x-kom hosting

Ktoś podgląda mnie przez kamerkę?

Shimmy
utworzono
utworzono (edytowane)

Mam wrażenie, że jestem szpiegowany. Co jakiś czas na moim laptopie (asus k50in) zapala się dioda od kamerki internetowej. Jeśli włączę na chwilę program do jej obsługi po czym go wyłączę, dioda gaśnie.

Na ostatnie 10 dni wróciłem z laptopem do domu i mimo iż bardzo długo był włączony, dioda nie zapaliła się ani razu. Podejrzewam, że to dlatego, iż w rodzinnym domu nie mam połączenia z internetem.

Wklejam cały log. Czy możliwe jest 'podglądanie' mnie przez intruza bez mojej wiedzy?

PS. Puszczałem ComboFixa, a Avast5 nic nie pokazuje.


[log]OTL logfile created on: 2010-04-06 21:32:23 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = J:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 173,70 Gb Free Space | 74,59% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 88,34 Gb Free Space | 39,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 600,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 453,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 309,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 3,73 Gb Total Space | 3,66 Gb Free Space | 98,00% Space Free | Partition Type: FAT32

Computer Name: WLASCICIEL-PC
Current User Name: Właściciel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-06 21:29:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- J:\OTL.exe
PRC - [2010-03-09 13:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-02-18 12:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-11-18 00:37:18 | 000,224,816 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2009-11-12 23:42:18 | 000,331,824 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2009-10-13 07:34:42 | 000,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2009-07-02 02:56:10 | 000,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-04-07 19:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
PRC - [2009-04-07 19:02:10 | 003,405,048 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
PRC - [2009-04-07 18:34:26 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009-04-02 20:49:12 | 000,211,512 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2009-03-30 06:06:15 | 000,424,864 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009-03-24 13:10:25 | 007,289,376 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009-03-21 05:37:18 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-03-19 17:11:24 | 001,138,688 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe
PRC - [2009-03-04 19:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009-02-07 01:13:16 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-12-10 00:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008-10-01 08:02:48 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008-10-01 00:17:32 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2008-08-18 20:27:32 | 000,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2008-08-18 19:56:22 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008-08-14 05:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-08-14 01:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008-07-19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008-06-09 19:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008-04-01 08:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008-01-21 04:24:59 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 04:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2005-07-07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-06 21:29:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- J:\OTL.exe
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2009-03-30 05:48:13 | 000,245,760 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDApix.dll
MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-11-18 00:37:40 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2009-11-18 00:37:18 | 000,224,816 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2009-11-12 23:42:18 | 000,331,824 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2009-10-13 07:34:42 | 000,056,680 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-09-24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009-04-07 19:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV - [2008-12-08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008-08-14 05:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-09 13:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-03-09 13:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-03-09 13:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-03-09 13:08:52 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-03-09 13:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-12 23:42:18 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2009-11-12 23:42:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009-10-01 13:10:30 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-07-14 03:26:45 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009-07-02 01:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-04-01 23:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009-03-30 09:33:17 | 000,129,536 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ETD.sys -- (ETD)
DRV - [2009-03-24 13:33:27 | 002,346,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-08 17:01:52 | 000,055,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2008-11-27 13:16:47 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-11-13 03:02:17 | 000,146,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008-11-03 09:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008-08-25 12:22:51 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008-08-11 04:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-01-21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-07-24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-31 09:35:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-31 09:35:46 | 000,000,000 | ---D | M]

