x-kom hosting

Problem z ukrytymi plikami

f430
utworzono
utworzono (edytowane)

Nie chcą mi się wyświetlać ukryte pliki,foldery. Gdy wchodzę w narzędzia->opcje folderów->widok zaznaczam "pokaż ukryte pliki i foldery" nic się nie dzieje (w sensie nie pokazują mi się te pliki) a gdy jeszcze raz wchodzę w te opcje zaznaczone jest "nie pokazuj"

Prosiłbym o pomoc :)

[log] OTL logfile created on: 2010-05-22 15:39:06 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,15 Gb Free Space | 11,02% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 1,68 Gb Free Space | 1,30% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-9D972C9BFC7
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-04-26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-04-22 20:32:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-19 10:57:15 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-08 01:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-08-05 08:37:32 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-05 08:37:32 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-05 08:37:31 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-07-13 14:02:50 | 000,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) -- D:\Program Files\Winamp\winamp.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- D:\Program Files\Winamp\winampa.exe
PRC - [2009-06-05 11:48:14 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-05-21 08:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-04-10 11:12:58 | 009,818,728 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-04-10 10:13:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-12-12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:10 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-01-25 17:08:10 | 001,327,104 | ---- | M] (Any-Video-Converter.com) -- D:\Program Files\Any Video Converter\VideoConverter.exe
PRC - [2007-12-23 17:50:00 | 012,834,304 | ---- | M] () -- D:\Program Files\Any Video Converter\mencoder.exe
PRC - [2007-11-16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007-11-15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001-10-29 22:29:59 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-01-08 01:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-25 00:58:01 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice)
DRV - [2009-08-05 08:37:53 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-08-05 08:37:49 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-05 08:37:48 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-14 20:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-06-02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-04-24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ambfilt.sys -- (Ambfilt)
DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-02-23 04:07:34 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys -- (AIDA32Driver)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: support@burn4free-toolbar.com:1.0
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2
FF - prefs.js..extensions.enabledItems: {8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=en_US&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 17:43:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-05 15:40:41 | 000,000,000 | ---D | M]

[2009-08-06 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-05-20 19:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions
[2009-09-02 20:36:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-03 10:22:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-04-29 09:02:57 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010-02-25 12:03:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-03 10:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\firefox@tvunetworks.com
[2010-02-06 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\searchrecs@veoh.com
[2010-03-27 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\toolbar@ask.com
[2010-03-27 19:26:16 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\askcom.xml
[2010-02-09 23:23:38 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\Search.xml
[2010-05-20 19:15:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-09 23:23:36 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}
[2010-04-22 20:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009-06-28 13:19:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
[2010-04-22 20:32:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (gwprimawega) - {a483fff4-4066-100c-fe35-a21f44ce74f8} - C:\WINDOWS\system32\-uM5m-M_.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 212.76.39.205
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-12 20:46:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a3a28e76-8263-11de-a22a-001fd0037c80}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-04 12:46:28 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-05-16 15:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2010-05-14 17:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\JJJ
[2010-05-09 19:40:58 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010-05-09 19:40:58 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010-05-09 19:40:58 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010-05-09 19:40:58 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010-05-09 19:40:56 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010-05-09 19:40:55 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010-05-09 19:40:55 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010-05-09 19:40:54 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010-05-09 19:40:54 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010-05-09 19:40:54 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010-05-09 19:40:53 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010-05-09 19:40:52 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010-05-09 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2010-05-09 12:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help
[2010-05-07 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\gegl-0.0
[2010-05-07 16:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-05-05 15:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-05-05 15:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-05-05 15:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
[2010-05-05 15:35:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-02 18:44:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010-05-02 18:44:36 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010-04-22 20:32:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-04-22 20:32:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Sun
[2010-04-22 20:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-04-22 20:32:24 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 20:32:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 20:32:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 20:32:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 20:32:24 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-04-22 20:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-04-22 20:31:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Sun
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job
[2010-05-22 15:47:01 | 000,802,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2010-05-22 15:34:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-22 15:27:54 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010-05-22 15:11:01 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003UA.job
[2010-05-22 15:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-05-22 13:34:30 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-22 13:00:21 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-22 11:46:08 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-05-22 10:07:36 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-22 09:49:58 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-05-22 09:49:55 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-22 09:49:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-22 09:49:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-22 09:48:39 | 060,246,260 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-05-21 23:53:26 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-05-21 21:28:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-05-21 10:56:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:49:43 | 000,545,830 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 20:11:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003Core.job
[2010-05-20 16:29:42 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 17:15:33 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-19 09:09:16 | 001,439,082 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\fdg.bmp
[2010-05-18 11:53:45 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 23:09:03 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-17 11:15:20 | 000,410,624 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\lol.doc
[2010-05-17 09:12:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-16 21:02:18 | 000,002,150 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-05-16 20:56:59 | 000,000,329 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-16 14:37:47 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-14 15:05:39 | 000,047,488 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-14 09:19:27 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-12 18:07:46 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 23:37:20 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\bash.org.doc
[2010-05-11 18:45:33 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-11 17:47:10 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | M] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 15:11:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 10:33:25 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iTunes.lnk
[2010-05-08 10:37:35 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-05-07 19:28:53 | 000,096,628 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-07 10:19:29 | 061,321,734 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-06 19:14:24 | 057,962,610 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-06 11:48:49 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-06 10:07:58 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\question.doc
[2010-05-05 12:59:36 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-04-29 08:12:01 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Google Chrome.lnk
[2010-04-28 16:37:28 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 21:36:20 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-27 19:45:33 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-24 20:02:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ts.doc
[2010-04-22 20:32:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 20:32:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 20:32:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 20:32:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 20:32:13 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-22 10:07:36 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:48:52 | 000,545,830 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:41 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 15:14:30 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-19 09:09:16 | 001,439,082 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\fdg.bmp
[2010-05-18 11:53:44 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-16 14:37:47 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-12 15:31:32 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 18:19:17 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 12:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 12:04:45 | 000,000,329 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-09 11:52:13 | 000,002,150 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-05-07 19:28:53 | 000,096,628 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-06 11:48:49 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-05 12:59:35 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-05-05 10:11:14 | 061,321,734 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-05 10:00:49 | 057,962,610 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-02 12:34:06 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-04-29 15:24:02 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-04-28 16:08:05 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 19:34:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-27 16:36:10 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-25 10:48:13 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-04-24 20:00:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ts.doc
[2010-04-05 23:11:31 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll
[2010-01-29 20:10:14 | 001,273,856 | ---- | C] () -- C:\WINDOWS\System32\-uM5m-M_.dll
[2010-01-29 12:09:55 | 000,802,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2009-09-14 10:58:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-09-06 18:38:42 | 000,000,472 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2009-08-08 12:45:59 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-07 08:22:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009-08-06 22:44:52 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-06 21:15:56 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009-08-06 19:15:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-05 08:39:59 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-04 13:58:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-24 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla
[2010-05-21 17:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2009-08-05 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
[2009-08-19 18:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-05-22 15:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
[2009-08-05 08:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVGTOOLBAR
[2010-05-18 23:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2010-01-17 11:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Dealio
[2010-04-05 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\devede
[2010-05-10 15:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
[2010-04-03 12:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\ipla
[2009-09-06 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\iScreensaver
[2009-08-17 15:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-17 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\OpenFM
[2009-08-07 20:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2009-08-27 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thinstall
[2010-05-22 15:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-08-04 12:39:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-05-22 09:49:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0123\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0124\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

[log] OTL Extras logfile created on: 2010-05-22 15:39:06 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,15 Gb Free Space | 11,02% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 1,68 Gb Free Space | 1,30% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-9D972C9BFC7
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Joker\Pulpit\Ares.exe" = C:\Documents and Settings\Joker\Pulpit\Ares.exe:*:Enabled:Ares p2p for windows -- File not found
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)
"C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe" = C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe:*:Enabled:Ares p2p for windows -- File not found
"D:\Program Files\Opera\opera.exe" = D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\Program Files\iTunes\iTunes.exe" = D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Program Files\TVUPlayer\TVUPlayer.exe" = D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"D:\Program Files\TmNationsForever\TmForever.exe" = D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found
"D:\Program Files\Valve\hl.exe" = D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe" = C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application -- (Leadtek Research Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe" = D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{11C86A01-3C83-4EE3-ADC1-8DE5C3037772}" = Enigma
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{37180755-CA2B-40AD-9637-89FB0CE7CB36}" = Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1)
"{90120000-0017-0415-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Polish) 2007
"{90120000-0017-0415-0000-0000000FF1CE}_SharePointDesigner_{603EA501-A7E8-4482-93FF-A39A639F46C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_SharePointDesigner_{2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_SharePointDesigner_{94A4609B-0414-4427-81F3-0FD282A2D0D3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{934519A2-4D50-4B83-A459-92D90E9E3188}" = WinFast PVR
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DF14AD82-ED61-4D29-83EF-644B6580D0F6}" = DeVeDe
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{e4cddad5-9701-4d90-a12e-81a0d7b3b6e1}" = Nero 9 Trial
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIDA32_is1" = AIDA32 v3.93
"Any Video Converter_is1" = Any Video Converter 2.5.6
"Ares" = Ares 2.1.1
"AVG8Uninstall" = AVG Free 8.5
"Burn4Free" = Burn4Free CD and DVD
"Burn4Free Toolbar" = Burn4Free Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"Free Ipod Video Converter_is1" = Free Ipod Video Converter V 2.6
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"hp deskjet 920c series" = hp deskjet 920c series (Tylko usuń)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008
"ipla" = ipla 2.1.2
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NAPI-PROJEKT SKIN_is1" = NAPI-PROJEKT - Windows XP by Susel SKIN
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"RealAlt_is1" = Real Alternative 1.9.0
"SharePointDesigner" = Microsoft Office SharePoint Designer 2007
"SopCast" = SopCast 3.2.9
"sXe Injected" = sXe Injected
"SZneI4jHw" = LoudMo Contextual Ad Assistant
"TVUPlayer" = TVUPlayer 2.4.7.2
"Veetle TV" = Veetle TV 0.9.17
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YouTube Downloader App" = YouTube Downloader App 1.03

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-01-25 08:12:05 | Computer Name = DOM-9D972C9BFC7 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x03507e30.

Error - 2010-01-27 09:24:14 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca IPODConverter.exe, wersja 2.6.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-01-27 18:13:57 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca IPODConverter.exe, wersja 2.6.0.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-02-06 14:26:08 | Computer Name = DOM-9D972C9BFC7 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd veohwebplayer.exe, wersja 1.2.0.1193, moduł
powodujący błąd qtcore4.dll, wersja 4.6.0.0, adres błędu 0x000d6815.

Error - 2010-02-16 17:30:05 | Computer Name = DOM-9D972C9BFC7 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd opera.exe, wersja 9.64.10487.0, moduł powodujący
błąd opera.dll, wersja 9.64.10487.0, adres błędu 0x00114c2f.

Error - 2010-02-21 10:07:56 | Computer Name = DOM-9D972C9BFC7 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office XP Professional -- Błąd 1706. Instalator
nie może odnaleźć wymaganych plików. Sprawdź połączenie z siecią lub stację CD-ROM.
Aby uzyskać inne potencjalne rozwiązania tego problemu, zobacz C:\Program Files\Microsoft
Office\Office10\1045\SETUP.HLP.

Error - 2010-02-23 12:24:52 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca OIS.EXE, wersja 12.0.4518.1014, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-02-23 12:27:04 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca OIS.EXE, wersja 12.0.4518.1014, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-02-23 12:28:14 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca OIS.EXE, wersja 12.0.4518.1014, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-02-23 12:28:42 | Computer Name = DOM-9D972C9BFC7 | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca OIS.EXE, wersja 12.0.4518.1014, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

[ System Events ]
Error - 2010-11-03 02:11:59 | Computer Name = DOM-9D972C9BFC7 | Source = W32Time | ID = 39452706
Description = Usługa czas wykryła, że trzeba zmienić czas systemowy o -31535999 s.
Usługa czasu nie zmieni czasu systemowego o więcej niż -54000 s. Sprawdź, czy czas
i strefa czasowa są poprawne i czy źródło czasu time.windows.com (ntp.m|0x1|213.134.187.2:123->207.46.197.32:123)
działa poprawnie.

Error - 2009-11-03 02:16:38 | Computer Name = DOM-9D972C9BFC7 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000243'
podczas przetwarzania pliku 'avgtray.exe.old' w woluminie 'HarddiskVolume1'. W
rezultacie zostało zatrzymane monitorowanie woluminu.

Error - 2009-11-11 16:06:51 | Computer Name = DOM-9D972C9BFC7 | Source = Print | ID = 6161
Description = Nie można wydrukować na drukarce hp deskjet 920c dokumentu Microsoft
Word - Dokument1 będącego własnością user. Typ danych: NT EMF 1.008. Rozmiar pliku
buforu w bajtach: 338580. Liczba wydrukowanych bajtów: 311908. Całkowita liczba
stron w dokumencie: 6. Liczba wydrukowanych stron: 1. Komputer kliencki: \\DOM-9D972C9BFC7.
Kod błędu systemu Win32 zwrócony przez procesor wydruku: 13 (0xd).

Error - 2009-11-19 14:27:42 | Computer Name = DOM-9D972C9BFC7 | Source = Print | ID = 6161
Description = Nie można wydrukować na drukarce hp deskjet 920c dokumentu Program
TV The History Chan... będącego własnością user. Typ danych: NT EMF 1.008. Rozmiar
pliku buforu w bajtach: 1586140. Liczba wydrukowanych bajtów: 1113540. Całkowita
liczba stron w dokumencie: 3. Liczba wydrukowanych stron: 1. Komputer kliencki:
\\DOM-9D972C9BFC7. Kod błędu systemu Win32 zwrócony przez procesor wydruku: 0 (0x0).


Error - 2009-11-19 14:50:15 | Computer Name = DOM-9D972C9BFC7 | Source = Print | ID = 6161
Description = Nie można wydrukować na drukarce hp deskjet 920c dokumentu Program
TV The History Chan... będącego własnością user. Typ danych: NT EMF 1.008. Rozmiar
pliku buforu w bajtach: 1586140. Liczba wydrukowanych bajtów: 1113540. Całkowita
liczba stron w dokumencie: 3. Liczba wydrukowanych stron: 1. Komputer kliencki:
\\DOM-9D972C9BFC7. Kod błędu systemu Win32 zwrócony przez procesor wydruku: 0 (0x0).


Error - 2009-11-19 14:51:41 | Computer Name = DOM-9D972C9BFC7 | Source = Print | ID = 6161
Description = Nie można wydrukować na drukarce hp deskjet 920c dokumentu Program
TV The History Chan... będącego własnością user. Typ danych: NT EMF 1.008. Rozmiar
pliku buforu w bajtach: 1586140. Liczba wydrukowanych bajtów: 1113540. Całkowita
liczba stron w dokumencie: 3. Liczba wydrukowanych stron: 1. Komputer kliencki:
\\DOM-9D972C9BFC7. Kod błędu systemu Win32 zwrócony przez procesor wydruku: 0 (0x0).


Error - 2009-11-19 14:52:16 | Computer Name = DOM-9D972C9BFC7 | Source = Print | ID = 6161
Description = Nie można wydrukować na drukarce hp deskjet 920c dokumentu Program
TV The History Chan... będącego własnością user. Typ danych: NT EMF 1.008. Rozmiar
pliku buforu w bajtach: 1586140. Liczba wydrukowanych bajtów: 1113540. Całkowita
liczba stron w dokumencie: 3. Liczba wydrukowanych stron: 1. Komputer kliencki:
\\DOM-9D972C9BFC7. Kod błędu systemu Win32 zwrócony przez procesor wydruku: 0 (0x0).



< End of report >

[/log]

Tomek01
komentarz
komentarz (edytowane)

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm.
Powinno pomóc.

Do tego odinstaluj Ask toolbar, searchsettings, Dealio Toolbar, Burn4Free Toolbar, Zynga Toolbar



W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"FF - prefs.js..extensions.enabledItems: support@burn4free-toolbar.com:1.0FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=en_US&q="
[2010-04-29 09:02:57 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}[2010-03-27 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\toolbar@ask.com
[2010-03-27 19:26:16 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\askcom.xml
[2009-06-28 13:19:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found

:Files
C:\WINDOWS\System32\drivers\egcvktlt.sys

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Klikasz run fix, computer uruchamia się ponownie.


Załącz log z usuwania oraz nowy log OTL i RSIT.



To jeszcze nie wszystko co chcę usunąć, dlatego czekam na RSIT.

Na virustotal przeskanuj poniższy plik:
C:\WINDOWS\System32\drivers\egcvktlt.sys

Do [url="http://images.malwareremoval.com/jpshortstuff/SystemLook.exe"]System Look[/url] wklej:
[code]:file
C:\WINDOWS\system32\-uM5m-M_.dll

:dir
C:\WINDOWS\system32\-uM5m-M_.dll[/code]
wciśnij look, pokaz co wyskoczy.

f430
komentarz
komentarz (edytowane)

Zrobiłem co napisałeś i pomogło :D Wielkie dzięki ;)

LOG Z USUWANIA: [log] All processes killed
========== PROCESSES ==========
Process Explorer.exe killed successfully!
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com"FF - prefs.js..browser.search.order.1: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com"FF - prefs.js..extensions.enabledItems: support@burn4free-toolbar.com:1.0FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2FF - prefs.js..extensions.enabledItems: 4 removed from browser.search.selectedEngine
Prefs.js: 9 removed from extensions.enabledItems
Prefs.js: 1 removed from extensions.enabledItems
Prefs.js: toolbar@ask.com:3.6.6.117FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=en_US&q=" removed from extensions.enabledItems
Folder C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}[2010-03-27 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\toolbar@ask.com\ not found.
C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\askcom.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\SKIN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
File C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ not found.
File C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
File C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found.
File C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found.
File C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\Flag deleted successfully.
========== FILES ==========
File move failed. C:\WINDOWS\System32\drivers\egcvktlt.sys scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Joker
->FireFox cache emptied: 118228291 bytes
->Flash cache emptied: 478704 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.ZARZĄDZANIE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33673 bytes

User: NetworkService
->Temp folder emptied: 751130 bytes
->Temporary Internet Files folder emptied: 583306 bytes

User: NetworkService.ZARZĄDZANIE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2735924 bytes

User: user
->Temp folder emptied: 2639555829 bytes
->Temporary Internet Files folder emptied: 556929939 bytes
->Java cache emptied: 263819 bytes
->FireFox cache emptied: 86682912 bytes
->Google Chrome cache emptied: 126301847 bytes
->Opera cache emptied: 95430947 bytes
->Flash cache emptied: 167513 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 110041828 bytes
RecycleBin emptied: 124 bytes

Total Files Cleaned = 3 567,00 mb


OTL by OldTimer - Version 3.2.5.0 log created on 05232010_095127

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\System32\drivers\egcvktlt.sys scheduled to be moved on reboot.
File\Folder C:\Documents and Settings\user\Ustawienia lokalne\Temp\Perflib_Perfdata_67c.dat not found!

