" = cp_PrintOnCDConfig "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4 "{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder "{36DC3E2F-CD8C-4953-9E8F-9A1916D10AA1}" = hph_software "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{3EB6332B-AF02-457C-A31C-835458C5B48B}" = Podreczniki TOSHIBA "{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1 "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI "{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009 "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{5783F2D7-6009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - Polski "{5783F2D7-7009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2009 - Polski "{5783F2D7-8009-0415-0002-0060B0CE6BBA}" = AutoCAD LT 2010 - Polski "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Program narzędziowy TOSHIBA Zooming Utility "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities "{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3 "{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig "{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English) "{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003 "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{91120415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA "{91A10415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003 "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{94824ADD-8F26-43D2-84DB-22E11F377E5E}" = Microsoft English TTS Engine "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{96172E04-BB14-45F6-A77B-8EE7A421B903}" = SAPI Wrapper "{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}" = TTS Wrapper "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9F1868CA-BF34-45A7-A2C6-AF9EB7A8007E}" = MSN Search Toolbar "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Wyciszacz napędu CD/DVD "{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACCCEE83-B49B-4964-8A4F-378B8FBC9F75}" = hph_ProductContext "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req "{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig "{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour "{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery "{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = Moduł zabezpieczający SD "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C82185E8-C27B-4EF4-2010-3333BC2C2B6D}" = Microsoft AutoRoute 2010 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}" = HP Photosmart and Deskjet 7.0 Software (plk) "{D8185007-3F98-413E-B22D-BA513517383A}" = D5100_Help "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E14B8A08-42B3-4676-9E91-1D39F8158DA1}" = HP Print Diagnostic Utility "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E55FB276-73C9-4776-AB53-BC028C0509ED}" = Panda Antivirus Pro 2010 "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1 "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{F71D0C1A-B739-4DD9-8304-8271E67E00CD}" = MSN Search Toolbar Multilingual User Interface Pack "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FD100EAE-33D2-420D-BCEB-361AC512B0BB}" = D5100 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "001FFFFFFF09FF00FF0701F00F02F000-R1" = ArchiCAD 9 INT "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "AutoCAD LT 2008 - Polski" = AutoCAD LT 2008 - Polski "AutoCAD LT 2009 - Polski" = AutoCAD LT 2009 - Polski "AutoCAD LT 2010 - Polski" = AutoCAD LT 2010 - Polski "Autodesk Design Review 2009" = Autodesk Design Review 2009 "CCleaner" = CCleaner "Gadu-Gadu" = Gadu-Gadu 7.7 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer Participation Program 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero OEM "NeroVision!UninstallKey" = NeroVision Express 2 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NMPUninstallKey" = Nero Media Player "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Power Saver" = Program firmy TOSHIBA do oszczędzania energii "Program PC Diagnostic Tool" = Program TOSHIBA PC Narzędzie diagnostyczne "ProInst" = Oprogramowanie Intel(R) PROSet/Wireless "PROSet" = Intel(R) PRO Network Connections Drivers "Przegląd i kontrola budynku_is1" = Przegląd i kontrola budynku 1.60 "PunkBusterSvc" = PunkBuster Services "QuickTime" = QuickTime "RealAlt_is1" = Real Alternative 1.9.0 Lite "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem "VLC media player" = VLC media player 1.0.5 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-04-01 14:19:01 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OUTLOOK.EXE, wersja 11.0.5510.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-01 14:19:03 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca OUTLOOK.EXE, wersja 11.0.5510.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-01 15:14:46 | Computer Name = YOUR-A42BD8878E | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft Office OneNote 2003 -- Błąd 2884. Wystąpił błąd wewnętrzny. (ErrorDialog ) Error - 2010-04-01 15:14:46 | Computer Name = YOUR-A42BD8878E | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft Office OneNote 2003 -- Błąd 2884. Wystąpił błąd wewnętrzny. (FirstRunEx ) Error - 2010-04-01 15:14:49 | Computer Name = YOUR-A42BD8878E | Source = Microsoft Office 11 | ID = 1000 Description = Faulting application onenote.exe, version 11.0.6360.0, stamp 40ca76c4, faulting module msocf.dll, version 11.0.6254.0, stamp 40509d17, debug? 0, fault address 0x000120d2. Error - 2010-04-02 00:59:50 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd TPSrv.exe, wersja 9.2.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 00:59:54 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd PnkBstrA.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 01:01:07 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1004 Description = Aplikacja powodująca błąd TPSrv.exe, wersja 9.2.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-02 01:02:51 | Computer Name = YOUR-A42BD8878E | Source = Application Error | ID = 1004 Description = Aplikacja powodująca błąd PnkBstrA.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00000000. Error - 2010-04-03 04:21:23 | Computer Name = YOUR-A42BD8878E | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Panda Process Protection Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Pml Driver HPZ12 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Panda IManager Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Panda PSK service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Intel(R) PROSet/Wireless Registry Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa TOSHIBA Application Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:23:50 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Panda Function Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:26:30 | Computer Name = YOUR-A42BD8878E | Source = Service Control Manager | ID = 7034 Description = Usługa Panda On-Access Anti-Malware Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-04-03 08:38:52 | Computer Name = YOUR-A42BD8878E | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.2.25 dla karty sieciowej o adresie 0018DE247995 został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK). < End of report > [/log] Malwarebytes' Anti-Malware już zapuszczony, dodać do niego log za chwile? Właśnie w tym msconfig nie wiem za bardzo co wyłączyć żeby czegoś nie zepsuć, a komputer się rzeczywiście długo uruchamia.
Mateusz J. komentarz 3 kwietnia 2010 komentarz 3 kwietnia 2010 [code]O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Inicio.exe (Panda Security, S.L.) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLPasswordManager] C:\Program Files\MarBit\ALLPassword Manager\ALLPasswordManager.exe (MarBit) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [ExprOElauncher] C:\Program Files\ivo\Expressivo Demo\integr\OutlookExpress\ExprOElauncher.exe (Nektra S.A.) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKU\S-1-5-21-3019153171-1456520892-898896029-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)[/code]To można wywalić, jeśli widnieje w msconfig.
mathew07 komentarz 3 kwietnia 2010 Autor komentarz 3 kwietnia 2010 Okej, wszystko wyłączone. Ale komputer ciągle jakos wolno ładuje Windowsa.
Mateusz J. komentarz 3 kwietnia 2010 komentarz 3 kwietnia 2010 Poczytaj: http://www.forumpc.pl/index.php?showtopic=17478
mathew07 komentarz 3 kwietnia 2010 Autor komentarz 3 kwietnia 2010 Napewno zajrze. Dziękuje za pomoc, pozdrawiam
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.