[2009-10-01 11:56:44 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\mozilla\Extensions
[2010-03-30 21:00:13 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\mozilla\Firefox\Profiles\nw49048f.default\extensions
[2010-01-11 19:23:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Właściciel\AppData\Roaming\mozilla\Firefox\Profiles\nw49048f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-26 00:28:41 | 000,001,163 | ---- | M] () -- C:\Users\Właściciel\AppData\Roaming\Mozilla\FireFox\Profiles\nw49048f.default\searchplugins\memory-alpha-en.xml
[2009-10-12 21:32:52 | 000,001,340 | ---- | M] () -- C:\Users\Właściciel\AppData\Roaming\Mozilla\FireFox\Profiles\nw49048f.default\searchplugins\wikipedia-en.xml
[2009-10-12 21:34:09 | 000,001,979 | ---- | M] () -- C:\Users\Właściciel\AppData\Roaming\Mozilla\FireFox\Profiles\nw49048f.default\searchplugins\wrzuta.xml
[2009-10-12 21:33:48 | 000,001,738 | ---- | M] () -- C:\Users\Właściciel\AppData\Roaming\Mozilla\FireFox\Profiles\nw49048f.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-03-19 02:24:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-31 14:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2010-03-24 10:00:19 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-03-24 10:00:19 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-24 10:00:19 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-24 10:00:19 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-24 10:00:19 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-24 10:00:19 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-03-19 01:14:58 | 000,000,042 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000..\Run: [SRS Premium Sound] C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe (SRS Labs, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://vexcast.com/download/vexcast.cab (VodClient Control Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,000,047 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2003-03-14 17:27:46 | 000,893,007 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002-07-21 22:12:28 | 000,000,105 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - H:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001-10-25 19:12:20 | 000,000,145 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001-10-10 00:45:36 | 000,001,044 | R--- | M] () - H:\AUTORUN.INI -- [ CDFS ]
O32 - AutoRun File - [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation) - I:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003-11-07 12:33:25 | 000,000,381 | R--- | M] () - I:\autoplay.ini -- [ CDFS ]
O32 - AutoRun File - [2006-12-04 19:17:56 | 000,000,044 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2003-03-14 17:27:46 | 000,893,007 | R--- | M] ()
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\dinstall\command - "" = H:\Setup\DirectX\dxsetup.exe -- [2000-10-21 13:39:38 | 000,147,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = I:\autoplay.exe -- [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-31 12:32:53 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\.thumbnails
[2010-03-31 12:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-03-31 12:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GTK
[2010-03-31 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\Documents\gegl-0.0
[2010-03-31 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\.gimp-2.6
[2010-03-31 10:08:33 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Roaming\OpenOffice.org
[2010-03-31 10:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010-03-31 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice
[2010-03-19 16:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-03-19 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-03-19 02:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-03-19 02:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-03-19 01:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-03-19 01:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010-03-19 01:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010-03-19 01:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010-03-19 01:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\CodeStuff
[2010-03-18 23:07:58 | 000,162,640 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-03-18 23:07:58 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-03-18 23:07:58 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-03-18 23:07:58 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-03-18 23:07:57 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-03-18 23:07:07 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010-03-18 23:07:07 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010-03-18 23:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-03-18 23:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-03-18 22:54:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010-03-18 22:54:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\temp
[2010-03-18 22:53:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010-03-18 22:38:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010-03-18 22:38:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010-03-18 22:38:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010-03-18 22:38:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-03-18 22:37:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-18 22:37:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-03-18 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\Windows Server
[2010-03-17 12:25:02 | 000,144,896 | RHS- | C] (Nx8GHptx0) -- C:\Users\Właściciel\csrss.exe
[2010-03-16 19:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010-03-16 18:24:50 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\Documents\Downloads
[2010-03-16 18:24:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-03-16 18:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-03-12 20:26:01 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Roaming\SecondLife
[2010-03-12 20:26:01 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\SecondLife
[2010-03-12 20:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2010-03-08 09:36:11 | 000,000,000 | -H-D | C] -- C:\VJVod_Cache
[2010-03-07 22:32:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\nagasoft
[2010-03-05 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010-03-03 19:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-02-24 00:02:31 | 000,409,600 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010-02-24 00:02:31 | 000,114,688 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010-02-24 00:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2008-11-03 09:03:27 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-06 21:32:38 | 001,835,008 | -HS- | M] () -- C:\Users\Właściciel\ntuser.dat
[2010-04-06 21:29:40 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-04-06 21:29:40 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-04-06 21:29:40 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-04-06 21:29:40 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-04-06 21:29:40 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-04-06 21:08:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-06 21:08:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-06 20:39:45 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B30FF04F-6F15-4E0E-B838-A132487346D8}.job
[2010-04-06 20:10:09 | 000,025,088 | ---- | M] () -- C:\Users\Właściciel\Desktop\notatki socjo.doc
[2010-04-06 20:09:14 | 000,049,114 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-04-06 20:09:14 | 000,049,114 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-04-06 20:09:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-04-06 20:09:02 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2010-04-06 13:46:58 | 000,019,456 | ---- | M] () -- C:\Users\Właściciel\Desktop\PRACA.doc