Registry entries deleted on Reboot...
[/log]

LOG RSIT: [log]Logfile of random's system information tool 1.07 (written by random/random)
Run by user at 2010-05-23 11:07:23
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 5 GB (23%) free of 20 GB
Total RAM: 2046 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:07:28, on 2010-05-23
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
D:\Program Files\Winamp\winampa.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
D:\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: gwprimawega - {a483fff4-4066-100c-fe35-a21f44ce74f8} - C:\WINDOWS\system32\-uM5m-M_.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9486 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a483fff4-4066-100c-fe35-a21f44ce74f8}]
gwprimawega - C:\WINDOWS\system32\-uM5m-M_.dll [2010-01-29 1273856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-08-05 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-03-19 2046816]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-10-29 196608]
"WinampAgent"=D:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2007-11-15 2850816]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2007-11-16 90112]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-05 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Documents and Settings\Joker\Pulpit\Ares.exe"="C:\Documents and Settings\Joker\Pulpit\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe"="C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\TVUPlayer\TVUPlayer.exe"="D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe"="D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-05-23 10:01:35 ----D---- C:\Program Files\trend micro
2010-05-23 10:01:34 ----DC---- C:\rsit
2010-05-23 09:22:27 ----RASHDC---- C:\autorun.inf
2010-05-16 15:09:37 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
2010-05-12 12:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxinsa64.exe
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxcpya64.exe
2010-05-09 19:40:56 ----C---- C:\WINDOWS\system32\pxhpinst.exe
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxsfs.dll
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxafs.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\vxblock.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxwave.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxdrv.dll
2010-05-09 19:40:53 ----C---- C:\WINDOWS\system32\pxmas.dll
2010-05-09 19:40:52 ----C---- C:\WINDOWS\system32\px.dll
2010-05-09 19:40:47 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Winamp
2010-05-09 12:04:45 ----AC---- C:\WINDOWS\wcx_ftp.ini
2010-05-09 11:52:59 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Help
2010-05-09 11:52:13 ----AC---- C:\WINDOWS\WINCMD.INI
2010-05-07 16:22:12 ----D---- C:\Program Files\GIMP-2.0
2010-05-05 15:38:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-05-05 15:36:36 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
2010-05-05 15:35:27 ----RHDC---- C:\MSOCache
2010-05-02 18:44:36 ----AC---- C:\WINDOWS\system32\mpg4c32.dll

======List of files/folders modified in the last 1 months======

2010-05-23 11:05:17 ----DC---- C:\WINDOWS\Temp
2010-05-23 11:00:21 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-05-23 10:01:35 ----RD---- C:\Program Files
2010-05-23 09:56:11 ----AC---- C:\WINDOWS\SchedLgU.Txt
2010-05-23 09:55:25 ----DC---- C:\WINDOWS\system32
2010-05-23 09:55:25 ----DC---- C:\WINDOWS
2010-05-23 09:51:30 ----D---- C:\Program Files\Ask.com
2010-05-23 09:47:52 ----AC---- C:\WINDOWS\system32\Dvbpws.dll
2010-05-23 09:43:20 ----SHDC---- C:\WINDOWS\Installer
2010-05-23 09:43:20 ----SHDC---- C:\Config.Msi
2010-05-23 09:43:05 ----RSDC---- C:\WINDOWS\Fonts
2010-05-23 09:42:21 ----DC---- C:\WINDOWS\WinSxS
2010-05-23 09:22:05 ----DC---- C:\WINDOWS\Prefetch
2010-05-22 20:21:13 ----DC---- C:\Documents and Settings\user\Dane aplikacji\vlc
2010-05-22 20:21:08 ----DC---- C:\Documents and Settings\user\Dane aplikacji\dvdcss
2010-05-22 18:44:50 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
2010-05-21 21:26:02 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\avg8
2010-05-21 21:25:38 ----SHD---- C:\System Volume Information
2010-05-21 21:25:38 ----DC---- C:\WINDOWS\system32\Restore
2010-05-21 19:10:08 ----HDC---- C:\$AVG8.VAULT$
2010-05-20 22:48:40 ----D---- C:\Program Files\Nowe Gadu-Gadu
2010-05-18 23:10:48 ----DC---- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
2010-05-15 18:04:40 ----SDC---- C:\Documents and Settings\user\Dane aplikacji\Microsoft
2010-05-12 18:22:35 ----HDC---- C:\WINDOWS\inf
2010-05-12 18:22:34 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-05-12 12:09:27 ----DC---- C:\WINDOWS\system32\dllcache
2010-05-12 12:09:27 ----D---- C:\Program Files\Outlook Express
2010-05-12 10:10:50 ----HDC---- C:\WINDOWS\$hf_mig$
2010-05-10 15:35:51 ----DC---- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
2010-05-09 19:40:59 ----DC---- C:\WINDOWS\system32\drivers
2010-05-09 11:52:59 ----DC---- C:\totalcmd
2010-05-09 10:58:49 ----DC---- C:\WINDOWS\system32\CatRoot
2010-05-09 10:44:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-09 10:20:25 ----D---- C:\Program Files\Common Files
2010-05-09 10:17:47 ----D---- C:\Program Files\Common Files\Nero
2010-05-09 10:15:09 ----D---- C:\Program Files\Nero
2010-05-05 16:09:10 ----DC---- C:\WINDOWS\Microsoft.NET
2010-05-05 15:41:55 ----RSDC---- C:\WINDOWS\assembly
2010-05-05 15:40:54 ----DC---- C:\WINDOWS\system32\config
2010-05-05 15:40:41 ----D---- C:\Program Files\Microsoft Works
2010-05-05 15:39:58 ----D---- C:\Program Files\Microsoft Office
2010-05-05 15:39:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-30 20:51:06 ----AC---- C:\WINDOWS\system32\MRT.exe
2010-04-30 16:11:35 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-05 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-05 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-08-05 108552]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\WINDOWS\system32\drivers\wfeaglxt.sys [2008-12-25 433792]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ddsxeiservice;ddsxeiservice2; \??\C:\Program Files\sXe Injected\ddsxei.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-05 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-05 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-14 135664]
S2 zrbhcp;Microsoft Universal; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-05 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[/log]

LOG Z OTL: [log] OTL logfile created on: 2010-05-23 11:08:46 - Run 2
OTL by OldTimer - Version 3.2.5.0 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,45 Gb Free Space | 22,77% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 1,38 Gb Free Space | 1,06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-9D972C9BFC7
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-04-26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-04-22 20:32:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-19 10:57:15 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-08-05 08:37:32 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-05 08:37:32 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-05 08:37:31 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-07-13 14:03:10 | 000,292,128 | ---- | M] (Apple Inc.) -- D:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009-07-13 14:02:50 | 000,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- D:\Program Files\Winamp\winampa.exe
PRC - [2009-06-05 11:48:14 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-05-21 08:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-12-12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-11-16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007-11-15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001-10-29 22:29:59 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-25 00:58:01 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice)
DRV - [2009-08-05 08:37:53 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-08-05 08:37:49 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-05 08:37:48 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-14 20:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-06-02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-04-24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ambfilt.sys -- (Ambfilt)
DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-02-23 04:07:34 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys -- (AIDA32Driver)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d""0d0bf8-f5b5-c8b4-a8b2-2b""879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 17:43:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-05 15:40:41 | 000,000,000 | ---D | M]

[2009-08-06 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-05-23 09:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions
[2009-09-02 20:36:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-03 10:22:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-02-25 12:03:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-03 10:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\firefox@tvunetworks.com
[2010-02-06 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\searchrecs@veoh.com
[2010-02-09 23:23:38 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\Search.xml
[2010-05-23 09:46:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-09 23:23:36 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}
[2010-04-22 20:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-22 20:32:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (gwprimawega) - {a483fff4-4066-100c-fe35-a21f44ce74f8} - C:\WINDOWS\system32\-uM5m-M_.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 212.76.39.205
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-12 20:46:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:27 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:28 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-04 12:46:28 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-05-23 10:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-05-23 10:01:34 | 000,000,000 | ---D | C] -- C:\rsit
[2010-05-23 09:22:27 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-05-16 15:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2010-05-14 17:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\JJJ
[2010-05-09 19:40:58 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010-05-09 19:40:58 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010-05-09 19:40:58 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010-05-09 19:40:58 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010-05-09 19:40:56 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010-05-09 19:40:55 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010-05-09 19:40:55 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010-05-09 19:40:54 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010-05-09 19:40:54 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010-05-09 19:40:54 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010-05-09 19:40:53 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010-05-09 19:40:52 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010-05-09 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2010-05-09 12:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help
[2010-05-07 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\gegl-0.0
[2010-05-07 16:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-05-05 15:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-05-05 15:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-05-05 15:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
[2010-05-05 15:35:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-02 18:44:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010-05-02 18:44:36 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job
[2010-05-23 11:12:10 | 000,741,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2010-05-23 11:11:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003UA.job
[2010-05-23 11:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-05-23 11:00:21 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-23 10:34:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-23 09:57:54 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-05-23 09:57:13 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-23 09:57:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-23 09:57:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-23 09:56:09 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-05-23 09:56:09 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-05-23 09:47:52 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010-05-23 09:17:21 | 060,290,511 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-05-22 22:42:59 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-05-22 20:33:18 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-22 20:11:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1326574676-1801674531-1003Core.job
[2010-05-22 10:07:36 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 21:28:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-05-21 10:56:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:49:43 | 000,545,830 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:42 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 17:15:33 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:45 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 23:09:03 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-17 11:15:20 | 000,410,624 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\lol.doc
[2010-05-17 09:12:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-16 21:02:18 | 000,002,150 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-05-16 20:56:59 | 000,000,329 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-16 14:37:47 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-14 15:05:39 | 000,047,488 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-14 09:19:27 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-12 18:07:46 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 23:37:20 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\bash.org.doc
[2010-05-11 18:45:33 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-11 17:47:10 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | M] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 15:11:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 10:33:25 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iTunes.lnk
[2010-05-07 19:28:53 | 000,096,628 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-07 10:19:29 | 061,321,734 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-06 19:14:24 | 057,962,610 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-06 11:48:49 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-06 10:07:58 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\question.doc
[2010-05-05 12:59:36 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-04-29 08:12:01 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Google Chrome.lnk
[2010-04-28 16:37:28 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 21:36:20 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-27 19:45:33 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-24 20:02:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ts.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-22 10:07:36 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:48:52 | 000,545,830 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:41 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 15:14:30 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:44 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-16 14:37:47 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-12 15:31:32 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 18:19:17 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 12:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 12:04:45 | 000,000,329 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-09 11:52:13 | 000,002,150 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-05-07 19:28:53 | 000,096,628 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-06 11:48:49 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-05 12:59:35 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-05-05 10:11:14 | 061,321,734 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-05 10:00:49 | 057,962,610 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-02 12:34:06 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-04-29 15:24:02 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-04-28 16:08:05 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 19:34:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-27 16:36:10 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-25 10:48:13 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-04-24 20:00:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ts.doc
[2010-04-05 23:11:31 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll
[2010-01-29 20:10:14 | 001,273,856 | ---- | C] () -- C:\WINDOWS\System32\-uM5m-M_.dll
[2010-01-29 12:09:55 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2009-09-14 10:58:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-09-06 18:38:42 | 000,000,472 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2009-08-08 12:45:59 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-07 08:22:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009-08-06 22:44:52 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-06 21:15:56 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009-08-06 19:15:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-05 08:39:59 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-04 13:58:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-24 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla
[2010-05-21 17:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2009-08-05 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
[2009-08-19 18:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-05-22 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
[2009-08-05 08:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVGTOOLBAR
[2010-05-18 23:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2010-04-05 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\devede
[2010-05-10 15:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
[2010-04-03 12:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\ipla
[2009-09-06 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\iScreensaver
[2009-08-17 15:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-17 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\OpenFM
[2009-08-07 20:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2009-08-27 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thinstall
[2010-05-23 11:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-08-04 12:39:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-05-23 09:57:03 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0123\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0124\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

Z SYSTEMLOOK: [log] SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 11:15 on 23/05/2010 by user (Administrator - Elevation successful)

========== file ==========

C:\WINDOWS\system32\-uM5m-M_.dll - File found and opened.
MD5: 9C8C0BBDEBD3276ADBEBFA5FB8130E8D
Created at 18:10 on 29/01/2010
Modified at 18:10 on 29/01/2010
Size: 1273856 bytes
Attributes: --a--c
No version information available.

========== dir ==========

C:\WINDOWS\system32\-uM5m-M_.dll - Unable to find folder.

-=End Of File=- [/log]

Tomek01
komentarz
komentarz (edytowane)

Odinstaluj jeszcze Chrome i Sopcast oraz AVG toolbar.

Wklej do OTL:
[code]
:Processes
Explorer.exe

:OTL
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Ask.com"FF - prefs.js..browser.search.order.1: "Ask.com"

:Files
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\system32\-uM5m-M_.dll
C:\Program Files\SopCast
C:\Program Files\Veoh Networks
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome
C:\Documents and Settings\user\Dane aplikacji\AVGTOOLBAR

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Klikasz run fix, computer uruchamia się ponownie.



Do notatnika systemowego wklej taki tekst, (bez frazy kod):
[code]Windows Registry Editor Version 5.00

[ -HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a483fff4-4066-100c-fe35-a21f44ce74f8}]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list]
"C:\Program Files\SopCast\adv\SopAdver.exe"=-
"C:\Program Files\SopCast\adv\SopAdver.exe=-
"C:\Program Files\SopCast\SopCast.exe"=-
"C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe"=-
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"=-[/code]

Plik zapisz jako/zmień rozszerzenie na wszystkie pliki/zapisz jako fix.reg/dwuklikiem dodajesz do rejestru.


Do system look wklej:
[code]:file
C:\WINDOWS\System32\drivers\egcvktlt.sys

:filefind
Ask*

:regfind
Ask
[/code]
Look..., pokaż co wyskoczy.

Załączas logi OTL z usuwania oraz nowy log z opcji run scan. Log RSIT i raport z system look.

  • Dobra wypowiedź 1
f430
komentarz
komentarz

LOG OTL Z USUWANIA: [log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Prefs.js: "" removed from browser.search.defaultengine
Prefs.js: "Ask.com"FF - prefs.js..browser.search.order.1: "Ask.com" removed from browser.search.defaultenginename
========== FILES ==========
File\Folder C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\system32\-uM5m-M_.dll moved successfully.
File\Folder C:\Program Files\SopCast not found.
C:\Program Files\Veoh Networks\VeohWebPlayer\skins\black\library folder moved successfully.
C:\Program Files\Veoh Networks\VeohWebPlayer\skins\black\forms folder moved successfully.
C:\Program Files\Veoh Networks\VeohWebPlayer\skins\black folder moved successfully.
C:\Program Files\Veoh Networks\VeohWebPlayer\skins folder moved successfully.
C:\Program Files\Veoh Networks\VeohWebPlayer folder moved successfully.
C:\Program Files\Veoh Networks folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.onet.pl\http_80\icons#desktop folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.onet.pl\http_80 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Plugin Data\Google Gears\www.onet.pl folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Plugin Data\Google Gears folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Plugin Data folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Media Cache folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Local Storage folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\http_www.filmweb.pl_0 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\http_woody.allen.filmweb.pl_0 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\http_anthony.hopkins.filmweb.pl_0 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\http_andrzej.wajda.filmweb.pl_0 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases\http_al.pacino.filmweb.pl_0 folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\databases folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cached Theme Images folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data folder moved successfully.
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome folder moved successfully.
File\Folder C:\Documents and Settings\user\Dane aplikacji\AVGTOOLBAR not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Joker
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.ZARZĄDZANIE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.ZARZĄDZANIE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: user
->Temp folder emptied: 1751492 bytes
->Temporary Internet Files folder emptied: 1182458 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42542198 bytes
->Opera cache emptied: 3816115 bytes
->Flash cache emptied: 1870 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 669035 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 48,00 mb


OTL by OldTimer - Version 3.2.5.0 log created on 05232010_184301

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

SYSTEMLOOK: [log]SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 19:42 on 23/05/2010 by user (Administrator - Elevation successful)

========== file ==========

C:\WINDOWS\System32\drivers\egcvktlt.sys - Unable to find/read file.

========== filefind ==========

Searching for "Ask*"
No files found.

========== regfind ==========

Searching for "Ask"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\AVGeneral\cToolbars\cTasks]
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\TaskButtons]
[HKEY_CURRENT_USER\Software\Microsoft\Feeds]
"SyncTask"="User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Tasks]
[HKEY_CURRENT_USER\Software\Microsoft\MM20\Task Pane Settings]
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\SharePoint Designer\Task pane]
[HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Task]
[HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request]
[HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\TaskbarAnimations]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"AskTB5.6"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]
[HKEY_CURRENT_USER\Software\Classes\Applications\avgtray.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_CURRENT_USER\Software\Classes\Applications\avgui.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_LOCAL_MACHINE\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX]
"QTTask"="C:\Program Files\QuickTime\QTTask.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
@="GenericAskToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSched.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSched.1]
@="ASUTaskScheduler Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSchedul]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSchedul]
@="ASUTaskScheduler Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppleSoftwareUpdateAdmin.ASUTaskSchedul\CurVer]
@="AppleSoftwareUpdateAdmin.ASUTaskSched.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05BDC38E-5493-487a-A7FF-8CF2246ABC13}]
@="IE Background Task Scheduler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD520-A2AB-11CE-B11F-00AA00530503}]
@="Scheduling Agent Task Object Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD520-A2AB-11CE-B11F-00AA00530503}\DefaultIcon]
@="C:\WINDOWS\system32\mstask.dll,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD520-A2AB-11CE-B11F-00AA00530503}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD520-A2AB-11CE-B11F-00AA00530503}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\DefaultIcon]
@="C:\WINDOWS\system32\mstask.dll,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C1EDB47-CE22-4bbb-B608-77B48F83C823}]
@="IE Fade Task"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2183DACA-D0BF-4a31-97F7-B87618A81955}]
@="IE Shared Task Scheduler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A04D93B-1EDD-4f3f-A375-A03EC19572C4}]
@="MaskFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A04D93B-1EDD-4f3f-A375-A03EC19572C4}\ProgID]
@="DXImageTransform.Microsoft.MaskFilter.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A04D93B-1EDD-4f3f-A375-A03EC19572C4}\VersionIndependentProgID]
@="DXImageTransform.Microsoft.MaskFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D112E22-62B2-11D1-9FEF-00600832DB4A}]
@="MMCTask class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D112E22-62B2-11D1-9FEF-00600832DB4A}\ProgID]
@="MMCTask.MMCTask.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D112E22-62B2-11D1-9FEF-00600832DB4A}\VersionIndependentProgID]
@="MMCTask.MMCTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44F9A03B-A3EC-4F3B-9364-08E0007F21DF}]
@="TaskSymbol Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44F9A03B-A3EC-4F3B-9364-08E0007F21DF}\ProgID]
@="Control.TaskSymbol.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44F9A03B-A3EC-4F3B-9364-08E0007F21DF}\VersionIndependentProgID]
@="Control.TaskSymbol"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AF4A5FC-912A-11D1-B945-00A0C90312E1}]
@="Zbiór właściwości paska dokowania Microsoft"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C6F940C-3CFE-11D2-9EE7-00C04F797396}]
@="SpTaskManager Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4CB26C03-FF93-11d0-817E-0000F87557DB}]
@="DXTaskManager"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53510d24-57eb-4713-9afb-e6e60530b87e}]
@="IE RSS Feeds Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55b70dec-4b3b-4e26-ae9c-9e8d131843a1}]
@="Microsoft Feeds Background Task Scheduling"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}]
@="Task Bar Communication"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{679E132F-561B-42F8-846C-A70DBDC62999}]
@="WMT Screen Capture Filter Task Page"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC901}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC902}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC903}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC904}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC905}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC906}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC907}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC908}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC909}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90A}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90B}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90C}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90D}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90E}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC90F}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC910}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC911}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC912}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC913}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC914}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC915}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC916}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC917}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC918}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC919}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91A}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91B}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91C}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91D}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91E}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC91F}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC920}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC921}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC922}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC923}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC924}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC925}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC926}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC927}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC928}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC929}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92A}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92B}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92C}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92D}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92E}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC92F}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC930}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC931}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC932}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC933}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC934}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC935}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC936}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC937}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC938}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC939}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC93A}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC93B}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC93D}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC93E}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC93F}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC940}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC941}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FDDC324-4E03-4BFE-B185-3D77768DC942}\ChannelMasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7086AD76-44BD-11D0-81ED-00A0C90FC491}]
@="DiskManagement.UITasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7086AD76-44BD-11D0-81ED-00A0C90FC491}\ProgID]
@="DiskManagement.UITasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AE844F0-ECA8-3F15-AE27-AFA21A2AA6F8}]
@="System.Security.Cryptography.PKCS1MaskGenerationMethod"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AE844F0-ECA8-3F15-AE27-AFA21A2AA6F8}\ProgId]
@="System.Security.Cryptography.PKCS1MaskGenerationMethod"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5064426-D541-11D4-9523-00B0D022CA64}]
@="Obiekt paska narzędzi kont użytkowników"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAC2B978-266D-48ae-AA28-60A3EBB872D0}]
@="IE RSS FeedFolder Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}]
@="ASUTaskScheduler Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}]
@="ASUTaskScheduler Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}]
@="ASUTaskScheduler Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}\ProgID]
@="AppleSoftwareUpdateAdmin.ASUTaskSched.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB46F03E-7CD2-489F-8F95-BB950F395FDB}\VersionIndependentProgID]
@="AppleSoftwareUpdateAdmin.ASUTaskSchedul"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\DefaultIcon]
@="C:\WINDOWS\system32\mstask.dll,-100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}\InProcServer32]
@="C:\WINDOWS\system32\mstask.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECD4FC4E-521C-11D0-B792-00A0C90312E1}]
@="Menu witryny paska powłoki"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Component Categories\{00021492-0000-0000-C000-000000000046}]
"400"="Paski pulpitu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Control.TaskSymbol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Control.TaskSymbol]
@="TaskSymbol Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Control.TaskSymbol\CurVer]
@="Control.TaskSymbol.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Control.TaskSymbol.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Control.TaskSymbol.1]
@="TaskSymbol Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DiskManagement.UITasks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DiskManagement.UITasks]
@="DiskManagement.UITasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DXImageTransform.Microsoft.MaskFilter]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DXImageTransform.Microsoft.MaskFilter]
@="MaskFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DXImageTransform.Microsoft.MaskFilter\CurVer]
@="DXImageTransform.Microsoft.MaskFilter.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DXImageTransform.Microsoft.MaskFilter.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DXImageTransform.Microsoft.MaskFilter.1]
@="MaskFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\CurVer]
@="GenericAskToolbar.ToolbarWnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1]
@="Ask Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationBuildTasks.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationBuildTasks.dll]
"PresentationBuildTasks,fileVersion="3.0.6920.1427",culture="neutral",version="3.0.0.0",publicKeyToken="31bf3856ad364e35",processorArchitecture="MSIL""="i`TI]]zu$6IFqxoJt$?iWPF30_OTHERM_x86_enu_ddf>F$*S'M1!G97_&te8}E~^"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v3.5|Microsoft.Build.Tasks.v3.5.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v3.5|Microsoft.Build.Tasks.v3.5.dll]
"Microsoft.Build.Tasks.v3.5,version="3.5.0.0",publicKeyToken="b03f5f7f11d50a3a",processorArchitecture="MSIL",fileVersion="3.5.30729.1",culture="neutral""="dlP=kN'k[5nu[y@0gyqnNetFX_Core_x86_enu_DDF>}rm)mr_GNAAgtY1~Pz_U"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v3.5|Microsoft.Data.Entity.Build.Tasks.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v3.5|Microsoft.Data.Entity.Build.Tasks.dll]
"Microsoft.Data.Entity.Build.Tasks,version="3.5.0.0",publicKeyToken="b03f5f7f11d50a3a",processorArchitecture="MSIL",fileVersion="3.5.30729.1",culture="neutral""="dlP=kN'k[5nu[y@0gyqnNetFX_Core_x86_enu_DDF>-If3-w$@&@p6L&2LsJi$"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00020982-0000-0000-C000-000000000046}]
@="Task"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00020983-0000-0000-C000-000000000046}]
@="Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00063035-0000-0000-C000-000000000046}]
@="_TaskItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00063036-0000-0000-C000-000000000046}]
@="_TaskRequestItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00063037-0000-0000-C000-000000000046}]
@="_TaskRequestUpdateItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00063038-0000-0000-C000-000000000046}]
@="_TaskRequestAcceptItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00063039-0000-0000-C000-000000000046}]
@="_TaskRequestDeclineItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C033B-0000-0000-C000-000000000046}]
@="_CustomTaskPane"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C033C-0000-0000-C000-000000000046}]
@="_CustomTaskPaneEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C033E-0000-0000-C000-000000000046}]
@="ICustomTaskPaneConsumer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C0379-0000-0000-C000-000000000046}]
@="SharedWorkspaceTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000C037A-0000-0000-C000-000000000046}]
@="SharedWorkspaceTasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000CD900-0000-0000-C000-000000000046}]
@="WorkflowTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{000CD901-0000-0000-C000-000000000046}]
@="WorkflowTasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1125C422-49BD-11D2-8823-00C04FB6C6FF}]
@="_TaskListEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1125C423-49BD-11D2-8823-00C04FB6C6FF}]
@="_dispTaskListEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{22B0C1A9-E74E-381A-BABB-66BEF71FF08E}]
@="_MaskedTextBox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3D112E21-62B2-11D1-9FEF-00600832DB4A}]
@="IMMCTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3EC97A1E-9F42-4251-923F-04C139A4BAAA}]
@="IWMStoreTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{425BFF0D-59E4-36A8-B1FF-1F5D39D698F4}]
@="_PKCS1MaskGenerationMethod"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4B51103D-513C-4773-B56A-354D0928FD04}]
@="TaskItems"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4BC18A5B-DBB6-4AF5-A443-2E3F19365304}]
@="_EnvironmentTaskList"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E4F0569-E16A-4DA1-92DE-10882A4DDD8C}]
@="TaskList"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56FDF342-FD6D-11D0-958A-006097C9A090}]
@="ITaskbarList"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{58E4D419-6B8C-4C63-92DE-70161CD95890}]
@="TaskItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{602D4995-B13A-429B-A66E-1935E44F4317}]
@="ITaskbarList2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6BC8C372-C6F0-4BE6-B255-827AC190BF71}]
@="_TaskListEventsRoot"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
@="IAskMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7F7E1C5D-4D91-48C9-B09E-3E45D502FFA0}]
@="IASUTaskScheduler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{85601FEE-A79D-3710-AF21-099089EDC0BF}]
@="_MaskGenerationMethod"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{891EADB1-1C45-48B0-B704-49A888DA98C4}]
@="ITaskCntrCtrl"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8A64A872-FC6B-4D4A-926E-3A3689562C1C}]
@="CustomTaskPaneEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
@="IAskButton"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9DF68E2D-7484-4851-9B87-F6DDA1B8B446}]
@="IFeedTasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A1067146-B063-47D7-A54A-2C2309E9889D}]
@="IDXTMask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
@="IAskToolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B338CCAB-4C85-4388-8C0A-C58592BAD398}]
@="IAzTasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B820F931-645A-473F-8246-922CF069E1FE}]
@="TaskItems2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9F1A4E2-0D0A-43B7-8495-139E7ACBD840}]
@="TaskPane"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC0B572C-0599-4CCF-BF8D-E21DA624E5F7}]
@="TaskSymbolEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CB94E592-2E0E-4A6C-A336-B89A6DC1E388}]
@="IAzTask"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E6AAEC05-E543-4085-BA92-9BF7D2474F5C}]
@="TaskPanes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MMCTask.MMCTask]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MMCTask.MMCTask]
@="MMCTask class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MMCTask.MMCTask\CurVer]
@="MMCTask.MMCTask.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MMCTask.MMCTask.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MMCTask.MMCTask.1]
@="MMCTask class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\System.Security.Cryptography.PKCS1MaskGenerationMethod]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\System.Security.Cryptography.PKCS1MaskGenerationMethod]
@="System.Security.Cryptography.PKCS1MaskGenerationMethod"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0]
@="GenericAskToolbar 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\0\win32]
@="C:\Program Files\Ask.com\GenericAskToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\HELPDIR]
@="C:\Program Files\Ask.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\UserAccounts.Toolbar]
@="Obiekt paska narzędzi kont użytkowników"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\UserAccounts.Toolbar.1]
@="Obiekt paska narzędzi kont użytkowników"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WMP.BurnCD\Shell\Burn\Command]
@=""C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:PortableDevice /Device:"%L""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Microsoft.Build.Tasks, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Microsoft.Build.Tasks.v3.5, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\PresentationBuildTasks, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\19693f50\218e12b8\42]
"DisplayName"="Microsoft.Build.Tasks,2.0.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\5094d6df\62be6f99\49]
"DisplayName"="Microsoft.Build.Tasks.v3.5,3.5.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\IL\7836ed93\33c60297\4]
"DisplayName"="PresentationBuildTasks,3.0.0.0,,31bf3856ad364e35"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\110e8ba\7836ed93\6]
"DisplayName"="PresentationBuildTasks,3.0.0.0,,31bf3856ad364e35"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\110e8ba\7836ed93\6]
"DisplayName"="PresentationBuildTasks,3.0.0.0,,31bf3856ad364e35"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1734f8c5\5094d6df\32]
"DisplayName"="Microsoft.Build.Tasks.v3.5,3.5.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\1734f8c5\5094d6df\32]
"DisplayName"="Microsoft.Build.Tasks.v3.5,3.5.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\58052d2f\19693f50\33]
"DisplayName"="Microsoft.Build.Tasks,2.0.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\58052d2f\19693f50\33]