[2010-04-06 13:26:29 | 000,019,456 | ---- | M] () -- C:\Users\Właściciel\Desktop\socjo materialy.doc
[2010-04-06 13:21:38 | 004,094,124 | ---- | M] () -- C:\Users\Właściciel\Desktop\raport Młodzi i Media.pdf
[2010-04-06 13:08:20 | 000,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2010-04-06 13:08:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-04-06 13:08:05 | 3757,211,648 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-06 12:42:46 | 000,524,288 | -HS- | M] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-04-06 12:42:46 | 000,065,536 | -HS- | M] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-04-06 12:42:42 | 002,630,617 | -H-- | M] () -- C:\Users\Właściciel\AppData\Local\IconCache.db
[2010-04-01 22:01:34 | 000,064,000 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-31 14:43:56 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010-03-31 14:43:33 | 000,390,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-03-31 12:34:31 | 000,000,859 | ---- | M] () -- C:\Users\Właściciel\.recently-used.xbel
[2010-03-31 10:32:18 | 000,104,200 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-03-29 09:16:22 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2010-03-28 20:55:31 | 000,000,706 | ---- | M] () -- C:\Users\Public\Desktop\Star Trek Armada II.lnk
[2010-03-28 20:55:25 | 000,000,827 | ---- | M] () -- C:\Windows\STA2.ini
[2010-03-19 16:44:27 | 000,026,846 | -H-- | M] () -- C:\Users\Właściciel\Documents\cc_20100319_154415.reg
[2010-03-19 12:15:27 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2010-03-19 01:27:00 | 000,015,136 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010-03-19 01:19:46 | 000,000,424 | ---- | M] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010-03-19 01:14:58 | 000,000,042 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-03-18 23:07:57 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-03-18 22:50:12 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010-03-18 22:36:51 | 000,009,408 | -HS- | M] () -- C:\Users\Właściciel\AppData\Local\icMtWSjHcWRiY
[2010-03-18 22:36:51 | 000,009,408 | -HS- | M] () -- C:\ProgramData\icMtWSjHcWRiY
[2010-03-17 15:48:42 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\Europa Universalis III.lnk
[2010-03-16 18:24:48 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-03-12 20:25:59 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\SL.lnk
[2010-03-09 13:24:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010-03-09 13:24:05 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010-03-09 13:12:54 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-03-09 13:12:33 | 000,162,640 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-03-09 13:09:08 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-03-09 13:08:52 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-03-09 13:08:30 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-03-08 01:22:09 | 000,589,312 | ---- | M] () -- C:\Users\Właściciel\Documents\eduroam.doc
[2010-03-01 02:00:44 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-02-24 00:02:31 | 000,409,600 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010-02-24 00:02:31 | 000,114,688 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010-02-14 14:34:50 | 000,043,520 | ---- | M] () -- C:\Users\Właściciel\Desktop\Konspekt socjo.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-06 20:10:07 | 000,025,088 | ---- | C] () -- C:\Users\Właściciel\Desktop\notatki socjo.doc
[2010-04-06 13:39:35 | 000,019,456 | ---- | C] () -- C:\Users\Właściciel\Desktop\PRACA.doc
[2010-04-06 13:31:55 | 004,094,124 | ---- | C] () -- C:\Users\Właściciel\Desktop\raport Młodzi i Media.pdf
[2010-04-06 13:26:27 | 000,019,456 | ---- | C] () -- C:\Users\Właściciel\Desktop\socjo materialy.doc
[2010-03-31 12:34:31 | 000,000,859 | ---- | C] () -- C:\Users\Właściciel\.recently-used.xbel
[2010-03-31 09:52:06 | 000,043,520 | ---- | C] () -- C:\Users\Właściciel\Desktop\Konspekt socjo.doc
[2010-03-28 20:55:31 | 000,000,706 | ---- | C] () -- C:\Users\Public\Desktop\Star Trek Armada II.lnk
[2010-03-28 20:53:06 | 000,000,827 | ---- | C] () -- C:\Windows\STA2.ini
[2010-03-19 16:44:19 | 000,026,846 | -H-- | C] () -- C:\Users\Właściciel\Documents\cc_20100319_154415.reg
[2010-03-19 01:15:08 | 000,000,424 | ---- | C] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010-03-19 01:14:58 | 000,015,136 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010-03-19 01:05:35 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2010-03-18 22:38:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010-03-18 22:38:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010-03-18 22:38:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-03-18 21:50:42 | 000,009,408 | -HS- | C] () -- C:\Users\Właściciel\AppData\Local\icMtWSjHcWRiY
[2010-03-18 21:50:42 | 000,009,408 | -HS- | C] () -- C:\ProgramData\icMtWSjHcWRiY
[2010-03-17 15:48:42 | 000,000,703 | ---- | C] () -- C:\Users\Public\Desktop\Europa Universalis III.lnk
[2010-03-12 20:25:59 | 000,000,887 | ---- | C] () -- C:\Users\Public\Desktop\SL.lnk
[2010-03-08 01:22:07 | 000,589,312 | ---- | C] () -- C:\Users\Właściciel\Documents\eduroam.doc
[2009-10-22 23:48:33 | 000,000,277 | ---- | C] () -- C:\Windows\thug2.ini
[2009-10-12 18:47:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-09 15:28:45 | 000,023,580 | ---- | C] () -- C:\Users\Właściciel\AppData\Roaming\UserTile.png
[2009-10-02 18:40:38 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-10-01 15:18:21 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009-10-01 15:18:21 | 000,617,984 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-10-01 15:18:21 | 000,178,688 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-10-01 13:10:30 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-10-01 10:12:05 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009-10-01 08:54:24 | 000,064,000 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-30 15:14:51 | 000,524,288 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009-09-30 15:14:51 | 000,524,288 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009-09-30 15:14:51 | 000,262,144 | -H-- | C] () -- C:\Users\Właściciel\ntuser.dat.LOG1
[2009-09-30 15:14:51 | 000,065,536 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009-09-30 15:14:51 | 000,000,020 | -HS- | C] () -- C:\Users\Właściciel\ntuser.ini
[2009-09-30 15:14:51 | 000,000,000 | -H-- | C] () -- C:\Users\Właściciel\ntuser.dat.LOG2
[2009-09-30 15:14:50 | 001,835,008 | -HS- | C] () -- C:\Users\Właściciel\ntuser.dat
[2009-07-14 03:27:05 | 000,233,128 | ---- | C] () -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys
[2009-07-14 03:19:52 | 000,049,114 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-07-14 03:19:36 | 000,049,114 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009-07-14 02:40:23 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2008-08-11 04:14:11 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008-05-12 05:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008-04-18 01:45:31 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2009-11-24 02:33:45 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\ArcaMicroScan
[2009-10-01 13:15:18 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\DAEMON Tools Lite
[2010-03-31 10:08:33 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\OpenOffice.org
[2009-10-09 15:28:45 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\PeerNetworking
[2010-03-12 20:26:57 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\SecondLife
[2010-04-06 17:39:15 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\uTorrent
[2010-04-06 12:42:47 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-04-06 20:39:45 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B30FF04F-6F15-4E0E-B838-A132487346D8}.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