"DisplayName"="Microsoft.Build.Tasks,2.0.0.0,,b03f5f7f11d50a3a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\References\Microsoft.Build.Tasks, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Objects\taskcenter]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\NodeTypes\{476e6449-aaff-11d0-b944-00c04fd8d5b0}\Extensions\Task]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\10.0\Access\Wizards\Property Wizards\InputMask]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\10.0\Access\Wizards\Property Wizards\InputMask\MSInputMaskBuilder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\MSE\AutomationProperties\Environment\TaskList]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\MSE\CLSID\{BC5955D5-AA0D-11d0-A8C5-00A0C921A4D2}]
@="VsTaskList Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\MSE\CLSID\{BC5955D5-AA0D-11d0-A8C5-00A0C921A4D2}]
@="VsTaskList Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent]
"TasksFolder"="%SystemRoot%\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent]
"TasksFolder"="%SystemRoot%\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent]
"TasksFolder"="%SystemRoot%\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{0DF44EAA-FF21-4412-828E-260A8728E7F1}]
@="Taskbar and Start Menu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\TaskbarAnimations]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0924839E23492D1109A00008F5B92110]
"5140110900063D11C8EF00054038389C"="C:\Program Files\Microsoft Office\Office10\Convert\1045\OLTASKR.FAE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16380BF1A533BCA4ABC5FAB293818750]
"26DDC2EC4210AC63483DF9D4FCC5B59D"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2674313CAFC45F94D8E6FF61D883287B]
"68AB67CA7DA73301B7447A0000000000"="D:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\Howto\images\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31C8B278176E92746A17AC1E82F60F99]
"B6ED15411EBA26F4EBA93B361A57882A"="C:\Program Files\QuickTime\QTTask.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4992EA7B91EAB0A42811156F42A93BAC]
"FADB733CE4BC2E74EBA1BC13BBD70D3E"="C:\Program Files\Common Files\Apple\Mobile Device Support\etc\zoneinfo\Canada\Saskatchewan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\59AC50E0EA56972479F4E6DB18CEDF7A]
"0DC1503A46F231838AD88BCDDC8E8F7C"="C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A8BEF2378211B64B81D35E715652487]
"DC3BF90CC0D3D2F398A9A6D1762F70F3"="C?\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Common.Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5AB3BC65A3E190445AD9312AD3DBD641]
"26DDC2EC4210AC63483DF9D4FCC5B59D"="C?\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft.Common.Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64013D3D599803F4CB1464A20C4560E8]
"26DDC2EC4210AC63483DF9D4FCC5B59D"="C?\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F4ADF10B9FC68846A615783D44517D4]
"0DC1503A46F231838AD88BCDDC8E8F7C"="<\PresentationBuildTasks,fileVersion="3.0.6920.1427",culture="neutral",version="3.0.0.0",publicKeyToken="31bf3856ad364e35",processorArchitecture="MSIL""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83311B3D8EB74E84AAEB533DB40A12C9]
"68AB67CA7DA73301B7447A0000000000"="D:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\OLS\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90EE92CC2CB71D119A12000A9CE1A22A]
"5140110900063D11C8EF00054038389C"="C:\Program Files\Microsoft Office\Office10\Convert\OLTASK.FAE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9543B8FC29CA2D11BA9D000CF43A1463]
"5140110900063D11C8EF00054038389C"="C:\Program Files\Microsoft Office\Office10\forms\1045\TASKS.ICO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9AA66C1130D2D11FB750008F5B9AE8B]
"5140110900063D11C8EF00054038389C"="C:\Program Files\Microsoft Office\Templates\1045\Frequently Asked Questions.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFE3B1357657D8A46888E3A5FE6BCD22]
"DC3BF90CC0D3D2F398A9A6D1762F70F3"="C?\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C876D2CDC4CDA734E8BCFC7CEC087F18]
"68AB67CA7DA73301B7447A0000000000"="D:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\Howto\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B544FB848C8EA4DA76CCD7C4872669]
"68AB67CA7DA73301B7447A0000000000"="D:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\OLS\Locale\ENU\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5F4222A72A396E4FBB3CA84587002CC]
"26DDC2EC4210AC63483DF9D4FCC5B59D"="<\Microsoft.Build.Tasks.v3.5,version="3.5.0.0",publicKeyToken="b03f5f7f11d50a3a",processorArchitecture="MSIL",fileVersion="3.5.30729.1",culture="neutral""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAC85594012964947ABCEF7AF32BDA46]
"FADB733CE4BC2E74EBA1BC13BBD70D3E"="C:\Program Files\Common Files\Apple\Mobile Device Support\etc\zoneinfo\US\Alaska"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EB2DFA73DED31A9459DC654722117F72]
"FADB733CE4BC2E74EBA1BC13BBD70D3E"="C:\Program Files\Common Files\Apple\Mobile Device Support\etc\zoneinfo\Canada\East-Saskatchewan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F60964806F085B14BA42F379E85D17EE]
"68AB67CA7DA73301B7447A0000000000"="D:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks\Templates\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5CABBB1E75825514286A4594C28E6802\Features]
"Opera"="u5aOx2%!`Af}Zts33ZS'5J.`hhERM@b%.1v`2Gq.=g?aS@o}EA`ElMeBvpcSqu)R`exS0=JEQ^M(Fxy3{WQGC8!]t9a9Eguc0ZYsxy(*7bMMWA9@QPJKYMWk?Te2yd%SR@pxe?T14~hWnDN}CgW@w9Qaf%De5vL0jfZWgpgoi?+qLnn5wCDa?Y1n6+IFSAhH`7t*`9RtVt~CHDtIm?h_BUR[rK$yzesRqWi]k='xOgoI=m4Jg]^7ObqH_@]]C-gbXSt*U$!BLmDo6=.MPDhB346NJv+7(yn~?A,4yh4hk=M2Cse3fbU]89,CZ5*!ib`[Xyu?qUHXa9vk3dT)nHEQR_PXV9VcP@KEOKCCR.YAO[Uv`LqDA=ZUJfoBwM7r'vn~mHmKKAC`}^dTd-l-vZ!KM-9gN?Ap~'PC.Qu(Ew*Sa4qGA=P+bMdz-S+y~kv^rfB5I@ox]52iYT=o)*l^WXoJSAg'nadYP^}P^k8N2DDxk?C,gd&^Vu_Y(0?NM[@KV=JBZnY?Nk1W(pHbUZV,r9zfg){JyS[,TcNG$kx2`A)cG%+lxY_EMbEY0pRWi9&%PEyL]LM9y.=m4kG@S=K%eJ?mG2.V]!6deOJ[e9@7'H2~k}&-.t8k1i$v]ARG{?x}Sw~%D`',u{}=S@VC~d[7j8]-8kv+&ohJW?9PH+CM=2xHVia-z[~gdA=NUQ?y,Y2'EBn]ieW4H?)5K=neH)]84gFWL,XY]8fZFcl6%U@+JW}FnEnIJ9Cfl[iMLHw9t?sx@CIwe?([Dcx[oK1D3mE%ghc@&@a(&tCtKRUWB5l9*-B-`=!L^U[ON*$,uoV9WGR!5?Bsed`O.)~]b`*$,I1a5?H7!gteA4SH0nC&xNaE`=x}Vh&wlJIM?+eyXq}yf?*MNY@n_,6=&Op[Hj~u$@alNfs6jr`H!HA_Qw6mE?%AmzXR`9fl.T!G07D+^A1B6nE,synwN{Gch)xZo?yLvP&Z8uu5`LXB'47OX8^lEC^xF4-VSFI=f+8]W@~f5hYX&98F,]IY,pXbn=xC}rXt8b?^FRx.B1Y[H?b[KA^V+i,2Q=*=1t(@[@`N~BE^*}LXDc^IPcuPX=G7ChYoBVl!5ey7WuI=j?m6SySo_W%km2he(O!Mw9j{3'R!C{zDw^=ySh_p!@8JS*A8JqOp5+]q=Hp=t?I`&GIfCUN3^iG]XRgR^@`+y]IpcXbt3a[ViGGUE9QecObCqfdIInNfW1fk[9LAyXjMe}q@Jk62OuM3[=,C%=5*`N+5sFBUb{p*CAZQm97hvK@RO=7^Wj~o9Ak)J`Y25w5lf&C_wyK5dAC=yxAP~c(i(@?o1R7%)@j@+)U~]We`ar+ObI+G19H.p47]jC!Bp5OKW`EI(=kywax12nq68F=Sf}-DeA0&yvJuI3[I_$Q}Xk@qo@6iWvZ]64n6Bl~zF^d7,=bX=ufg^@YhQI}Ol=LV3ALPLYVzdL,-5cy!b%cV)AR*F]%5_^oAhJN]n^K-b8P03LIJElKhy?$'NE@[2AaCz'.EB{04eM,1{6PmCAqfH[8D?r`F&yypcXIc*A`U!AKai-tegm{WG_w76?!uu-,gIB3Nia]FshApc?*J)UQ8^=NKCVJgCDAcj=p!)E[,=r+iXlqL)@Ykd={6h-RT7]VGk^]EZf[%0?o&nV%5@0vcOSxSwgk9&@skfJAEu_T1ji=]&K*&~@(z5OIOs.w&UgIiZIn=l?(j`laG&)t6R5T`@}]PPA&PZu8&wbE)5U3]aiZwv9F}]4+AQ)mFDWNcQ@2(79Cf3}`Al]9m2vxZ]iqv598loOZq(20z924PDb46(@P&!8-`'f_-Abk0g_y@m9'r9=39jZHK*[haNIY'-9tm~IZcK7_k@xY4E~XF&@Tl(OETPNZXz)ofI([LZ?CuuD9X^%pd'ON)(?J[e96q9}v1_j6sp(.b@T){_=nhw3cQyh0CE'61%,m%HAmU7NUL2mZ!^iSihZ1y799(rU1?2Cprg?rTvrDAi@4)P*[.wMGku+S24rKF]=a'&LHfi'Ro[9h,o~3Lq8Q1%1Pzd(Kr3CeBsNiB_8t`D8lJD{!*&(G@b+&WS9hCxLbzim=8C0CPbt=j(@TaTAVpB[Wr(Ru[oi({.AxJi0h(!N_eUoEJcKeCw8GltPrs$f*^rt51q!)~w9a0Vz&IN]FVaskMnU[zG=wFI&0Y.pQdkUhy@1ba'?oIN}s8b0Ct]bSM?ehBH?@`4G&eewg^6@t_s0WOHAgCLCTIZ]Q&}VydNQ8X`A8~=)=Rjzaho+%@R6=_$9]Hl@M_S-kZJs4*Vmozv@G]$]'%kwHnrn*QwYPjX8FnylnZbMay4]Ihneg`d?@!gb]v`(XSJn)7x30N^=Rc7zESnB$Z-lxAsP!p$=JT9L?rK}_O)?@uBCf%w?}_KkrYvdsM8zAZK'ma,@]q43H?1bwPlS]ScP}z3=}Ze[R^P1p$gwM8vj[U{@zEqaY}pW3fGv4fasOz~8%XmU's)P7,7NyCP.J.d=!5z`R,ZgV50L&=8ZrkV?oSt0X9C$bxjy2'5Hjvs=iu45I~zWX*?Az)nMK]O9(.VL(.XKgDkk%^CG!1c?OQ{(LnVLfk*R^'5Dldi?bWAhVi%V^B91i+7$X5BA*^i9NonRISjHl8rTMj39`)8,^smM9^lj2eZH=Z!@IWO`[J^r.[M8oicvY~u9Q_%}y(tgZN(x0e=La+s8``DrTLL~=@P@WnPcooNAsD5C,V%(TK%Ip(1,=Lz?ShE[d_-vFSfC0'nzNK]=N8?Mu9tL9Hv~jE=rR(bA(~n}b9bgs$v+n.ZlD_.?.!uK7),shDaWNqDscYk=HoIV_~Xd!D{5$OXc+=a9ts%N`Nmd=4&2(J3U{tKA8JMIhQ2TOz4pId`H6+x@KxOy68b`=l{u)QFGx5^8T}kg$]t=Gan0%iJNJfX9]'?=ahXYj[2?(=4~Y*o9_J5UMZ4v[MszSjSCaLo@XC=ZNkX6LkPi.y1)TN.?8p,YMBCxj[Lox0JC^$L?NwX1IQ_Au%Wcx*7tkxs=G3W4s=!RBv&+$X]lgb&?^.R+zdGF21h^)c@z,~t8a[8{XH=gqyQ[qTae~-F?DmO(+mrjoDABhCmCfxG?6d7khlot*Q2({(*xV2(@F=gyN8V}5'G`qn?(TIv9EqKc,!r-tP-n+?1,k&2=Y~ZIOfQXaH-e(}%d`sr=I-D`UN3sdx4Tr)Y61L*@7?R!x^UOjDMW^bd4VnC9R!C16_DrS0f'IWJsVt-?blSi%,e0Nl+7~`0~2jH9Aej=gB5izfY&?TcJgZJ=P)p5-grFxP]-e7pCf@P9zYRiDx%JbczAsx3iI[JAWB&~6BioT[hzlrSUaSHA37gT'FOqBBft0}^BXe%@U%*u-,iW$'*w.=Xc+g69MmULh7o^L!C=4btgI_I?Db6'*)NS65s!ch00gI4AHHH+%e+^VIzxjEF3SITAeU+f&hRrgKa)zUp1Oqv@Yz}Rs0Qd]kL?l@eGTbx@I,cbtpjcu]I%'2cpD8+9F)H9YO}H4Mx2qj5rW[Z@JT(HvLqElJvu.qC[0F!AbUI%y=JjC?Ju&]d![Do?s1PE_mV&?-Mc3Mo6dO-9sX)`)c9_t`axb$&IwiE==9AgMGc(eFl9-DFY,WP9&3k$RY~XtjGoi`6sREp9gP6x]$lqE`MAutUR++e9})mp34oTQ$33_-?ZC(V@0~Q@Aqz}XbsVeiwh'qo?{b^,s)i5?qem'9{xGFA?fNdf).m2*m"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SO\AUTH\LOGON\ASK]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK\AUTH\LOGON\ASK]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Country List\261]
"Name"="Madagaskar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Country List\261]
"Name"="Madagaskar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Country List\261]
"Name"="Madagaskar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Country List\261]
"Name"="Madagaskar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/sec 92 Async Data Maps/sec 94 Data Map Hits % 96 Data Map Pins/sec 98 Pin Reads/sec 100 Sync Pin Reads/sec 102 Async Pin Reads/sec 104 Pin Read Hits % 106 Copy Reads/sec 108 Sync Copy Reads/sec 110 Async Copy Reads/sec 112 Copy Read Hits % 114 MDL Reads/sec 116 Sync MDL Reads/sec 118 Async MDL Reads/sec 120 MDL Read Hits % 122 Read Aheads/sec 124 Fast Reads/sec 126 Sync Fast Reads/sec 128 Async Fast Reads/sec 130 Fast Read Resource Misses/sec 132 Fast Read Not Possibles/sec 134 Lazy Write Flushes/sec 136 Lazy Write Pages/sec 138 Data Flushes/sec 140 Data Flush Pages/sec 142 % User Time 144 % Privileged Time 146 Context Switches/sec 148 Interrupts/sec 150 System Calls/sec 152 Level 1 TLB Fills/sec 154 Level 2 TLB Fills/sec 156 Enumerations Server/sec 158 Enumerations Domain/sec 160 Enumerations Other/sec 162 Missed Server Announcements 164 Missed Mailslot Datagrams 166 Missed Server List Requests 168 Server Announce Allocations Failed/sec 170 Mailslot Allocations Failed 172 Virtual Bytes Peak 174 Virtual Bytes 178 Working Set Peak 180 Working Set 182 Page File Bytes Peak 184 Page File Bytes 186 Private Bytes 188 Announcements Total/sec 190 Enumerations Total/sec 198 Current Disk Queue Length 200 % Disk Time 202 % Disk Read Time 204 % Disk Write Time 206 Avg. Disk sec/Transfer 208 Avg. Disk sec/Read 210 Avg. Disk sec/Write 212 Disk Transfers/sec 214 Disk Reads/sec 216 Disk Writes/sec 218 Disk Bytes/sec 220 Disk Read Bytes/sec 222 Disk Write Bytes/sec 224 Avg. Disk Bytes/Transfer 226 Avg. Disk Bytes/Read 228 Avg. Disk Bytes/Write 230 Process 232 Thread 234 PhysicalDisk 236 LogicalDisk 238 Processor 240 % Total Processor Time 242 % Total User Time 244 % Total Privileged Time 246 Total Interrupts/sec 248 Processes 250 Threads 252 Events 254 Semaphores 256 Mutexes 258 Sections 260 Objects 262 Redirector 264 Bytes Received/sec 266 Packets Received/sec 268 Read Bytes Paging/sec 270 Read Bytes Non-Paging/sec 272 Read Bytes Cache/sec 274 Read Bytes Network/sec 276 Bytes Transmitted/sec 278 Packets Transmitted/sec 280 Write Bytes Paging/sec 282 Write Bytes Non-Paging/sec 284 Write Bytes Cache/sec 286 Write Bytes Network/sec 288 Read Operations/sec 290 Read Operations Random/sec 292 Read Packets/sec 294 Reads Large/sec 296 Read Packets Small/sec 298 Write Operations/sec 300 Write Operations Random/sec 302 Write Packets/sec 304 Writes Large/sec 306 Write Packets Small/sec 308 Reads Denied/sec 310 Writes Denied/sec 312 Network Errors/sec 314 Server Sessions 316 Server Reconnects 318 Connects Core 320 Connects Lan Manager 2.0 322 Connects Lan Manager 2.1 324 Connects Windows NT 326 Server Disconnects 328 Server Sessions Hung 330 Server 336 Thread Wait Reason 340 Sessions Timed Out 342 Sessions Errored Out 344 Sessions Logged Off 346 Sessions Forced Off 348 Errors Logon 350 Errors Access Permissions 352 Errors Granted Access 354 Errors System 356 Blocking Requests Rejected 358 Work Item Shortages 360 Files Opened Total 362 Files Open 366 File Directory Searches 370 Pool Nonpaged Failures 372 Pool Nonpaged Peak 376 Pool Paged Failures 378 Pool Paged Peak 388 Bytes Total/sec 392 Current Commands 398 NWLink NetBIOS 400 Packets/sec 404 Context Blocks Queued/sec 406 File Data Operations/sec 408 % Free Space 410 Free Megabytes 412 Connections Open 414 Connections No Retries 416 Connections With Retries 418 Disconnects Local 420 Disconnects Remote 422 Failures Link 424 Failures Adapter 426 Connection Session Timeouts 428 Connections Canceled 430 Failures Resource Remote 432 Failures Resource Local 434 Failures Not Found 436 Failures No Listen 438 Datagrams/sec 440 Datagram Bytes/sec 442 Datagrams Sent/sec 444 Datagram Bytes Sent/sec 446 Datagrams Received/sec 448 Datagram Bytes Received/sec 452 Packets Sent/sec 456 Frames/sec 458 Frame Bytes/sec 460 Frames Sent/sec 462 Frame Bytes Sent/sec 464 Frames Received/sec 466 Frame Bytes Received/sec 468 Frames Re-Sent/sec 470 Frame Bytes Re-Sent/sec 472 Frames Rejected/sec 474 Frame Bytes Rejected/sec 476 Expirations Response 478 Expirations Ack 480 Window Send Maximum 482 Window Send Average 484 Piggyback Ack Queued/sec 486 Piggyback Ack Timeouts 488 NWLink IPX 490 NWLink SPX 492 NetBEUI 494 NetBEUI Resource 496 Used Maximum 498 Used Average 500 Times Exhausted 502 NBT Connection 506 Bytes Sent/sec 508 Total Bytes/sec 510 Network Interface 512 Bytes/sec 520 Current Bandwidth 524 Packets Received Unicast/sec 526 Packets Received Non-Unicast/sec 528 Packets Received Discarded 530 Packets Received Errors 532 Packets Received Unknown 536 Packets Sent Unicast/sec 538 Packets Sent Non-Unicast/sec 540 Packets Outbound Discarded 542 Packets Outbound Errors 544 Output Queue Length 546 IP 552 Datagrams Received Header Errors 554 Datagrams Received Address Errors 556 Datagrams Forwarded/sec 558 Datagrams Received Unknown Protocol 560 Datagrams Received Discarded 562 Datagrams Received Delivered/sec 566 Datagrams Outbound Discarded 568 Datagrams Outbound No Route 570 Fragments Received/sec 572 Fragments Re-assembled/sec 574 Fragment Re-assembly Failures 576 Fragmented Datagrams/sec 578 Fragmentation Failures 580 Fragments Created/sec 582 ICMP 584 Messages/sec 586 Messages Received/sec 588 Messages Received Errors 590 Received Dest. Unreachable 592 Received Time Exceeded 594 Received Parameter Problem 596 Received Source Quench 598 Received Redirect/sec 600 Received Echo/sec 602 Received Echo Reply/sec 604 Received Timestamp/sec 606 Received Timestamp Reply/sec 608 Received Address Mask 610 Received Address Mask Reply 612 Messages Sent/sec 614 Messages Outbound Errors 616 Sent Destination Unreachable 618 Sent Time Exceeded 620 Sent Parameter Problem 622 Sent Source Quench 624 Sent Redirect/sec 626 Sent Echo/sec 628 Sent Echo Reply/sec 630 Sent Timestamp/sec 632 Sent Timestamp Reply/sec 634 Sent Address Mask 636 Sent Address Mask Reply 638 TCP 640 Segments/sec 642 Connections Established 644 Connections Active 646 Connections Passive 648 Connection Failures 650 Connections Reset 652 Segments Received/sec 654 Segments Sent/sec 656 Segments Retransmitted/sec 658 UDP 660 % Total DPC Time 662 % Total Interrupt Time 664 Datagrams No Port/sec 666 Datagrams Received Errors 670 Disk Storage Unit 672 Allocation Failures 674 System Up Time 676 System Handle Count 678 Free System Page Table Entries 680 Thread Count 682 Priority Base 684 Elapsed Time 686 Alignment Fixups/sec 688 Exception Dispatches/sec 690 Floating Emulations/sec 692 Logon/sec 694 Priority Current 696 % DPC Time 698 % Interrupt Time 700 Paging File 702 % Usage 704 % Usage Peak 706 Start Address 708 User PC 710 Mapped Space No Access 712 Mapped Space Read Only 714 Mapped Space Read/Write 716 Mapped Space Write Copy 718 Mapped Space Executable 720 Mapped Space Exec Read Only 722 Mapped Space Exec Read/Write 724 Mapped Space Exec Write Copy 726 Reserved Space No Access 728 Reserved Space Read Only 730 Reserved Space Read/Write 732 Reserved Space Write Copy 734 Reserved Space Executable 736 Reserved Space Exec Read Only 738 Reserved Space Exec Read/Write 740 Image 742 Reserved Space Exec Write Copy 744 Unassigned Space No Access 746 Unassigned Space Read Only 748 Unassigned Space Read/Write 750 Unassigned Space Write Copy 752 Unassigned Space Executable 754 Unassigned Space Exec Read Only 756 Unassigned Space Exec Read/Write 758 Unassigned Space Exec Write Copy 760 Image Space No Access 762 Image Space Read Only 764 Image Space Read/Write 766 Image Space Write Copy 768 Image Space Executable 770 Image Space Exec Read Only 772 Image Space Exec Read/Write 774 Image Space Exec Write Copy 776 Bytes Image Reserved 778 Bytes Image Free 780 Bytes Reserved 782 Bytes Free 784 ID Process 786 Process Address Space 788 No Access 790 Read Only 792 Read/Write 794 Write Copy 796 Executable 798 Exec Read Only 800 Exec Read/Write 802 Exec Write Copy 804 ID Thread 806 Mailslot Receives Failed 808 Mailslot Writes Failed 810 Mailslot Opens Failed/sec 812 Duplicate Master Announcements 814 Illegal Datagrams/sec 816 Thread Details 818 Cache Bytes 820 Cache Bytes Peak 822 Pages Input/sec 870 RAS Port 872 Bytes Transmitted 874 Bytes Received 876 Frames Transmitted 878 Frames Received. 880 Percent Compression Out 882 Percent Compression In 884 CRC Errors 886 Timeout Errors 888 Serial Overrun Errors 890 Alignment Errors 892 Buffer Overrun Errors 894 Total Errors 896 Bytes Transmitted/Sec 898 Bytes Received/Sec 900 Frames Transmitted/Sec 902 Frames Received/Sec 904 Total Errors/Sec 906 RAS Total 908 Total Connections 920 WINS Server 922 Unique Registrations/sec 924 Group Registrations/sec 926 Total Number of Registrations/sec 928 Unique Renewals/sec 930 Group Renewals/sec 932 Total Number of Renewals/sec 934 Releases/sec 936 Queries/sec 938 Unique Conflicts/sec 940 Group Conflicts/sec 942 Total Number of Conflicts/sec 944 Successful Releases/sec 946 Failed Releases/sec 948 Successful Queries/sec 950 Failed Queries/sec 952 Handle Count 1000 MacFile Server 1002 Max Paged Memory 1004 Current Paged Memory 1006 Max NonPaged Memory 1008 Current NonPaged memory 1010 Current Sessions 1012 Maximum Sessions 1014 Current Files Open 1016 Maximum Files Open 1018 Failed Logons 1020 Data Read/sec 1022 Data Written/sec 1024 Data Received/sec 1026 Data Transmitted/sec 1028 Current Queue Length 1030 Maximum Queue Length 1032 Current Threads 1034 Maximum Threads 1050 AppleTalk 1052 Packets In/sec 1054 Packets Out/sec 1056 Bytes In/sec 1058 Bytes Out/sec 1060 Average Time/DDP Packet 1062 DDP Packets/sec 1064 Average Time/AARP Packet 1066 AARP Packets/sec 1068 Average Time/ATP Packet 1070 ATP Packets/sec 1072 Average Time/NBP Packet 1074 NBP Packets/sec 1076 Average Time/ZIP Packet 1078 ZIP Packets/sec 1080 Average Time/RTMP Packet 1082 RTMP Packets/sec 1084 ATP Retries Local 1086 ATP Response Timouts 1088 ATP XO Response/Sec 1090 ATP ALO Response/Sec 1092 ATP Recvd Release/Sec 1094 Current NonPaged Pool 1096 Packets Routed In/Sec 1098 Packets dropped 1100 ATP Retries Remote 1102 Packets Routed Out/Sec 1110 Network Segment 1112 Total frames received/second 1114 Total bytes received/second 1116 Broadcast frames received/second 1118 Multicast frames received/second 1120 % Network utilization 1124 % Broadcast Frames 1126 % Multicast Frames 1150 Telephony 1152 Lines 1154 Telephone Devices 1156 Active Lines 1158 Active Telephones 1160 Outgoing Calls/sec 1162 Incoming Calls/sec 1164 Client Apps 1166 Current Outgoing Calls 1168 Current Incoming Calls 1228 Gateway Service For NetWare 1230 Client Service For NetWare 1232 Packet Burst Read NCP Count/sec 1234 Packet Burst Read Timeouts/sec 1236 Packet Burst Write NCP Count/sec 1238 Packet Burst Write Timeouts/sec 1240 Packet Burst IO/sec 1242 Connect NetWare 2.x 1244 Connect NetWare 3.x 1246 Connect NetWare 4.x 1260 Logon Total 1300 Server Work Queues 1302 Queue Length 1304 Active Threads 1306 Available Threads 1308 Available Work Items 1310 Borrowed Work Items 1312 Work Item Shortages 1314 Current Clients 1320 Bytes Transferred/sec 1324 Read Bytes/sec 1328 Write Bytes/sec 1332 Total Operations/sec 1334 DPCs Queued/sec 1336 DPC Rate 1342 Total DPCs Queued/sec 1344 Total DPC Rate 1350 % Registry Quota In Use 1360 VL Memory 1362 VLM % Virtual Size In Use 1364 VLM Virtual Size 1366 VLM Virtual Size Peak 1368 VLM Virtual Size Available 1370 VLM Commit Charge 1372 VLM Commit Charge Peak 1374 System VLM Commit Charge 1376 System VLM Commit Charge Peak 1378 System VLM Shared Commit Charge 1380 Available KBytes 1382 Available MBytes 1400 Avg. Disk Queue Length 1402 Avg. Disk Read Queue Length 1404 Avg. Disk Write Queue Length 1406 % Committed Bytes In Use 1408 Full Image 1410 Creating Process ID 1412 IO Read Operations/sec 1414 IO Write Operations/sec 1416 IO Data Operations/sec 1418 IO Other Operations/sec 1420 IO Read Bytes/sec 1422 IO Write Bytes/sec 1424 IO Data Bytes/sec 1426 IO Other Bytes/sec 1450 Print Queue 1452 Total Jobs Printed 1454 Bytes Printed/sec 1456 Total Pages Printed 1458 Jobs 1460 References 1462 Max References 1464 Jobs Spooling 1466 Max Jobs Spooling 1468 Out of Paper Errors 1470 Not Ready Errors 1472 Job Errors 1474 Enumerate Network Printer Calls 1476 Add Network Printer Calls 1478 Working Set - Private 1480 Working Set - Shared 1482 % Idle Time 1484 Split IO/Sec 1500 Job Object 1502 Current % Processor Time 1504 Current % User Mode Time 1506 Current % Kernel Mode Time 1508 This Period mSec - Processor 1510 This Period mSec - User Mode 1512 This Period mSec - Kernel Mode 1514 Pages/Sec 1516 Process Count - Total 1518 Process Count - Active 1520 Process Count - Terminated 1522 Total mSec - Processor 1524 Total mSec - User Mode 1526 Total mSec - Kernel Mode 1548 Job Object Details 1746 % Idle Time 1748 % C1 Time 1750 % C2 Time 1752 % C3 Time 1754 C1 Transitions/sec 1756 C2 Transitions/sec 1758 C3 Transitions/sec 1760 Heap 1762 Committed Bytes 1764 Reserved Bytes 1766 Virtual Bytes 1768 Free Bytes 1770 Free List Length 1772 Avg. alloc rate 1774 Avg. free rate 1776 Uncommitted Ranges Length 1778 Allocs - Frees 1780 Cached Allocs/sec 1782 Cached Frees/sec 1784 Allocs <1K/sec 1786 Frees <1K/sec 1788 Allocs 1-8K/sec 1790 Frees 1-8K/sec 1792 Allocs over 8K/sec 1794 Frees over 8K/sec 1796 Total Allocs/sec 1798 Total Frees/sec 1800 Blocks in Heap Cache 1802 Largest Cache Depth 1804 % Fragmentation 1806 % VAFragmentation 1808 Heap Lock contention 1846 End Marker 1848 RSVP Service 1850 Network Interfaces 1852 Network sockets 1854 Timers 1856 RSVP sessions 1858 QoS clients 1860 QoS-enabled senders 1862 QoS-enabled receivers 1864 Failed QoS requests 1866 Failed QoS sends 1868 QoS notifications 1870 Bytes in QoS notifications 1872 RSVP Interfaces 1874 Signaling bytes received 1876 Signaling bytes sent 1878 PATH messages received 1880 RESV messages received 1882 PATH ERR messages received 1884 RESV ERR messages received 1886 PATH TEAR messages received 1888 RESV TEAR messages received 1890 RESV CONFIRM messages received 1892 PATH messages sent 1894 RESV messages sent 1896 PATH ERR messages sent 1898 RESV ERR messages sent 1900 PATH TEAR messages sent 1902 RESV TEAR messages sent 1904 RESV CONFIRM messages sent 1906 Resource control failures 1908 Policy control failures 1910 General failures 1912 Blocked RESVs 1914 RESV state block timeouts 1916 PATH state block timeouts 1918 Send messages errors - Big messages 1920 Receive messages errors - Big messages 1922 Send messages errors - No memory 1924 Receive messages errors - No memory 1926 Number of incoming messages dropped 1928 Number of outgoing messages dropped 1930 Number of active flows 1932 Reserved bandwidth 1934 Maximum admitted bandwidth 1936 PSched Flow 1938 PSched Pipe 1940 Packets dropped 1942 Packets scheduled 1944 Packets transmitted 1946 Average packets in shaper 1948 Max packets in shaper 1950 Average packets in sequencer 1952 Max packets in sequencer 1954 Bytes scheduled 1956 Bytes transmitted 1958 Bytes transmitted/sec 1960 Bytes scheduled/sec 1962 Packets transmitted/sec 1964 Packets scheduled/sec 1966 Packets dropped/sec 1968 Nonconforming packets scheduled 1970 Nonconforming packets scheduled/sec 1972 Nonconforming packets transmitted 1974 Nonconforming packets transmitted/sec 1976 Maximum Packets in netcard 1978 Average Packets in netcard 1980 Out of packets 1982 Flows opened 1984 Flows closed 1986 Flows rejected 1988 Flows modified 1990 Flow mods rejected 1992 Max simultaneous flows 1994 Nonconforming packets scheduled 1996 Nonconforming packets scheduled/sec 1998 Nonconforming packets transmitted 2000 Nonconforming packets transmitted/sec 2002 Average packets in shaper 2004 Max packets in shaper 2006 Average packets in sequencer 2008 Max packets in sequencer 2010 Max packets in netcard 2012 Average packets in netcard 2014 RAS Port 2016 Bytes Transmitted 2018 Bytes Received 2020 Frames Transmitted 2022 Frames Received 2024 Percent Compression Out 2026 Percent Compression In 2028 CRC Errors 2030 Timeout Errors 2032 Serial Overrun Errors 2034 Alignment Errors 2036 Buffer Overrun Errors 2038 Total Errors 2040 Bytes Transmitted/Sec 2042 Bytes Received/Sec 2044 Frames Transmitted/Sec 2046 Frames Received/Sec 2048 Total Errors/Sec 2050 RAS Total 2052 Total Connections 2054 Terminal Services Session 2056 Input WdBytes 2058 Input WdFrames 2060 Input WaitForOutBuf 2062 Input Frames 2064 Input Bytes 2066 Input Compressed Bytes 2068 Input Compress Flushes 2070 Input Errors 2072 Input Timeouts 2074 Input Async Frame Error 2076 Input Async Overrun 2078 Input Async Overflow 2080 Input Async Parity Error 2082 Input Transport Errors 2084 Output WdBytes 2086 Output WdFrames 2088 Output WaitForOutBuf 2090 Output Frames 2092 Output Bytes 2094 Output Compressed Bytes 2096 Output Compress Flushes 2098 Output Errors 2100 Output Timeouts 2102 Output Async Frame Error 2104 Output Async Overrun 2106 Output Async Overflow 2108 Output Async Parity Error 2110 Output Transport Errors 2112 Total WdBytes 2114 Total WdFrames 2116 Total WaitForOutBuf 2118 Total Frames 2120 Total Bytes 2122 Total Compressed Bytes 2124 Total Compress Flushes 2126 Total Errors 2128 Total Timeouts 2130 Total Async Frame Error 2132 Total Async Overrun 2134 Total Async Overflow 2136 Total Async Parity Error 2138 Total Transport Errors 2140 Total Protocol Cache Reads 2142 Total Protocol Cache Hits 2144 Total Protocol Cache Hit Ratio 2146 Protocol Bitmap Cache Reads 2148 Protocol Bitmap Cache Hits 2150 Protocol Bitmap Cache Hit Ratio 2152 Protocol Glyph Cache Reads 2154 Protocol Glyph Cache Hits 2156 Protocol Glyph Cache Hit Ratio 2158 Protocol Brush Cache Reads 2160 Protocol Brush Cache Hits 2162 Protocol Brush Cache Hit Ratio 2164 Protocol Save Screen Bitmap Cache Reads 2166 Protocol Save Screen Bitmap Cache Hits 2168 Protocol Save Screen Bitmap Cache Hit Ratio 2170 Input Compression Ratio 2172 Output Compression Ratio 2174 Total Compression Ratio 2176 Terminal Services 2178 Total Sessions 2180 Active Sessions 2182 Inactive Sessions 2184 Distributed Transaction Coordinator 2186 Active Transactions 2188 Committed Transactions 2190 Aborted Transactions 2192 In Doubt Transactions 2194 Active Transactions Maximum 2196 Force Committed Transactions 2198 Force Aborted Transactions 2200 Response Time -- Minimum 2202 Response Time -- Average 2204 Response Time -- Maximum 2206 Transactions/sec 2208 Committed Transactions/sec 2210 Aborted Transactions/sec 2218 Indexing Service 2220 Word lists 2222 Saved indexes 2224 Index size (MB) 2226 Files to be indexed 2228 Unique keys 2230 Running queries 2232 Merge progress 2234 # documents indexed 2236 Total # documents 2238 Total # of queries 2240 Deferred for indexing 2242 Indexing Service Filter 2244 Total indexing speed (MB/hr) 2246 Binding time (msec) 2248 Indexing speed (MB/hr) 2250 Http Indexing Service 2252 Cache items 2254 % Cache hits 2256 Total cache accesses 1 2258 % Cache misses 2260 Total cache accesses 2 2262 Active queries 2264 Total queries 2266 Queries per minute 2268 Current requests queued 2270 Total requests rejected 2870 .NET CLR Networking 2872 Connections Established 2874 Bytes Received 2876 Bytes Sent 2878 Datagrams Received 2880 Datagrams Sent 2882 .NET Data Provider for Oracle 2884 HardConnectsPerSecond 2886 HardDisconnectsPerSecond 2888 SoftConnectsPerSecond 2890 SoftDisconnectsPerSecond 2892 NumberOfNonPooledConnections 2894 NumberOfPooledConnections 2896 NumberOfActiveConnectionPoolGroups 2898 NumberOfInactiveConnectionPoolGroups 2900 NumberOfActiveConnectionPools 2902 NumberOfInactiveConnectionPools 2904 NumberOfActiveConnections 2906 NumberOfFreeConnections 2908 NumberOfStasisConnections 2910 NumberOfReclaimedConnections 2912 .NET Data Provider for SqlServer 2914 HardConnectsPerSecond 2916 HardDisconnectsPerSecond 2918 SoftConnectsPerSecond 2920 SoftDisconnectsPerSecond 2922 NumberOfNonPooledConnections 2924 NumberOfPooledConnections 2926 NumberOfActiveConnectionPoolGroups 2928 NumberOfInactiveConnectionPoolGroups 2930 NumberOfActiveConnectionPools 2932 NumberOfInactiveConnectionPools 2934 NumberOfActiveConnections 2936 NumberOfFreeConnections 2938 NumberOfStasisConnections 2940 NumberOfReclaimedConnections 2942 .NET CLR Data 2944 SqlClient: Current # pooled and nonpooled connections 2946 SqlClient: Current # pooled connections 2948 SqlClient: Current # connection pools 2950 SqlClient: Peak # pooled connections 2952 SqlClient: Total # failed connects 2954 SqlClient: Total # failed commands 2956 .NET CLR Memory 2958 # Gen 0 Collections 2960 # Gen 1 Collections 2962 # Gen 2 Collections 2964 Promoted Memory from Gen 0 2966 Promoted Memory from Gen 1 2968 Gen 0 Promoted Bytes/Sec 2970 Gen 1 Promoted Bytes/Sec 2972 Promoted Finalization-Memory from Gen 0 2974 Process ID 2976 Gen 0 heap size 2978 Gen 1 heap size 2980 Gen 2 heap size 2982 Large Object Heap size 2984 Finalization Survivors 2986 # GC Handles 2988 Allocated Bytes/sec 2990 # Induced GC 2992 % Time in GC 2994 Not Displayed 2996 # Bytes in all Heaps 2998 # Total committed Bytes 3000 # Total reserved Bytes 3002 # of Pinned Objects 3004 # of Sink Blocks in use 3006 .NET CLR Loading 3008 Total Classes Loaded 3010 % Time Loading 3012 Assembly Search Length 3014 Total # of Load Failures 3016 Rate of Load Failures 3018 Bytes in Loader Heap 3020 Total appdomains unloaded 3022 Rate of appdomains unloaded 3024 Current Classes Loaded 3026 Rate of Classes Loaded 3028 Current appdomains 3030 Total Appdomains 3032 Rate of appdomains 3034 Current Assemblies 3036 Total Assemblies 3038 Rate of Assemblies 3040 .NET CLR Jit 3042 # of Methods Jitted 3044 # of IL Bytes Jitted 3046 Total # of IL Bytes Jitted 3048 IL Bytes Jitted / sec 3050 Standard Jit Failures 3052 % Time in Jit 3054 Not Displayed 3056 .NET CLR Interop 3058 # of CCWs 3060 # of Stubs 3062 # of marshalling 3064 # of TLB imports / sec 3066 # of TLB exports / sec 3068 .NET CLR LocksAndThreads 3070 Total # of Contentions 3072 Contention Rate / sec 3074 Current Queue Length 3076 Queue Length Peak 3078 Queue Length / sec 3080 # of current logical Threads 3082 # of current physical Threads 3084 # of current recognized threads 3086 # of total recognized threads 3088 rate of recognized threads / sec 3090 .NET CLR Security 3092 Total Runtime Checks 3094 % Time Sig. Authenticating 3096 # Link Time Checks 3098 % Time in RT checks 3100 Not Displayed 3102 Stack Walk Depth 3104 .NET CLR Remoting 3106 Remote Calls/sec 3108 Channels 3110 Context Proxies 3112 Context-Bound Classes Loaded 3114 Context-Bound Objects Alloc / sec 3116 Contexts 3118 Total Remote Calls 3120 .NET CLR Exceptions 3122 # of Exceps Thrown 3124 # of Exceps Thrown / sec 3126 # of Filters / sec 3128 # of Finallys / sec 3130 Throw To Catch Depth / sec 3758 Windows Workflow Foundation 3760 Workflows Created 3762 Workflows Created/sec 3764 Workflows Unloaded 3766 Workflows Unloaded/sec 3768 Workflows Loaded 3770 Workflows Loaded/sec 3772 Workflows Completed 3774 Workflows Completed/sec 3776 Workflows Suspended 3778 Workflows Suspended/sec 3780 Workflows Terminated 3782 Workflows Terminated/sec 3784 Workflows In Memory 3786 Workflows Aborted 3788 Workflows Aborted/sec 3790 Workflows Persisted 3792 Workflows Persisted/sec 3794 Workflows Executing 3796 Workflows Idle/sec 3798 Workflows Runnable 3800 Workflows Pending 3802 ServiceModelEndpoint 3.0.0.0 3804 Calls 3806 Calls Per Second 3808 Calls Outstanding 3810 Calls Failed 3812 Calls Failed Per Second 3814 Calls Faulted 3816 Calls Faulted Per Second 3818 Calls Duration 3820 Calls Duration Base 3822 Transactions Flowed 3824 Transactions Flowed Per Second 3826 Security Validation and Authentication Failures 3828 Security Validation and Authentication Failures Per Second 3830 Security Calls Not Authorized 3832 Security Calls Not Authorized Per Second 3834 Reliable Messaging Sessions Faulted 3836 Reliable Messaging Sessions Faulted Per Second 3838 Reliable Messaging Messages Dropped 3840 Reliable Messaging Messages Dropped Per Second 3842 ServiceModelOperation 3.0.0.0 3844 Calls 3846 Calls Per Second 3848 Calls Outstanding 3850 Calls Failed 3852 Call Failed Per Second 3854 Calls Faulted 3856 Calls Faulted Per Second 3858 Calls Duration 3860 Calls Duration Base 3862 Transactions Flowed 3864 Transactions Flowed Per Second 3866 Security Validation and Authentication Failures 3868 Security Validation and Authentication Failures Per Second 3870 Security Calls Not Authorized 3872 Security Calls Not Authorized Per Second 3874 ServiceModelService 3.0.0.0 3876 Calls 3878 Calls Per Second 3880 Calls Outstanding 3882 Calls Failed 3884 Calls Failed Per Second 3886 Calls Faulted 3888 Calls Faulted Per Second 3890 Calls Duration 3892 Calls Duration Base 3894 Transactions Flowed 3896 Transactions Flowed Per Second 3898 Transacted Operations Committed 3900 Transacted Operations Committed Per Second 3902 Transacted Operations Aborted 3904 Transacted Operations Aborted Per Second 3906 Transacted Operations In Doubt 3908 Transacted Operations In Doubt Per Second 3910 Security Validation and Authentication Failures 3912 Security Validation and Authentication Failures Per Second 3914 Security Calls Not Authorized 3916 Security Calls Not Authorized Per Second 3918 Instances 3920 Instances Created Per Second 3922 Reliable Messaging Sessions Faulted 3924 Reliable Messaging Sessions Faulted Per Second 3926 Reliable Messaging Messages Dropped 3928 Reliable Messaging Messages Dropped Per Second 3930 Queued Poison Messages 3932 Queued Poison Messages Per Second 3934 Queued Messages Rejected 3936 Queued Messages Rejected Per Second 3938 Queued Messages Dropped 3940 Queued Messages Dropped Per Second 3942 SMSvcHost 3.0.0.0 3944 Protocol Failures over net.tcp 3946 Protocol Failures over net.pipe 3948 Dispatch Failures over net.tcp 3950 Dispatch Failures over net.pipe 3952 Connections Dispatched over net.tcp 3954 Connections Dispatched over net.pipe 3956 Connections Accepted over net.tcp 3958 Connections Accepted over net.pipe 3960 Registrations Active for net.tcp 3962 Registrations Active for net.pipe 3964 Uris Registered for net.tcp 3966 Uris Registered for net.pipe 3968 Uris Unregistered for net.tcp 3970 Uris Unregistered for net.pipe 3972 MSDTC Bridge 3.0.0.0 3974 Message send failures/sec 3976 Prepare retry count/sec 3978 Commit retry count/sec 3980 Prepared retry count/sec 3982 Replay retry count/sec 3984 Faults received count/sec 3986 Faults sent count/sec 3988 Average participant prepare response time 3990 Average participant prepare response time Base 3992 Average participant commit response time 3994 Average participant commit response time Base 4622 ASP.NET State Service 4828 State Server Sessions Active 4830 State Server Sessions Abandoned 4832 State Server Sessions Timed Out 4834 State Server Sessions Total 4836 ASP.NET v2.0.50727 4838 ASP.NET Apps v2.0.50727 4840 Application Restarts 4842 Applications Running 4844 Requests Disconnected 4846 Request Execution Time 4848 Requests Rejected 4850 Requests Queued 4852 Worker Processes Running 4854 Worker Process Restarts 4856 Request Wait Time 4858 State Server Sessions Active 4860 State Server Sessions Abandoned 4862 State Server Sessions Timed Out 4864 State Server Sessions Total 4866 Requests Current 4868 Audit Success Events Raised 4870 Audit Failure Events Raised 4872 Error Events Raised 4874 Request Error Events Raised 4876 Infrastructure Error Events Raised 4878 Anonymous Requests 4880 Anonymous Requests/Sec 4882 Cache Total Entries 4884 Cache Total Turnover Rate 4886 Cache Total Hits 4888 Cache Total Misses 4890 Cache Total Hit Ratio 4892 Cache Total Hit Ratio Base 4894 Cache API Entries 4896 Cache API Turnover Rate 4898 Cache API Hits 4900 Cache API Misses 4902 Cache API Hit Ratio 4904 Cache API Hit Ratio Base 4906 Output Cache Entries 4908 Output Cache Turnover Rate 4910 Output Cache Hits 4912 Output Cache Misses 4914 Output Cache Hit Ratio 4916 Output Cache Hit Ratio Base 4918 Compilations Total 4920 Debugging Requests 4922 Errors During Preprocessing 4924 Errors During Compilation 4926 Errors During Execution 4928 Errors Unhandled During Execution 4930 Errors Unhandled During Execution/Sec 4932 Errors Total 4934 Errors Total/Sec 4936 Pipeline Instance Count 4938 Request Bytes In Total 4940 Request Bytes Out Total 4942 Requests Executing 4944 Requests Failed 4946 Requests Not Found 4948 Requests Not Authorized 4950 Requests In Application Queue 4952 Requests Timed Out 4954 Requests Succeeded 4956 Requests Total 4958 Requests/Sec 4960 Sessions Active 4962 Sessions Abandoned 4964 Sessions Timed Out 4966 Sessions Total 4968 Transactions Aborted 4970 Transactions Committed 4972 Transactions Pending 4974 Transactions Total 4976 Transactions/Sec 4978 Session State Server connections total 4980 Session SQL Server connections total 4982 Events Raised 4984 Events Raised/Sec 4986 Application Lifetime Events 4988 Application Lifetime Events/Sec 4990 Error Events Raised 4992 Error Events Raised/Sec 4994 Request Error Events Raised 4996 Request Error Events Raised/Sec 4998 Infrastructure Error Events Raised 5000 Infrastructure Error Events Raised/Sec 5002 Request Events Raised 5004 Request Events Raised/Sec 5006 Audit Success Events Raised 5008 Audit Failure Events Raised 5010 Membership Authentication Success 5012 Membership Authentication Failure 5014 Forms Authentication Success 5016 Forms Authentication Failure 5018 Viewstate MAC Validation Failure 5020 Request Execution Time 5022 Requests Disconnected 5024 Requests Rejected 5026 Request Wait Time 5028 Cache % Machine Memory Limit Used 5030 Cache % Machine Memory Limit Used Base 5032 Cache % Process Memory Limit Used 5034 Cache % Process Memory Limit Used Base 5036 Cache Total Trims 5038 Cache API Trims 5040 Output Cache Trims 5042 ASP.NET 5044 ASP.NET Applications 5046 Application Restarts 5048 Applications Running 5050 Requests Disconnected 5052 Request Execution Time 5054 Requests Rejected 5056 Requests Queued 5058 Worker Processes Running 5060 Worker Process Restarts 5062 Request Wait Time 5064 State Server Sessions Active 5066 