[log]OTL Extras logfile created on: 2010-04-06 21:32:23 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = J:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 173,70 Gb Free Space | 74,59% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 88,34 Gb Free Space | 39,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 600,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 453,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 309,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 3,73 Gb Total Space | 3,66 Gb Free Space | 98,00% Space Free | Partition Type: FAT32

Computer Name: WLASCICIEL-PC
Current User Name: Właściciel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2897344258-2973751225-2177724866-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6905937A-B13F-4FEF-B010-30DF910E09AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D9EC1199-E037-42E9-B0B4-337B4E7992C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F469D95-FDA2-48BE-A860-15BCDF05BB89}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4E32AC59-D852-4C52-85E1-ABF8ADEA140A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5CB58BB8-5443-4394-89C3-CFA1ABE59EF8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D2282B24-2BA1-4D97-A26C-E765E1C12809}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{0802CEC0-2B9B-436F-8387-034CA02B9278}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{8F955D69-3FB1-42A9-A95F-0FD98945E07E}C:\users\właściciel\appdata\local\temp\igqjj.exe" = protocol=6 | dir=in | app=c:\users\właściciel\appdata\local\temp\igqjj.exe |
"TCP Query User{DD048A7B-F5BE-46DC-9782-ACBE9896CAF8}C:\program files\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"TCP Query User{EFC83C51-6188-4B62-84C5-87F47CAE5489}C:\users\właściciel\appdata\local\temp\abhhqq.exe" = protocol=6 | dir=in | app=c:\users\właściciel\appdata\local\temp\abhhqq.exe |
"UDP Query User{30CFCD55-0180-421F-BF37-35E2B578014F}C:\program files\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"UDP Query User{3B8BE8E0-FC80-47DA-BAE7-A73399CC5212}C:\users\właściciel\appdata\local\temp\igqjj.exe" = protocol=17 | dir=in | app=c:\users\właściciel\appdata\local\temp\igqjj.exe |
"UDP Query User{9140D2E0-9B1E-4EBD-AF6B-9E17026F8003}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E5911B19-C695-4790-BF7C-501ED702DF2C}C:\users\właściciel\appdata\local\temp\abhhqq.exe" = protocol=17 | dir=in | app=c:\users\właściciel\appdata\local\temp\abhhqq.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{3856DA80-86D2-4EBF-B33E-9F2C54BC9AC4}" = Bezpieczeństwo rodzinne usługi Windows Live
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A6F1BDF7-53A7-4AF6-84B9-0C51C722BC91}" = Europa Universalis
"{A9FEB6D7-9C52-49FC-B956-7AB275B78890}" = ASUS FancyStart
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.1 - Polish
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C08F4C18-EBC5-47F4-A760-A2DF3C39CA20}" = Windows Live Movie Maker Beta
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"avast5" = avast! Free Antivirus
"Beyond the Red Line 1.0" = Beyond the Red Line
"CCleaner" = CCleaner
"Codec_is1" = Codec 8.3h
"CodeStuff Starter" = CodeStuff Starter
"Elantech" = ETDWare PS/2-x86 7.0.5.2 WHQL
"Gadu-Gadu" = Gadu-Gadu 7.0
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"HotspotShield" = Hotspot Shield 1.34
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SopCast" = SopCast 3.0.3
"Star Trek Armada II" = Star Trek Armada II
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-03-24 02:42:38 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-24 06:35:57 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-24 08:20:25 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-24 13:34:32 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-25 03:31:48 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-25 06:23:15 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-25 09:58:20 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-26 04:58:36 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-28 14:26:13 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-28 16:36:22 | Computer Name = Właściciel-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.180.7, sygnatura czasowa
0x4b2aa6d3, moduł powodujący błąd java.dll, wersja 6.0.180.7, sygnatura czasowa
0x4b2ad748, kod wyjątku 0xc0000005, przesunięcie błędu 0x00004e46, identyfikator
procesu 0x620, godzina rozpoczęcia aplikacji 0x01caceb652bd1bcf.

[ System Events ]
Error - 2009-12-13 16:59:13 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:04:23 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:09:34 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:14:44 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:19:54 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:25:04 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:30:14 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 17:35:24 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 18:25:51 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-13 18:25:58 | Computer Name = Właściciel-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >
[/log]

Mateusz J.
komentarz
komentarz

Masz infekcję:

Uruchom OTL i w oknie Custom Scans/Fixes wklej
[code]
:OTL
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,000,047 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2003-03-14 17:27:46 | 000,893,007 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002-07-21 22:12:28 | 000,000,105 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - H:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001-10-25 19:12:20 | 000,000,145 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001-10-10 00:45:36 | 000,001,044 | R--- | M] () - H:\AUTORUN.INI -- [ CDFS ]
O32 - AutoRun File - [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation) - I:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003-11-07 12:33:25 | 000,000,381 | R--- | M] () - I:\autoplay.ini -- [ CDFS ]
O32 - AutoRun File - [2006-12-04 19:17:56 | 000,000,044 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2003-03-14 17:27:46 | 000,893,007 | R--- | M] ()
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\dinstall\command - "" = H:\Setup\DirectX\dxsetup.exe -- [2000-10-21 13:39:38 | 000,147,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = I:\autoplay.exe -- [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation)

:Files
F:\Autorun.inf
G:\Autorun.exe
G:\Autorun.inf
H:\autorun.inf
H:\AUTORUN.INI
I:\autorun.inf
C:\autorun.inf
D:\autorun.inf
E:\autorun.inf
C:\Users\Właściciel\csrss.exe
C:\Users\Właściciel\AppData\Local\icMtWSjHcWRiY
C:\ProgramData\icMtWSjHcWRiY

:Commands
[emptytemp]
[Reboot]

[/code]
Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.

Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753
Raport na forum, usuwasz wszystko co program znajdzie.

To o czym mówisz jest możliwe, ale nie widzę tutaj Backdoora.
Żeby robić takie rzeczy trzeba być na prawdę dobrym informatykiem.
Wątpię iż ktoś włącza Ci kamerkę.

Shimmy
komentarz
komentarz

Dziękuję za pomoc!

na wstepie tylko zaznacze, ze: dyski F-I są wirtualnymi (daemon tools)
csrss.exe w międzyczasie usunął mi avast (w kolejnym, dzisiejszym porannym skanowaniu, już to wykrył)
przy okazji wywaliło mi cały profil na Mozilli, ale to pikuś...

[log]All processes killed
========== OTL ==========
File move failed. F:\Autorun.inf scheduled to be moved on reboot.
File move failed. F:\autorun.exe scheduled to be moved on reboot.
File move failed. G:\Autorun.exe scheduled to be moved on reboot.
File move failed. G:\Autorun.inf scheduled to be moved on reboot.
File move failed. H:\AUTORUN.EXE scheduled to be moved on reboot.
File move failed. H:\autorun.inf scheduled to be moved on reboot.
File move failed. H:\AUTORUN.INI scheduled to be moved on reboot.
File move failed. I:\autoplay.exe scheduled to be moved on reboot.
File move failed. I:\autoplay.ini scheduled to be moved on reboot.
File move failed. I:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b90-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b90-ae7b-11de-b851-00261875a651}\ not found.
File move failed. F:\autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b92-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b92-ae7b-11de-b851-00261875a651}\ not found.
File move failed. G:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b93-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b93-ae7b-11de-b851-00261875a651}\ not found.
File move failed. H:\AUTORUN.EXE scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b93-ae7b-11de-b851-00261875a651}\ not found.
File move failed. H:\Setup\DirectX\dxsetup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b94-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232e1b94-ae7b-11de-b851-00261875a651}\ not found.
File move failed. I:\autoplay.exe scheduled to be moved on reboot.
========== FILES ==========
File move failed. F:\Autorun.inf scheduled to be moved on reboot.
File move failed. G:\Autorun.exe scheduled to be moved on reboot.
File move failed. G:\Autorun.inf scheduled to be moved on reboot.
File move failed. H:\autorun.inf scheduled to be moved on reboot.
File move failed. H:\AUTORUN.INI scheduled to be moved on reboot.
File move failed. I:\autorun.inf scheduled to be moved on reboot.
File\Folder C:\autorun.inf not found.
File\Folder D:\autorun.inf not found.
File\Folder E:\autorun.inf not found.
File\Folder C:\Users\Właściciel\csrss.exe not found.
C:\Users\Właściciel\AppData\Local\icMtWSjHcWRiY moved successfully.
C:\ProgramData\icMtWSjHcWRiY moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User