State Server Sessions Abandoned 5068 State Server Sessions Timed Out 5070 State Server Sessions Total 5072 Requests Current 5074 Audit Success Events Raised 5076 Audit Failure Events Raised 5078 Error Events Raised 5080 Request Error Events Raised 5082 Infrastructure Error Events Raised 5084 Anonymous Requests 5086 Anonymous Requests/Sec 5088 Cache Total Entries 5090 Cache Total Turnover Rate 5092 Cache Total Hits 5094 Cache Total Misses 5096 Cache Total Hit Ratio 5098 Cache Total Hit Ratio Base 5100 Cache API Entries 5102 Cache API Turnover Rate 5104 Cache API Hits 5106 Cache API Misses 5108 Cache API Hit Ratio 5110 Cache API Hit Ratio Base 5112 Output Cache Entries 5114 Output Cache Turnover Rate 5116 Output Cache Hits 5118 Output Cache Misses 5120 Output Cache Hit Ratio 5122 Output Cache Hit Ratio Base 5124 Compilations Total 5126 Debugging Requests 5128 Errors During Preprocessing 5130 Errors During Compilation 5132 Errors During Execution 5134 Errors Unhandled During Execution 5136 Errors Unhandled During Execution/Sec 5138 Errors Total 5140 Errors Total/Sec 5142 Pipeline Instance Count 5144 Request Bytes In Total 5146 Request Bytes Out Total 5148 Requests Executing 5150 Requests Failed 5152 Requests Not Found 5154 Requests Not Authorized 5156 Requests In Application Queue 5158 Requests Timed Out 5160 Requests Succeeded 5162 Requests Total 5164 Requests/Sec 5166 Sessions Active 5168 Sessions Abandoned 5170 Sessions Timed Out 5172 Sessions Total 5174 Transactions Aborted 5176 Transactions Committed 5178 Transactions Pending 5180 Transactions Total 5182 Transactions/Sec 5184 Session State Server connections total 5186 Session SQL Server connections total 5188 Events Raised 5190 Events Raised/Sec 5192 Application Lifetime Events 5194 Application Lifetime Events/Sec 5196 Error Events Raised 5198 Error Events Raised/Sec 5200 Request Error Events Raised 5202 Request Error Events Raised/Sec 5204 Infrastructure Error Events Raised 5206 Infrastructure Error Events Raised/Sec 5208 Request Events Raised 5210 Request Events Raised/Sec 5212 Audit Success Events Raised 5214 Audit Failure Events Raised 5216 Membership Authentication Success 5218 Membership Authentication Failure 5220 Forms Authentication Success 5222 Forms Authentication Failure 5224 Viewstate MAC Validation Failure 5226 Request Execution Time 5228 Requests Disconnected 5230 Requests Rejected 5232 Request Wait Time 5234 Cache % Machine Memory Limit Used 5236 Cache % Machine Memory Limit Used Base 5238 Cache % Process Memory Limit Used 5240 Cache % Process Memory Limit Used Base 5242 Cache Total Trims 5244 Cache API Trims 5246 Output Cache Trims 5248 WMI Objects 5250 HiPerf Classes 5252 HiPerf Validity 5254 ProcessorPerformance 5256 frequency 5258 percentage 5260 power"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/sec 92 Async Data Maps/sec 94 Data Map Hits % 96 Data Map Pins/sec 98 Pin Reads/sec 100 Sync Pin Reads/sec 102 Async Pin Reads/sec 104 Pin Read Hits % 106 Copy Reads/sec 108 Sync Copy Reads/sec 110 Async Copy Reads/sec 112 Copy Read Hits % 114 MDL Reads/sec 116 Sync MDL Reads/sec 118 Async MDL Reads/sec 120 MDL Read Hits % 122 Read Aheads/sec 124 Fast Reads/sec 126 Sync Fast Reads/sec 128 Async Fast Reads/sec 130 Fast Read Resource Misses/sec 132 Fast Read Not Possibles/sec 134 Lazy Write Flushes/sec 136 Lazy Write Pages/sec 138 Data Flushes/sec 140 Data Flush Pages/sec 142 % User Time 144 % Privileged Time 146 Context Switches/sec 148 Interrupts/sec 150 System Calls/sec 152 Level 1 TLB Fills/sec 154 Level 2 TLB Fills/sec 156 Enumerations Server/sec 158 Enumerations Domain/sec 160 Enumerations Other/sec 162 Missed Server Announcements 164 Missed Mailslot Datagrams 166 Missed Server List Requests 168 Server Announce Allocations Failed/sec 170 Mailslot Allocations Failed 172 Virtual Bytes Peak 174 Virtual Bytes 178 Working Set Peak 180 Working Set 182 Page File Bytes Peak 184 Page File Bytes 186 Private Bytes 188 Announcements Total/sec 190 Enumerations Total/sec 198 Current Disk Queue Length 200 % Disk Time 202 % Disk Read Time 204 % Disk Write Time 206 Avg. Disk sec/Transfer 208 Avg. Disk sec/Read 210 Avg. Disk sec/Write 212 Disk Transfers/sec 214 Disk Reads/sec 216 Disk Writes/sec 218 Disk Bytes/sec 220 Disk Read Bytes/sec 222 Disk Write Bytes/sec 224 Avg. Disk Bytes/Transfer 226 Avg. Disk Bytes/Read 228 Avg. Disk Bytes/Write 230 Process 232 Thread 234 PhysicalDisk 236 LogicalDisk 238 Processor 240 % Total Processor Time 242 % Total User Time 244 % Total Privileged Time 246 Total Interrupts/sec 248 Processes 250 Threads 252 Events 254 Semaphores 256 Mutexes 258 Sections 260 Objects 262 Redirector 264 Bytes Received/sec 266 Packets Received/sec 268 Read Bytes Paging/sec 270 Read Bytes Non-Paging/sec 272 Read Bytes Cache/sec 274 Read Bytes Network/sec 276 Bytes Transmitted/sec 278 Packets Transmitted/sec 280 Write Bytes Paging/sec 282 Write Bytes Non-Paging/sec 284 Write Bytes Cache/sec 286 Write Bytes Network/sec 288 Read Operations/sec 290 Read Operations Random/sec 292 Read Packets/sec 294 Reads Large/sec 296 Read Packets Small/sec 298 Write Operations/sec 300 Write Operations Random/sec 302 Write Packets/sec 304 Writes Large/sec 306 Write Packets Small/sec 308 Reads Denied/sec 310 Writes Denied/sec 312 Network Errors/sec 314 Server Sessions 316 Server Reconnects 318 Connects Core 320 Connects Lan Manager 2.0 322 Connects Lan Manager 2.1 324 Connects Windows NT 326 Server Disconnects 328 Server Sessions Hung 330 Server 336 Thread Wait Reason 340 Sessions Timed Out 342 Sessions Errored Out 344 Sessions Logged Off 346 Sessions Forced Off 348 Errors Logon 350 Errors Access Permissions 352 Errors Granted Access 354 Errors System 356 Blocking Requests Rejected 358 Work Item Shortages 360 Files Opened Total 362 Files Open 366 File Directory Searches 370 Pool Nonpaged Failures 372 Pool Nonpaged Peak 376 Pool Paged Failures 378 Pool Paged Peak 388 Bytes Total/sec 392 Current Commands 398 NWLink NetBIOS 400 Packets/sec 404 Context Blocks Queued/sec 406 File Data Operations/sec 408 % Free Space 410 Free Megabytes 412 Connections Open 414 Connections No Retries 416 Connections With Retries 418 Disconnects Local 420 Disconnects Remote 422 Failures Link 424 Failures Adapter 426 Connection Session Timeouts 428 Connections Canceled 430 Failures Resource Remote 432 Failures Resource Local 434 Failures Not Found 436 Failures No Listen 438 Datagrams/sec 440 Datagram Bytes/sec 442 Datagrams Sent/sec 444 Datagram Bytes Sent/sec 446 Datagrams Received/sec 448 Datagram Bytes Received/sec 452 Packets Sent/sec 456 Frames/sec 458 Frame Bytes/sec 460 Frames Sent/sec 462 Frame Bytes Sent/sec 464 Frames Received/sec 466 Frame Bytes Received/sec 468 Frames Re-Sent/sec 470 Frame Bytes Re-Sent/sec 472 Frames Rejected/sec 474 Frame Bytes Rejected/sec 476 Expirations Response 478 Expirations Ack 480 Window Send Maximum 482 Window Send Average 484 Piggyback Ack Queued/sec 486 Piggyback Ack Timeouts 488 NWLink IPX 490 NWLink SPX 492 NetBEUI 494 NetBEUI Resource 496 Used Maximum 498 Used Average 500 Times Exhausted 502 NBT Connection 506 Bytes Sent/sec 508 Total Bytes/sec 510 Network Interface 512 Bytes/sec 520 Current Bandwidth 524 Packets Received Unicast/sec 526 Packets Received Non-Unicast/sec 528 Packets Received Discarded 530 Packets Received Errors 532 Packets Received Unknown 536 Packets Sent Unicast/sec 538 Packets Sent Non-Unicast/sec 540 Packets Outbound Discarded 542 Packets Outbound Errors 544 Output Queue Length 546 IP 552 Datagrams Received Header Errors 554 Datagrams Received Address Errors 556 Datagrams Forwarded/sec 558 Datagrams Received Unknown Protocol 560 Datagrams Received Discarded 562 Datagrams Received Delivered/sec 566 Datagrams Outbound Discarded 568 Datagrams Outbound No Route 570 Fragments Received/sec 572 Fragments Re-assembled/sec 574 Fragment Re-assembly Failures 576 Fragmented Datagrams/sec 578 Fragmentation Failures 580 Fragments Created/sec 582 ICMP 584 Messages/sec 586 Messages Received/sec 588 Messages Received Errors 590 Received Dest. Unreachable 592 Received Time Exceeded 594 Received Parameter Problem 596 Received Source Quench 598 Received Redirect/sec 600 Received Echo/sec 602 Received Echo Reply/sec 604 Received Timestamp/sec 606 Received Timestamp Reply/sec 608 Received Address Mask 610 Received Address Mask Reply 612 Messages Sent/sec 614 Messages Outbound Errors 616 Sent Destination Unreachable 618 Sent Time Exceeded 620 Sent Parameter Problem 622 Sent Source Quench 624 Sent Redirect/sec 626 Sent Echo/sec 628 Sent Echo Reply/sec 630 Sent Timestamp/sec 632 Sent Timestamp Reply/sec 634 Sent Address Mask 636 Sent Address Mask Reply 638 TCP 640 Segments/sec 642 Connections Established 644 Connections Active 646 Connections Passive 648 Connection Failures 650 Connections Reset 652 Segments Received/sec 654 Segments Sent/sec 656 Segments Retransmitted/sec 658 UDP 660 % Total DPC Time 662 % Total Interrupt Time 664 Datagrams No Port/sec 666 Datagrams Received Errors 670 Disk Storage Unit 672 Allocation Failures 674 System Up Time 676 System Handle Count 678 Free System Page Table Entries 680 Thread Count 682 Priority Base 684 Elapsed Time 686 Alignment Fixups/sec 688 Exception Dispatches/sec 690 Floating Emulations/sec 692 Logon/sec 694 Priority Current 696 % DPC Time 698 % Interrupt Time 700 Paging File 702 % Usage 704 % Usage Peak 706 Start Address 708 User PC 710 Mapped Space No Access 712 Mapped Space Read Only 714 Mapped Space Read/Write 716 Mapped Space Write Copy 718 Mapped Space Executable 720 Mapped Space Exec Read Only 722 Mapped Space Exec Read/Write 724 Mapped Space Exec Write Copy 726 Reserved Space No Access 728 Reserved Space Read Only 730 Reserved Space Read/Write 732 Reserved Space Write Copy 734 Reserved Space Executable 736 Reserved Space Exec Read Only 738 Reserved Space Exec Read/Write 740 Image 742 Reserved Space Exec Write Copy 744 Unassigned Space No Access 746 Unassigned Space Read Only 748 Unassigned Space Read/Write 750 Unassigned Space Write Copy 752 Unassigned Space Executable 754 Unassigned Space Exec Read Only 756 Unassigned Space Exec Read/Write 758 Unassigned Space Exec Write Copy 760 Image Space No Access 762 Image Space Read Only 764 Image Space Read/Write 766 Image Space Write Copy 768 Image Space Executable 770 Image Space Exec Read Only 772 Image Space Exec Read/Write 774 Image Space Exec Write Copy 776 Bytes Image Reserved 778 Bytes Image Free 780 Bytes Reserved 782 Bytes Free 784 ID Process 786 Process Address Space 788 No Access 790 Read Only 792 Read/Write 794 Write Copy 796 Executable 798 Exec Read Only 800 Exec Read/Write 802 Exec Write Copy 804 ID Thread 806 Mailslot Receives Failed 808 Mailslot Writes Failed 810 Mailslot Opens Failed/sec 812 Duplicate Master Announcements 814 Illegal Datagrams/sec 816 Thread Details 818 Cache Bytes 820 Cache Bytes Peak 822 Pages Input/sec 870 RAS Port 872 Bytes Transmitted 874 Bytes Received 876 Frames Transmitted 878 Frames Received. 880 Percent Compression Out 882 Percent Compression In 884 CRC Errors 886 Timeout Errors 888 Serial Overrun Errors 890 Alignment Errors 892 Buffer Overrun Errors 894 Total Errors 896 Bytes Transmitted/Sec 898 Bytes Received/Sec 900 Frames Transmitted/Sec 902 Frames Received/Sec 904 Total Errors/Sec 906 RAS Total 908 Total Connections 920 WINS Server 922 Unique Registrations/sec 924 Group Registrations/sec 926 Total Number of Registrations/sec 928 Unique Renewals/sec 930 Group Renewals/sec 932 Total Number of Renewals/sec 934 Releases/sec 936 Queries/sec 938 Unique Conflicts/sec 940 Group Conflicts/sec 942 Total Number of Conflicts/sec 944 Successful Releases/sec 946 Failed Releases/sec 948 Successful Queries/sec 950 Failed Queries/sec 952 Handle Count 1000 MacFile Server 1002 Max Paged Memory 1004 Current Paged Memory 1006 Max NonPaged Memory 1008 Current NonPaged memory 1010 Current Sessions 1012 Maximum Sessions 1014 Current Files Open 1016 Maximum Files Open 1018 Failed Logons 1020 Data Read/sec 1022 Data Written/sec 1024 Data Received/sec 1026 Data Transmitted/sec 1028 Current Queue Length 1030 Maximum Queue Length 1032 Current Threads 1034 Maximum Threads 1050 AppleTalk 1052 Packets In/sec 1054 Packets Out/sec 1056 Bytes In/sec 1058 Bytes Out/sec 1060 Average Time/DDP Packet 1062 DDP Packets/sec 1064 Average Time/AARP Packet 1066 AARP Packets/sec 1068 Average Time/ATP Packet 1070 ATP Packets/sec 1072 Average Time/NBP Packet 1074 NBP Packets/sec 1076 Average Time/ZIP Packet 1078 ZIP Packets/sec 1080 Average Time/RTMP Packet 1082 RTMP Packets/sec 1084 ATP Retries Local 1086 ATP Response Timouts 1088 ATP XO Response/Sec 1090 ATP ALO Response/Sec 1092 ATP Recvd Release/Sec 1094 Current NonPaged Pool 1096 Packets Routed In/Sec 1098 Packets dropped 1100 ATP Retries Remote 1102 Packets Routed Out/Sec 1110 Network Segment 1112 Total frames received/second 1114 Total bytes received/second 1116 Broadcast frames received/second 1118 Multicast frames received/second 1120 % Network utilization 1124 % Broadcast Frames 1126 % Multicast Frames 1150 Telephony 1152 Lines 1154 Telephone Devices 1156 Active Lines 1158 Active Telephones 1160 Outgoing Calls/sec 1162 Incoming Calls/sec 1164 Client Apps 1166 Current Outgoing Calls 1168 Current Incoming Calls 1228 Gateway Service For NetWare 1230 Client Service For NetWare 1232 Packet Burst Read NCP Count/sec 1234 Packet Burst Read Timeouts/sec 1236 Packet Burst Write NCP Count/sec 1238 Packet Burst Write Timeouts/sec 1240 Packet Burst IO/sec 1242 Connect NetWare 2.x 1244 Connect NetWare 3.x 1246 Connect NetWare 4.x 1260 Logon Total 1300 Server Work Queues 1302 Queue Length 1304 Active Threads 1306 Available Threads 1308 Available Work Items 1310 Borrowed Work Items 1312 Work Item Shortages 1314 Current Clients 1320 Bytes Transferred/sec 1324 Read Bytes/sec 1328 Write Bytes/sec 1332 Total Operations/sec 1334 DPCs Queued/sec 1336 DPC Rate 1342 Total DPCs Queued/sec 1344 Total DPC Rate 1350 % Registry Quota In Use 1360 VL Memory 1362 VLM % Virtual Size In Use 1364 VLM Virtual Size 1366 VLM Virtual Size Peak 1368 VLM Virtual Size Available 1370 VLM Commit Charge 1372 VLM Commit Charge Peak 1374 System VLM Commit Charge 1376 System VLM Commit Charge Peak 1378 System VLM Shared Commit Charge 1380 Available KBytes 1382 Available MBytes 1400 Avg. Disk Queue Length 1402 Avg. Disk Read Queue Length 1404 Avg. Disk Write Queue Length 1406 % Committed Bytes In Use 1408 Full Image 1410 Creating Process ID 1412 IO Read Operations/sec 1414 IO Write Operations/sec 1416 IO Data Operations/sec 1418 IO Other Operations/sec 1420 IO Read Bytes/sec 1422 IO Write Bytes/sec 1424 IO Data Bytes/sec 1426 IO Other Bytes/sec 1450 Print Queue 1452 Total Jobs Printed 1454 Bytes Printed/sec 1456 Total Pages Printed 1458 Jobs 1460 References 1462 Max References 1464 Jobs Spooling 1466 Max Jobs Spooling 1468 Out of Paper Errors 1470 Not Ready Errors 1472 Job Errors 1474 Enumerate Network Printer Calls 1476 Add Network Printer Calls 1478 Working Set - Private 1480 Working Set - Shared 1482 % Idle Time 1484 Split IO/Sec 1500 Job Object 1502 Current % Processor Time 1504 Current % User Mode Time 1506 Current % Kernel Mode Time 1508 This Period mSec - Processor 1510 This Period mSec - User Mode 1512 This Period mSec - Kernel Mode 1514 Pages/Sec 1516 Process Count - Total 1518 Process Count - Active 1520 Process Count - Terminated 1522 Total mSec - Processor 1524 Total mSec - User Mode 1526 Total mSec - Kernel Mode 1548 Job Object Details 1746 % Idle Time 1748 % C1 Time 1750 % C2 Time 1752 % C3 Time 1754 C1 Transitions/sec 1756 C2 Transitions/sec 1758 C3 Transitions/sec 1760 Heap 1762 Committed Bytes 1764 Reserved Bytes 1766 Virtual Bytes 1768 Free Bytes 1770 Free List Length 1772 Avg. alloc rate 1774 Avg. free rate 1776 Uncommitted Ranges Length 1778 Allocs - Frees 1780 Cached Allocs/sec 1782 Cached Frees/sec 1784 Allocs <1K/sec 1786 Frees <1K/sec 1788 Allocs 1-8K/sec 1790 Frees 1-8K/sec 1792 Allocs over 8K/sec 1794 Frees over 8K/sec 1796 Total Allocs/sec 1798 Total Frees/sec 1800 Blocks in Heap Cache 1802 Largest Cache Depth 1804 % Fragmentation 1806 % VAFragmentation 1808 Heap Lock contention 1846 End Marker 1848 RSVP Service 1850 Network Interfaces 1852 Network sockets 1854 Timers 1856 RSVP sessions 1858 QoS clients 1860 QoS-enabled senders 1862 QoS-enabled receivers 1864 Failed QoS requests 1866 Failed QoS sends 1868 QoS notifications 1870 Bytes in QoS notifications 1872 RSVP Interfaces 1874 Signaling bytes received 1876 Signaling bytes sent 1878 PATH messages received 1880 RESV messages received 1882 PATH ERR messages received 1884 RESV ERR messages received 1886 PATH TEAR messages received 1888 RESV TEAR messages received 1890 RESV CONFIRM messages received 1892 PATH messages sent 1894 RESV messages sent 1896 PATH ERR messages sent 1898 RESV ERR messages sent 1900 PATH TEAR messages sent 1902 RESV TEAR messages sent 1904 RESV CONFIRM messages sent 1906 Resource control failures 1908 Policy control failures 1910 General failures 1912 Blocked RESVs 1914 RESV state block timeouts 1916 PATH state block timeouts 1918 Send messages errors - Big messages 1920 Receive messages errors - Big messages 1922 Send messages errors - No memory 1924 Receive messages errors - No memory 1926 Number of incoming messages dropped 1928 Number of outgoing messages dropped 1930 Number of active flows 1932 Reserved bandwidth 1934 Maximum admitted bandwidth 1936 PSched Flow 1938 PSched Pipe 1940 Packets dropped 1942 Packets scheduled 1944 Packets transmitted 1946 Average packets in shaper 1948 Max packets in shaper 1950 Average packets in sequencer 1952 Max packets in sequencer 1954 Bytes scheduled 1956 Bytes transmitted 1958 Bytes transmitted/sec 1960 Bytes scheduled/sec 1962 Packets transmitted/sec 1964 Packets scheduled/sec 1966 Packets dropped/sec 1968 Nonconforming packets scheduled 1970 Nonconforming packets scheduled/sec 1972 Nonconforming packets transmitted 1974 Nonconforming packets transmitted/sec 1976 Maximum Packets in netcard 1978 Average Packets in netcard 1980 Out of packets 1982 Flows opened 1984 Flows closed 1986 Flows rejected 1988 Flows modified 1990 Flow mods rejected 1992 Max simultaneous flows 1994 Nonconforming packets scheduled 1996 Nonconforming packets scheduled/sec 1998 Nonconforming packets transmitted 2000 Nonconforming packets transmitted/sec 2002 Average packets in shaper 2004 Max packets in shaper 2006 Average packets in sequencer 2008 Max packets in sequencer 2010 Max packets in netcard 2012 Average packets in netcard 2014 RAS Port 2016 Bytes Transmitted 2018 Bytes Received 2020 Frames Transmitted 2022 Frames Received 2024 Percent Compression Out 2026 Percent Compression In 2028 CRC Errors 2030 Timeout Errors 2032 Serial Overrun Errors 2034 Alignment Errors 2036 Buffer Overrun Errors 2038 Total Errors 2040 Bytes Transmitted/Sec 2042 Bytes Received/Sec 2044 Frames Transmitted/Sec 2046 Frames Received/Sec 2048 Total Errors/Sec 2050 RAS Total 2052 Total Connections 2054 Terminal Services Session 2056 Input WdBytes 2058 Input WdFrames 2060 Input WaitForOutBuf 2062 Input Frames 2064 Input Bytes 2066 Input Compressed Bytes 2068 Input Compress Flushes 2070 Input Errors 2072 Input Timeouts 2074 Input Async Frame Error 2076 Input Async Overrun 2078 Input Async Overflow 2080 Input Async Parity Error 2082 Input Transport Errors 2084 Output WdBytes 2086 Output WdFrames 2088 Output WaitForOutBuf 2090 Output Frames 2092 Output Bytes 2094 Output Compressed Bytes 2096 Output Compress Flushes 2098 Output Errors 2100 Output Timeouts 2102 Output Async Frame Error 2104 Output Async Overrun 2106 Output Async Overflow 2108 Output Async Parity Error 