User: Public
->Temp folder emptied: 0 bytes

User: Właściciel
->Temp folder emptied: 90156 bytes
->Temporary Internet Files folder emptied: 5787986 bytes
->Java cache emptied: 648581 bytes
->FireFox cache emptied: 52052884 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 785456 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 57,00 mb


OTL by OldTimer - Version 3.2.1.0 log created on 04072010_204627

Files\Folders moved on Reboot...
File\Folder F:\Autorun.inf not found!
File\Folder F:\autorun.exe not found!
File\Folder G:\Autorun.exe not found!
File\Folder G:\Autorun.inf not found!
File\Folder H:\AUTORUN.EXE not found!
File\Folder H:\autorun.inf not found!
File\Folder H:\AUTORUN.INI not found!
File\Folder I:\autoplay.exe not found!
File\Folder I:\autoplay.ini not found!
File\Folder I:\autorun.inf not found!
File\Folder H:\Setup\DirectX\dxsetup.exe not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

[log]Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Wersja bazy: 3966

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

2010-04-07 21:46:15
mbam-log-2010-04-07 (21-46-15).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Przeskanowano obiektów: 248853
Upłynęło: 52 minut(y), 10 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Users\Właściciel\AppData\Local\Windows Server\ljpdea.dll (Trojan.Agent) -> Quarantined and deleted successfully.
[/log]

[log]OTL logfile created on: 2010-04-07 21:55:23 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Users\Właściciel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 173,32 Gb Free Space | 74,42% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 88,27 Gb Free Space | 39,91% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 600,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 453,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 309,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WLASCICIEL-PC
Current User Name: Właściciel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-06 21:29:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Właściciel\Desktop\OTL.exe
PRC - [2010-03-09 13:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-02-18 12:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-11-18 00:37:18 | 000,224,816 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2009-11-12 23:42:18 | 000,331,824 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2009-10-13 07:34:42 | 000,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2009-08-24 22:23:38 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-07-02 02:56:10 | 000,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009-06-15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-04-07 19:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
PRC - [2009-04-07 19:02:10 | 003,405,048 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
PRC - [2009-04-07 18:34:26 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009-04-02 20:49:12 | 000,211,512 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2009-03-30 06:06:15 | 000,424,864 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009-03-24 13:10:25 | 007,289,376 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009-03-21 05:37:18 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-03-04 19:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009-02-07 01:13:16 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2008-12-23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-12-10 00:01:10 | 000,424,504 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\smartlogon.exe
PRC - [2008-12-10 00:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008-10-01 08:02:48 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008-10-01 00:17:32 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2008-08-18 20:27:32 | 000,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2008-08-18 19:56:22 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008-08-14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008-08-14 05:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-08-14 01:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008-07-19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008-06-09 19:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008-04-01 08:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008-01-21 04:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-21 04:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-01-21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-21 04:23:44 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-21 04:23:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2007-11-30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2005-07-15 23:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2005-07-07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-06 21:29:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Właściciel\Desktop\OTL.exe
MOD - [2010-02-23 08:33:45 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2010-02-23 08:33:44 | 011,070,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 16:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2009-03-30 05:48:13 | 000,245,760 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDApix.dll
MOD - [2008-01-21 04:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-21 04:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-21 04:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-21 04:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-21 04:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-21 04:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-03-09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-11-18 00:37:40 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2009-11-18 00:37:18 | 000,224,816 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2009-11-12 23:42:18 | 000,331,824 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2009-10-13 07:34:42 | 000,056,680 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-09-24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009-04-07 19:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV - [2008-12-08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008-08-14 05:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008-03-31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-08-08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-09 13:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-03-09 13:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-03-09 13:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-03-09 13:08:52 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-03-09 13:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-12 23:42:18 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2009-11-12 23:42:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009-10-01 13:10:30 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-07-14 03:26:45 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009-07-02 01:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-04-01 23:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009-03-30 09:33:17 | 000,129,536 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ETD.sys -- (ETD)
DRV - [2009-03-24 13:33:27 | 002,346,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-08 17:01:52 | 000,055,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2008-11-27 13:16:47 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-11-13 03:02:17 | 000,146,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008-11-03 09:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008-08-25 12:22:51 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008-08-11 04:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008-01-21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-07-24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006-12-14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-07 21:24:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-07 21:24:12 | 000,000,000 | ---D | M]

[2010-04-07 21:25:37 | 000,000,000 | ---D | M] -- C:\Dane aplikacji\Mozilla\Extensions
[2010-04-07 21:27:31 | 000,000,000 | ---D | M] -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\extensions
[2010-04-07 21:27:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-04-07 21:27:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-26 00:28:41 | 000,001,163 | ---- | M] () -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\searchplugins\memory-alpha-en.xml
[2009-10-12 21:32:52 | 000,001,340 | ---- | M] () -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\searchplugins\wikipedia-en.xml
[2009-10-12 21:34:09 | 000,001,979 | ---- | M] () -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\searchplugins\wrzuta.xml
[2009-10-12 21:33:48 | 000,001,738 | ---- | M] () -- C:\Dane aplikacji\Mozilla\Firefox\Profiles\vakz9kb9.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-04-07 21:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-31 14:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2009-08-24 21:19:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-24 21:19:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-24 21:19:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-24 21:19:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-24 21:19:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-24 21:19:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-03-19 01:14:58 | 000,000,042 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000..\Run: [SRS Premium Sound] C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe (SRS Labs, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://vexcast.com/download/vexcast.cab (VodClient Control Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,000,047 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2003-03-14 17:27:46 | 000,893,007 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002-07-21 22:12:28 | 000,000,105 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - H:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001-10-25 19:12:20 | 000,000,145 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001-10-10 00:45:36 | 000,001,044 | R--- | M] () - H:\AUTORUN.INI -- [ CDFS ]
O32 - AutoRun File - [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation) - I:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2003-11-07 12:33:25 | 000,000,381 | R--- | M] () - I:\autoplay.ini -- [ CDFS ]
O32 - AutoRun File - [2006-12-04 19:17:56 | 000,000,044 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b90-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009-09-04 08:10:21 | 000,214,408 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b92-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2003-03-14 17:27:46 | 000,893,007 | R--- | M] ()
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- [2000-01-17 18:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
O33 - MountPoints2\{232e1b93-ae7b-11de-b851-00261875a651}\Shell\dinstall\command - "" = H:\Setup\DirectX\dxsetup.exe -- [2000-10-21 13:39:38 | 000,147,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell - "" = AutoRun
O33 - MountPoints2\{232e1b94-ae7b-11de-b851-00261875a651}\Shell\AutoRun\command - "" = I:\autoplay.exe -- [2000-08-25 00:44:19 | 000,077,824 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2897344258-2973751225-2177724866-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-07 21:25:29 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\Mozilla
[2010-04-07 20:52:32 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\Malwarebytes
[2010-04-07 20:52:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-04-07 20:52:25 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-04-07 20:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-04-07 20:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-07 20:50:42 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Właściciel\Desktop\OTL.exe
[2010-04-07 20:41:54 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\Adobe
[2010-04-07 20:30:11 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\DAEMON Tools Lite
[2010-04-07 20:30:06 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\Macromedia
[2010-04-07 11:25:31 | 000,000,000 | ---D | C] -- C:\Dane aplikacji\Microsoft
[2010-04-07 11:25:31 | 000,000,000 | ---D | C] -- C:\Dane aplikacji
[2010-03-31 12:32:53 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\.thumbnails
[2010-03-31 12:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-03-31 12:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GTK
[2010-03-31 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\Documents\gegl-0.0
[2010-03-31 12:24:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\.gimp-2.6
[2010-03-31 10:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010-03-31 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice
[2010-03-19 16:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-03-19 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-03-19 02:19:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-03-19 02:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-03-19 01:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-03-19 01:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010-03-19 01:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010-03-19 01:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010-03-19 01:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\CodeStuff
[2010-03-18 23:07:58 | 000,162,640 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-03-18 23:07:58 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-03-18 23:07:58 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-03-18 23:07:58 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-03-18 23:07:57 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-03-18 23:07:07 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010-03-18 23:07:07 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010-03-18 23:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-03-18 23:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-03-18 22:54:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010-03-18 22:54:11 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\temp
[2010-03-18 22:53:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010-03-18 22:38:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010-03-18 22:38:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010-03-18 22:38:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010-03-18 22:38:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-03-18 22:37:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-18 22:37:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-03-18 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\Windows Server
[2010-03-16 19:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010-03-16 18:24:50 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\Documents\Downloads
[2010-03-16 18:24:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-03-16 18:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-03-12 20:26:01 | 000,000,000 | ---D | C] -- C:\Users\Właściciel\AppData\Local\SecondLife
[2010-03-12 20:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\SecondLife
[2010-03-08 09:36:11 | 000,000,000 | -H-D | C] -- C:\VJVod_Cache
[2010-03-07 22:32:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\nagasoft
[2010-03-05 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010-03-03 19:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-02-24 00:02:31 | 000,409,600 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010-02-24 00:02:31 | 000,114,688 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010-02-24 00:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2008-11-03 09:03:27 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-07 21:56:09 | 001,835,008 | -HS- | M] () -- C:\Users\Właściciel\ntuser.dat
[2010-04-07 21:55:22 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-04-07 21:55:22 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-04-07 21:55:22 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-04-07 21:55:22 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-04-07 21:55:22 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-04-07 21:47:55 | 000,049,114 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-04-07 21:47:51 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2010-04-07 21:47:49 | 000,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2010-04-07 21:47:47 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010-04-07 21:47:40 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-04-07 21:47:39 | 000,049,114 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-04-07 21:47:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-07 21:47:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-07 21:47:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-04-07 21:47:26 | 3757,264,896 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-07 21:46:41 | 000,524,288 | -HS- | M] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-04-07 21:46:41 | 000,065,536 | -HS- | M] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-04-07 21:46:40 | 003,016,260 | -H-- | M] () -- C:\Users\Właściciel\AppData\Local\IconCache.db
[2010-04-07 20:52:29 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-04-07 13:42:36 | 000,035,840 | ---- | M] () -- C:\Users\Właściciel\Desktop\notatki socjo.doc
[2010-04-07 00:06:53 | 000,067,072 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-06 21:29:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Właściciel\Desktop\OTL.exe
[2010-04-06 20:39:45 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B30FF04F-6F15-4E0E-B838-A132487346D8}.job
[2010-04-06 13:46:58 | 000,019,456 | ---- | M] () -- C:\Users\Właściciel\Desktop\PRACA.doc
[2010-04-06 13:26:29 | 000,019,456 | ---- | M] () -- C:\Users\Właściciel\Desktop\socjo materialy.doc
[2010-04-06 13:21:38 | 004,094,124 | ---- | M] () -- C:\Users\Właściciel\Desktop\raport Młodzi i Media.pdf
[2010-03-31 14:43:33 | 000,390,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-03-31 12:34:31 | 000,000,859 | ---- | M] () -- C:\Users\Właściciel\.recently-used.xbel
[2010-03-31 10:32:18 | 000,104,200 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-03-30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-03-30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-03-29 09:16:22 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2010-03-28 20:55:31 | 000,000,706 | ---- | M] () -- C:\Users\Public\Desktop\Star Trek Armada II.lnk
[2010-03-28 20:55:25 | 000,000,827 | ---- | M] () -- C:\Windows\STA2.ini
[2010-03-19 16:44:27 | 000,026,846 | -H-- | M] () -- C:\Users\Właściciel\Documents\cc_20100319_154415.reg
[2010-03-19 12:15:27 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll
[2010-03-19 01:27:00 | 000,015,136 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010-03-19 01:19:46 | 000,000,424 | ---- | M] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010-03-19 01:14:58 | 000,000,042 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-03-18 23:07:57 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-03-18 22:50:12 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010-03-17 15:48:42 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\Europa Universalis III.lnk
[2010-03-16 18:24:48 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-03-12 20:25:59 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\SL.lnk
[2010-03-09 13:24:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010-03-09 13:24:05 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010-03-09 13:12:54 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-03-09 13:12:33 | 000,162,640 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-03-09 13:09:08 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-03-09 13:08:52 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-03-09 13:08:30 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-03-08 01:22:09 | 000,589,312 | ---- | M] () -- C:\Users\Właściciel\Documents\eduroam.doc
[2010-03-01 02:00:44 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-02-24 00:02:31 | 000,409,600 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010-02-24 00:02:31 | 000,114,688 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010-02-14 14:34:50 | 000,043,520 | ---- | M] () -- C:\Users\Właściciel\Desktop\Konspekt socjo.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-07 20:52:29 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-04-06 20:10:07 | 000,035,840 | ---- | C] () -- C:\Users\Właściciel\Desktop\notatki socjo.doc
[2010-04-06 13:39:35 | 000,019,456 | ---- | C] () -- C:\Users\Właściciel\Desktop\PRACA.doc
[2010-04-06 13:31:55 | 004,094,124 | ---- | C] () -- C:\Users\Właściciel\Desktop\raport Młodzi i Media.pdf
[2010-04-06 13:26:27 | 000,019,456 | ---- | C] () -- C:\Users\Właściciel\Desktop\socjo materialy.doc
[2010-03-31 12:34:31 | 000,000,859 | ---- | C] () -- C:\Users\Właściciel\.recently-used.xbel
[2010-03-31 09:52:06 | 000,043,520 | ---- | C] () -- C:\Users\Właściciel\Desktop\Konspekt socjo.doc
[2010-03-28 20:55:31 | 000,000,706 | ---- | C] () -- C:\Users\Public\Desktop\Star Trek Armada II.lnk
[2010-03-28 20:53:06 | 000,000,827 | ---- | C] () -- C:\Windows\STA2.ini
[2010-03-19 16:44:19 | 000,026,846 | -H-- | C] () -- C:\Users\Właściciel\Documents\cc_20100319_154415.reg
[2010-03-19 01:15:08 | 000,000,424 | ---- | C] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2010-03-19 01:14:58 | 000,015,136 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2010-03-19 01:05:35 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2010-03-18 22:38:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010-03-18 22:38:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010-03-18 22:38:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-03-17 15:48:42 | 000,000,703 | ---- | C] () -- C:\Users\Public\Desktop\Europa Universalis III.lnk
[2010-03-12 20:25:59 | 000,000,887 | ---- | C] () -- C:\Users\Public\Desktop\SL.lnk
[2010-03-08 01:22:07 | 000,589,312 | ---- | C] () -- C:\Users\Właściciel\Documents\eduroam.doc
[2009-10-22 23:48:33 | 000,000,277 | ---- | C] () -- C:\Windows\thug2.ini
[2009-10-12 18:47:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-02 18:40:38 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-10-01 15:18:21 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009-10-01 15:18:21 | 000,617,984 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009-10-01 15:18:21 | 000,178,688 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009-10-01 13:10:30 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-10-01 10:12:05 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009-10-01 08:54:24 | 000,067,072 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-30 15:14:51 | 000,524,288 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009-09-30 15:14:51 | 000,524,288 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009-09-30 15:14:51 | 000,262,144 | -H-- | C] () -- C:\Users\Właściciel\ntuser.dat.LOG1
[2009-09-30 15:14:51 | 000,065,536 | -HS- | C] () -- C:\Users\Właściciel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009-09-30 15:14:51 | 000,000,020 | -HS- | C] () -- C:\Users\Właściciel\ntuser.ini
[2009-09-30 15:14:51 | 000,000,000 | -H-- | C] () -- C:\Users\Właściciel\ntuser.dat.LOG2
[2009-09-30 15:14:50 | 001,835,008 | -HS- | C] () -- C:\Users\Właściciel\ntuser.dat
[2009-07-14 03:27:05 | 000,233,128 | ---- | C] () -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys
[2009-07-14 03:19:52 | 000,049,114 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009-07-14 03:19:36 | 000,049,114 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009-07-14 02:40:23 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll
[2008-08-11 04:14:11 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008-05-12 05:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008-04-18 01:45:31 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-07 21:46:44 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-04-06 20:39:45 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B30FF04F-6F15-4E0E-B838-A132487346D8}.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