2110 Output Transport Errors 2112 Total WdBytes 2114 Total WdFrames 2116 Total WaitForOutBuf 2118 Total Frames 2120 Total Bytes 2122 Total Compressed Bytes 2124 Total Compress Flushes 2126 Total Errors 2128 Total Timeouts 2130 Total Async Frame Error 2132 Total Async Overrun 2134 Total Async Overflow 2136 Total Async Parity Error 2138 Total Transport Errors 2140 Total Protocol Cache Reads 2142 Total Protocol Cache Hits 2144 Total Protocol Cache Hit Ratio 2146 Protocol Bitmap Cache Reads 2148 Protocol Bitmap Cache Hits 2150 Protocol Bitmap Cache Hit Ratio 2152 Protocol Glyph Cache Reads 2154 Protocol Glyph Cache Hits 2156 Protocol Glyph Cache Hit Ratio 2158 Protocol Brush Cache Reads 2160 Protocol Brush Cache Hits 2162 Protocol Brush Cache Hit Ratio 2164 Protocol Save Screen Bitmap Cache Reads 2166 Protocol Save Screen Bitmap Cache Hits 2168 Protocol Save Screen Bitmap Cache Hit Ratio 2170 Input Compression Ratio 2172 Output Compression Ratio 2174 Total Compression Ratio 2176 Terminal Services 2178 Total Sessions 2180 Active Sessions 2182 Inactive Sessions 2184 Distributed Transaction Coordinator 2186 Active Transactions 2188 Committed Transactions 2190 Aborted Transactions 2192 In Doubt Transactions 2194 Active Transactions Maximum 2196 Force Committed Transactions 2198 Force Aborted Transactions 2200 Response Time -- Minimum 2202 Response Time -- Average 2204 Response Time -- Maximum 2206 Transactions/sec 2208 Committed Transactions/sec 2210 Aborted Transactions/sec 2218 Indexing Service 2220 Word lists 2222 Saved indexes 2224 Index size (MB) 2226 Files to be indexed 2228 Unique keys 2230 Running queries 2232 Merge progress 2234 # documents indexed 2236 Total # documents 2238 Total # of queries 2240 Deferred for indexing 2242 Indexing Service Filter 2244 Total indexing speed (MB/hr) 2246 Binding time (msec) 2248 Indexing speed (MB/hr) 2250 Http Indexing Service 2252 Cache items 2254 % Cache hits 2256 Total cache accesses 1 2258 % Cache misses 2260 Total cache accesses 2 2262 Active queries 2264 Total queries 2266 Queries per minute 2268 Current requests queued 2270 Total requests rejected 2870 .NET CLR Networking 2872 Connections Established 2874 Bytes Received 2876 Bytes Sent 2878 Datagrams Received 2880 Datagrams Sent 2882 .NET Data Provider for Oracle 2884 HardConnectsPerSecond 2886 HardDisconnectsPerSecond 2888 SoftConnectsPerSecond 2890 SoftDisconnectsPerSecond 2892 NumberOfNonPooledConnections 2894 NumberOfPooledConnections 2896 NumberOfActiveConnectionPoolGroups 2898 NumberOfInactiveConnectionPoolGroups 2900 NumberOfActiveConnectionPools 2902 NumberOfInactiveConnectionPools 2904 NumberOfActiveConnections 2906 NumberOfFreeConnections 2908 NumberOfStasisConnections 2910 NumberOfReclaimedConnections 2912 .NET Data Provider for SqlServer 2914 HardConnectsPerSecond 2916 HardDisconnectsPerSecond 2918 SoftConnectsPerSecond 2920 SoftDisconnectsPerSecond 2922 NumberOfNonPooledConnections 2924 NumberOfPooledConnections 2926 NumberOfActiveConnectionPoolGroups 2928 NumberOfInactiveConnectionPoolGroups 2930 NumberOfActiveConnectionPools 2932 NumberOfInactiveConnectionPools 2934 NumberOfActiveConnections 2936 NumberOfFreeConnections 2938 NumberOfStasisConnections 2940 NumberOfReclaimedConnections 2942 .NET CLR Data 2944 SqlClient: Current # pooled and nonpooled connections 2946 SqlClient: Current # pooled connections 2948 SqlClient: Current # connection pools 2950 SqlClient: Peak # pooled connections 2952 SqlClient: Total # failed connects 2954 SqlClient: Total # failed commands 2956 .NET CLR Memory 2958 # Gen 0 Collections 2960 # Gen 1 Collections 2962 # Gen 2 Collections 2964 Promoted Memory from Gen 0 2966 Promoted Memory from Gen 1 2968 Gen 0 Promoted Bytes/Sec 2970 Gen 1 Promoted Bytes/Sec 2972 Promoted Finalization-Memory from Gen 0 2974 Process ID 2976 Gen 0 heap size 2978 Gen 1 heap size 2980 Gen 2 heap size 2982 Large Object Heap size 2984 Finalization Survivors 2986 # GC Handles 2988 Allocated Bytes/sec 2990 # Induced GC 2992 % Time in GC 2994 Not Displayed 2996 # Bytes in all Heaps 2998 # Total committed Bytes 3000 # Total reserved Bytes 3002 # of Pinned Objects 3004 # of Sink Blocks in use 3006 .NET CLR Loading 3008 Total Classes Loaded 3010 % Time Loading 3012 Assembly Search Length 3014 Total # of Load Failures 3016 Rate of Load Failures 3018 Bytes in Loader Heap 3020 Total appdomains unloaded 3022 Rate of appdomains unloaded 3024 Current Classes Loaded 3026 Rate of Classes Loaded 3028 Current appdomains 3030 Total Appdomains 3032 Rate of appdomains 3034 Current Assemblies 3036 Total Assemblies 3038 Rate of Assemblies 3040 .NET CLR Jit 3042 # of Methods Jitted 3044 # of IL Bytes Jitted 3046 Total # of IL Bytes Jitted 3048 IL Bytes Jitted / sec 3050 Standard Jit Failures 3052 % Time in Jit 3054 Not Displayed 3056 .NET CLR Interop 3058 # of CCWs 3060 # of Stubs 3062 # of marshalling 3064 # of TLB imports / sec 3066 # of TLB exports / sec 3068 .NET CLR LocksAndThreads 3070 Total # of Contentions 3072 Contention Rate / sec 3074 Current Queue Length 3076 Queue Length Peak 3078 Queue Length / sec 3080 # of current logical Threads 3082 # of current physical Threads 3084 # of current recognized threads 3086 # of total recognized threads 3088 rate of recognized threads / sec 3090 .NET CLR Security 3092 Total Runtime Checks 3094 % Time Sig. Authenticating 3096 # Link Time Checks 3098 % Time in RT checks 3100 Not Displayed 3102 Stack Walk Depth 3104 .NET CLR Remoting 3106 Remote Calls/sec 3108 Channels 3110 Context Proxies 3112 Context-Bound Classes Loaded 3114 Context-Bound Objects Alloc / sec 3116 Contexts 3118 Total Remote Calls 3120 .NET CLR Exceptions 3122 # of Exceps Thrown 3124 # of Exceps Thrown / sec 3126 # of Filters / sec 3128 # of Finallys / sec 3130 Throw To Catch Depth / sec 3758 Windows Workflow Foundation 3760 Workflows Created 3762 Workflows Created/sec 3764 Workflows Unloaded 3766 Workflows Unloaded/sec 3768 Workflows Loaded 3770 Workflows Loaded/sec 3772 Workflows Completed 3774 Workflows Completed/sec 3776 Workflows Suspended 3778 Workflows Suspended/sec 3780 Workflows Terminated 3782 Workflows Terminated/sec 3784 Workflows In Memory 3786 Workflows Aborted 3788 Workflows Aborted/sec 3790 Workflows Persisted 3792 Workflows Persisted/sec 3794 Workflows Executing 3796 Workflows Idle/sec 3798 Workflows Runnable 3800 Workflows Pending 3802 ServiceModelEndpoint 3.0.0.0 3804 Calls 3806 Calls Per Second 3808 Calls Outstanding 3810 Calls Failed 3812 Calls Failed Per Second 3814 Calls Faulted 3816 Calls Faulted Per Second 3818 Calls Duration 3820 Calls Duration Base 3822 Transactions Flowed 3824 Transactions Flowed Per Second 3826 Security Validation and Authentication Failures 3828 Security Validation and Authentication Failures Per Second 3830 Security Calls Not Authorized 3832 Security Calls Not Authorized Per Second 3834 Reliable Messaging Sessions Faulted 3836 Reliable Messaging Sessions Faulted Per Second 3838 Reliable Messaging Messages Dropped 3840 Reliable Messaging Messages Dropped Per Second 3842 ServiceModelOperation 3.0.0.0 3844 Calls 3846 Calls Per Second 3848 Calls Outstanding 3850 Calls Failed 3852 Call Failed Per Second 3854 Calls Faulted 3856 Calls Faulted Per Second 3858 Calls Duration 3860 Calls Duration Base 3862 Transactions Flowed 3864 Transactions Flowed Per Second 3866 Security Validation and Authentication Failures 3868 Security Validation and Authentication Failures Per Second 3870 Security Calls Not Authorized 3872 Security Calls Not Authorized Per Second 3874 ServiceModelService 3.0.0.0 3876 Calls 3878 Calls Per Second 3880 Calls Outstanding 3882 Calls Failed 3884 Calls Failed Per Second 3886 Calls Faulted 3888 Calls Faulted Per Second 3890 Calls Duration 3892 Calls Duration Base 3894 Transactions Flowed 3896 Transactions Flowed Per Second 3898 Transacted Operations Committed 3900 Transacted Operations Committed Per Second 3902 Transacted Operations Aborted 3904 Transacted Operations Aborted Per Second 3906 Transacted Operations In Doubt 3908 Transacted Operations In Doubt Per Second 3910 Security Validation and Authentication Failures 3912 Security Validation and Authentication Failures Per Second 3914 Security Calls Not Authorized 3916 Security Calls Not Authorized Per Second 3918 Instances 3920 Instances Created Per Second 3922 Reliable Messaging Sessions Faulted 3924 Reliable Messaging Sessions Faulted Per Second 3926 Reliable Messaging Messages Dropped 3928 Reliable Messaging Messages Dropped Per Second 3930 Queued Poison Messages 3932 Queued Poison Messages Per Second 3934 Queued Messages Rejected 3936 Queued Messages Rejected Per Second 3938 Queued Messages Dropped 3940 Queued Messages Dropped Per Second 3942 SMSvcHost 3.0.0.0 3944 Protocol Failures over net.tcp 3946 Protocol Failures over net.pipe 3948 Dispatch Failures over net.tcp 3950 Dispatch Failures over net.pipe 3952 Connections Dispatched over net.tcp 3954 Connections Dispatched over net.pipe 3956 Connections Accepted over net.tcp 3958 Connections Accepted over net.pipe 3960 Registrations Active for net.tcp 3962 Registrations Active for net.pipe 3964 Uris Registered for net.tcp 3966 Uris Registered for net.pipe 3968 Uris Unregistered for net.tcp 3970 Uris Unregistered for net.pipe 3972 MSDTC Bridge 3.0.0.0 3974 Message send failures/sec 3976 Prepare retry count/sec 3978 Commit retry count/sec 3980 Prepared retry count/sec 3982 Replay retry count/sec 3984 Faults received count/sec 3986 Faults sent count/sec 3988 Average participant prepare response time 3990 Average participant prepare response time Base 3992 Average participant commit response time 3994 Average participant commit response time Base 4622 ASP.NET State Service 4828 State Server Sessions Active 4830 State Server Sessions Abandoned 4832 State Server Sessions Timed Out 4834 State Server Sessions Total 4836 ASP.NET v2.0.50727 4838 ASP.NET Apps v2.0.50727 4840 Application Restarts 4842 Applications Running 4844 Requests Disconnected 4846 Request Execution Time 4848 Requests Rejected 4850 Requests Queued 4852 Worker Processes Running 4854 Worker Process Restarts 4856 Request Wait Time 4858 State Server Sessions Active 4860 State Server Sessions Abandoned 4862 State Server Sessions Timed Out 4864 State Server Sessions Total 4866 Requests Current 4868 Audit Success Events Raised 4870 Audit Failure Events Raised 4872 Error Events Raised 4874 Request Error Events Raised 4876 Infrastructure Error Events Raised 4878 Anonymous Requests 4880 Anonymous Requests/Sec 4882 Cache Total Entries 4884 Cache Total Turnover Rate 4886 Cache Total Hits 4888 Cache Total Misses 4890 Cache Total Hit Ratio 4892 Cache Total Hit Ratio Base 4894 Cache API Entries 4896 Cache API Turnover Rate 4898 Cache API Hits 4900 Cache API Misses 4902 Cache API Hit Ratio 4904 Cache API Hit Ratio Base 4906 Output Cache Entries 4908 Output Cache Turnover Rate 4910 Output Cache Hits 4912 Output Cache Misses 4914 Output Cache Hit Ratio 4916 Output Cache Hit Ratio Base 4918 Compilations Total 4920 Debugging Requests 4922 Errors During Preprocessing 4924 Errors During Compilation 4926 Errors During Execution 4928 Errors Unhandled During Execution 4930 Errors Unhandled During Execution/Sec 4932 Errors Total 4934 Errors Total/Sec 4936 Pipeline Instance Count 4938 Request Bytes In Total 4940 Request Bytes Out Total 4942 Requests Executing 4944 Requests Failed 4946 Requests Not Found 4948 Requests Not Authorized 4950 Requests In Application Queue 4952 Requests Timed Out 4954 Requests Succeeded 4956 Requests Total 4958 Requests/Sec 4960 Sessions Active 4962 Sessions Abandoned 4964 Sessions Timed Out 4966 Sessions Total 4968 Transactions Aborted 4970 Transactions Committed 4972 Transactions Pending 4974 Transactions Total 4976 Transactions/Sec 4978 Session State Server connections total 4980 Session SQL Server connections total 4982 Events Raised 4984 Events Raised/Sec 4986 Application Lifetime Events 4988 Application Lifetime Events/Sec 4990 Error Events Raised 4992 Error Events Raised/Sec 4994 Request Error Events Raised 4996 Request Error Events Raised/Sec 4998 Infrastructure Error Events Raised 5000 Infrastructure Error Events Raised/Sec 5002 Request Events Raised 5004 Request Events Raised/Sec 5006 Audit Success Events Raised 5008 Audit Failure Events Raised 5010 Membership Authentication Success 5012 Membership Authentication Failure 5014 Forms Authentication Success 5016 Forms Authentication Failure 5018 Viewstate MAC Validation Failure 5020 Request Execution Time 5022 Requests Disconnected 5024 Requests Rejected 5026 Request Wait Time 5028 Cache % Machine Memory Limit Used 5030 Cache % Machine Memory Limit Used Base 5032 Cache % Process Memory Limit Used 5034 Cache % Process Memory Limit Used Base 5036 Cache Total Trims 5038 Cache API Trims 5040 Output Cache Trims 5042 ASP.NET 5044 ASP.NET Applications 5046 Application Restarts 5048 Applications Running 5050 Requests Disconnected 5052 Request Execution Time 5054 Requests Rejected 5056 Requests Queued 5058 Worker Processes Running 5060 Worker Process Restarts 5062 Request Wait Time 5064 State Server Sessions Active 5066 State Server Sessions Abandoned 5068 State Server Sessions Timed Out 5070 State Server Sessions Total 5072 Requests Current 5074 Audit Success Events Raised 5076 Audit Failure Events Raised 5078 Error Events Raised 5080 Request Error Events Raised 5082 Infrastructure Error Events Raised 5084 Anonymous Requests 5086 Anonymous Requests/Sec 5088 Cache Total Entries 5090 Cache Total Turnover Rate 5092 Cache Total Hits 5094 Cache Total Misses 5096 Cache Total Hit Ratio 5098 Cache Total Hit Ratio Base 5100 Cache API Entries 5102 Cache API Turnover Rate 5104 Cache API Hits 5106 Cache API Misses 5108 Cache API Hit Ratio 5110 Cache API Hit Ratio Base 5112 Output Cache Entries 5114 Output Cache Turnover Rate 5116 Output Cache Hits 5118 Output Cache Misses 5120 Output Cache Hit Ratio 5122 Output Cache Hit Ratio Base 5124 Compilations Total 5126 Debugging Requests 5128 Errors During Preprocessing 5130 Errors During Compilation 5132 Errors During Execution 5134 Errors Unhandled During Execution 5136 Errors Unhandled During Execution/Sec 5138 Errors Total 5140 Errors Total/Sec 5142 Pipeline Instance Count 5144 Request Bytes In Total 5146 Request Bytes Out Total 5148 Requests Executing 5150 Requests Failed 5152 Requests Not Found 5154 Requests Not Authorized 5156 Requests In Application Queue 5158 Requests Timed Out 5160 Requests Succeeded 5162 Requests Total 5164 Requests/Sec 5166 Sessions Active 5168 Sessions Abandoned 5170 Sessions Timed Out 5172 Sessions Total 5174 Transactions Aborted 5176 Transactions Committed 5178 Transactions Pending 5180 Transactions Total 5182 Transactions/Sec 5184 Session State Server connections total 5186 Session SQL Server connections total 5188 Events Raised 5190 Events Raised/Sec 5192 Application Lifetime Events 5194 Application Lifetime Events/Sec 5196 Error Events Raised 5198 Error Events Raised/Sec 5200 Request Error Events Raised 5202 Request Error Events Raised/Sec 5204 Infrastructure Error Events Raised 5206 Infrastructure Error Events Raised/Sec 5208 Request Events Raised 5210 Request Events Raised/Sec 5212 Audit Success Events Raised 5214 Audit Failure Events Raised 5216 Membership Authentication Success 5218 Membership Authentication Failure 5220 Forms Authentication Success 5222 Forms Authentication Failure 5224 Viewstate MAC Validation Failure 5226 Request Execution Time 5228 Requests Disconnected 5230 Requests Rejected 5232 Request Wait Time 5234 Cache % Machine Memory Limit Used 5236 Cache % Machine Memory Limit Used Base 5238 Cache % Process Memory Limit Used 5240 Cache % Process Memory Limit Used Base 5242 Cache Total Trims 5244 Cache API Trims 5246 Output Cache Trims 5248 WMI Objects 5250 HiPerf Classes 5252 HiPerf Validity 5254 ProcessorPerformance 5256 frequency 5258 percentage 5260 power"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Alaskan Standard Time]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Alaskan Standard Time]
"Display"="(GMT-09:00) Alaska"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Alaskan Standard Time]
"Display"="(GMT-09:00) Alaska"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Alaskan Standard Time]
"Display"="(GMT-09:00) Alaska"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Alaskan Standard Time]
"Display"="(GMT-09:00) Alaska"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Arabian Standard Time]
"Display"="(GMT+04:00) Abu Dabi, Maskat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Arabian Standard Time]
"Display"="(GMT+04:00) Abu Dabi, Maskat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Arabian Standard Time]
"Display"="(GMT+04:00) Abu Dabi, Maskat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Arabian Standard Time]
"Display"="(GMT+04:00) Abu Dabi, Maskat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Canada Central Standard Time]
"Display"="(GMT-06:00) Saskatchewan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Canada Central Standard Time]
"Display"="(GMT-06:00) Saskatchewan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Canada Central Standard Time]
"Display"="(GMT-06:00) Saskatchewan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Canada Central Standard Time]
"Display"="(GMT-06:00) Saskatchewan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp\Parameters\Options\1]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpSubnetMaskOpt SYSTEM\CurrentControlSet\Services\?\Parameters\Tcpip\DhcpSubnetMaskOpt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Dhcp\Parameters\Options\1]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpSubnetMaskOpt SYSTEM\CurrentControlSet\Services\?\Parameters\Tcpip\DhcpSubnetMaskOpt"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters\Options\1]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpSubnetMaskOpt SYSTEM\CurrentControlSet\Services\?\Parameters\Tcpip\DhcpSubnetMaskOpt"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Tasks]
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-19\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-20\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Adobe\Acrobat Reader\7.0\AVGeneral\cToolbars\cTasks]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Adobe\Acrobat Reader\7.0\TaskButtons]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Feeds]
"SyncTask"="User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
"DisplayName"="Ask Search"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\MediaPlayer\Player\Tasks]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\MM20\Task Pane Settings]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Office\12.0\SharePoint Designer\Task pane]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Shared Tools\Outlook\Journaling\Task]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Request]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Shared Tools\Outlook\Journaling\Task Response]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\TaskbarAnimations]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"AskTB5.6"=""
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Classes\Applications\avgtray.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Classes\Applications\avgui.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003_Classes\Applications\avgtray.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003_Classes\Applications\avgui.exe]
"TaskbarGroupIcon"="C:\Program Files\AVG\AVG8\AVGUIRES.DLL,-128"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Control Panel\Desktop]
"AutoEndTasks"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Tasks]