[log]OTL Extras logfile created on: 2010-04-07 21:55:23 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Users\Właściciel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 173,32 Gb Free Space | 74,42% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 88,27 Gb Free Space | 39,91% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 600,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 453,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 309,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WLASCICIEL-PC
Current User Name: Właściciel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2897344258-2973751225-2177724866-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6905937A-B13F-4FEF-B010-30DF910E09AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D9EC1199-E037-42E9-B0B4-337B4E7992C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F469D95-FDA2-48BE-A860-15BCDF05BB89}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4E32AC59-D852-4C52-85E1-ABF8ADEA140A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5CB58BB8-5443-4394-89C3-CFA1ABE59EF8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D2282B24-2BA1-4D97-A26C-E765E1C12809}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{0802CEC0-2B9B-436F-8387-034CA02B9278}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{8F955D69-3FB1-42A9-A95F-0FD98945E07E}C:\users\właściciel\appdata\local\temp\igqjj.exe" = protocol=6 | dir=in | app=c:\users\właściciel\appdata\local\temp\igqjj.exe |
"TCP Query User{DD048A7B-F5BE-46DC-9782-ACBE9896CAF8}C:\program files\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"TCP Query User{EFC83C51-6188-4B62-84C5-87F47CAE5489}C:\users\właściciel\appdata\local\temp\abhhqq.exe" = protocol=6 | dir=in | app=c:\users\właściciel\appdata\local\temp\abhhqq.exe |
"UDP Query User{30CFCD55-0180-421F-BF37-35E2B578014F}C:\program files\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu\gg.exe |
"UDP Query User{3B8BE8E0-FC80-47DA-BAE7-A73399CC5212}C:\users\właściciel\appdata\local\temp\igqjj.exe" = protocol=17 | dir=in | app=c:\users\właściciel\appdata\local\temp\igqjj.exe |
"UDP Query User{9140D2E0-9B1E-4EBD-AF6B-9E17026F8003}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E5911B19-C695-4790-BF7C-501ED702DF2C}C:\users\właściciel\appdata\local\temp\abhhqq.exe" = protocol=17 | dir=in | app=c:\users\właściciel\appdata\local\temp\abhhqq.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{3856DA80-86D2-4EBF-B33E-9F2C54BC9AC4}" = Bezpieczeństwo rodzinne usługi Windows Live
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A6F1BDF7-53A7-4AF6-84B9-0C51C722BC91}" = Europa Universalis
"{A9FEB6D7-9C52-49FC-B956-7AB275B78890}" = ASUS FancyStart
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.1 - Polish
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C08F4C18-EBC5-47F4-A760-A2DF3C39CA20}" = Windows Live Movie Maker Beta
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"avast5" = avast! Free Antivirus
"Beyond the Red Line 1.0" = Beyond the Red Line
"CCleaner" = CCleaner
"Codec_is1" = Codec 8.3h
"CodeStuff Starter" = CodeStuff Starter
"Elantech" = ETDWare PS/2-x86 7.0.5.2 WHQL
"Gadu-Gadu" = Gadu-Gadu 7.0
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"HotspotShield" = Hotspot Shield 1.34
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}" = Tony Hawk's Underground 2
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"NapiProjekt_is1" = NapiProjekt 1.0.6.7
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SopCast" = SopCast 3.0.3
"Star Trek Armada II" = Star Trek Armada II
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2897344258-2973751225-2177724866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-03-28 16:36:22 | Computer Name = Właściciel-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.180.7, sygnatura czasowa
0x4b2aa6d3, moduł powodujący błąd java.dll, wersja 6.0.180.7, sygnatura czasowa
0x4b2ad748, kod wyjątku 0xc0000005, przesunięcie błędu 0x00004e46, identyfikator
procesu 0x620, godzina rozpoczęcia aplikacji 0x01caceb652bd1bcf.

Error - 2010-03-29 03:16:22 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-30 02:49:15 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-31 02:29:15 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-03-31 06:24:46 | Computer Name = Właściciel-PC | Source = Application Hang | ID = 1002
Description = Program gimp-2.6.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 11e8 Godzina rozpoczęcia: 01cad0bc4e21531c
Godzina
zakończenia: 9

Error - 2010-03-31 06:25:08 | Computer Name = Właściciel-PC | Source = Application Hang | ID = 1002
Description = Program gimp-2.6.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: b80 Godzina rozpoczęcia: 01cad0bc6409150c
Godzina
zakończenia: 5

Error - 2010-03-31 06:27:21 | Computer Name = Właściciel-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gtk-query-immodules-2.0.exe, wersja 0.0.0.0,
sygnatura czasowa 0x4b7671fc, moduł powodujący błąd libgio-2.0-0.dll, wersja 6.0.6002.18005,
sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000135, przesunięcie błędu 0x00009eed,
identyfikator
procesu 0x98c, godzina rozpoczęcia aplikacji 0x01cad0bcbe5eff6c.

Error - 2010-03-31 08:44:41 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-04-01 08:10:55 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

Error - 2010-04-01 14:09:55 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2009-12-14 10:55:54 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:01:04 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:06:14 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:11:24 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:16:34 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:21:44 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:24:31 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:29:41 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:34:51 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2009-12-14 11:40:01 | Computer Name = Właściciel-PC | Source = netbt | ID = 4321
Description = Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o
adresie IP 192.168.2.101. Komputer o adresie IP 192.168.2.100 nie zezwolił na przejęcie
tej nazwy przez ten komputer.


< End of report >
[/log]

Mateusz J.
komentarz
komentarz

W takim razie czysto.
Użyj jeszcze opcji CleanUP w okienku OTL.

Shimmy
komentarz
komentarz

Puszczone. Usunęły się zarówno raporty, jak i sam plik programu OTL - czy tak powinno być?

Mateusz J.
komentarz
komentarz

Dokładnie tak.
Opcja CleanUP służy do czyszczenia pozostałości po OTL i innych narzędziach.

Shimmy
komentarz
komentarz

Rozumiem. Jeszcze raz ogromnie dziękuję i pozdrawiam!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.