-=End Of File=-[/log]

LOG OTL: [log]OTL logfile created on: 2010-05-23 19:45:23 - Run 3
OTL by OldTimer - Version 3.2.5.0 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,72 Gb Free Space | 24,15% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 2,61 Gb Free Space | 2,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,72 Gb Total Space | 2,41 Gb Free Space | 64,68% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-9D972C9BFC7
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-04-22 20:32:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-05 22:45:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-19 10:57:15 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-14 11:17:48 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-08-05 19:03:50 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009-08-05 08:37:32 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-05 08:37:32 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-05 08:37:31 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-07-13 14:02:50 | 000,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- D:\Program Files\Winamp\winampa.exe
PRC - [2009-06-05 11:48:14 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-05-21 08:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- D:\Program Files\Opera\opera.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-12-12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-11-16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007-11-15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001-10-29 22:29:59 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-25 00:58:01 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice)
DRV - [2009-08-05 08:37:53 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-08-05 08:37:49 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-05 08:37:48 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-14 20:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-06-02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-04-24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ambfilt.sys -- (Ambfilt)
DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-02-23 04:07:34 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys -- (AIDA32Driver)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 17:43:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-05 15:40:41 | 000,000,000 | ---D | M]

[2009-08-06 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-05-23 17:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions
[2009-09-02 20:36:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-03 10:22:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-02-25 12:03:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-03 10:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\firefox@tvunetworks.com
[2010-02-06 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\searchrecs@veoh.com
[2010-02-09 23:23:38 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\Search.xml
[2010-05-23 15:47:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-09 23:23:36 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}
[2010-04-22 20:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-22 20:32:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (gwprimawega) - {a483fff4-4066-100c-fe35-a21f44ce74f8} - C:\WINDOWS\System32\-uM5m-M_.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 212.76.39.205
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-12 20:46:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:27 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:28 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-04 12:46:28 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-05-23 18:59:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\UserData
[2010-05-23 10:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-05-23 10:01:34 | 000,000,000 | ---D | C] -- C:\rsit
[2010-05-23 09:22:27 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-05-16 15:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2010-05-14 17:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\JJJ
[2010-05-09 19:40:58 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010-05-09 19:40:58 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010-05-09 19:40:58 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010-05-09 19:40:58 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010-05-09 19:40:56 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010-05-09 19:40:55 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010-05-09 19:40:55 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010-05-09 19:40:54 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010-05-09 19:40:54 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010-05-09 19:40:54 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010-05-09 19:40:53 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010-05-09 19:40:52 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010-05-09 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2010-05-09 12:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help
[2010-05-07 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\gegl-0.0
[2010-05-07 16:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-05-05 15:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-05-05 15:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-05-05 15:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
[2010-05-05 15:35:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-02 18:44:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010-05-02 18:44:36 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job
[2010-05-23 19:49:17 | 000,741,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2010-05-23 18:51:01 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-05-23 18:49:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-23 18:49:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-23 18:48:14 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-05-23 18:48:14 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-05-23 18:38:52 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-23 18:38:07 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010-05-23 17:47:40 | 060,300,038 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-05-23 15:36:45 | 000,478,720 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\lol.doc
[2010-05-23 13:52:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-22 22:42:59 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-05-22 10:07:36 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:49:43 | 000,545,830 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:42 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 17:15:33 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:45 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 23:09:03 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-17 09:12:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-16 21:02:18 | 000,002,150 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-05-16 20:56:59 | 000,000,329 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-16 14:37:47 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-14 15:05:39 | 000,047,488 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-14 09:19:27 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-12 18:07:46 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 23:37:20 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\bash.org.doc
[2010-05-11 18:45:33 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-11 17:47:10 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | M] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 15:11:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 10:33:25 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iTunes.lnk
[2010-05-07 19:28:53 | 000,096,628 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-07 10:19:29 | 061,321,734 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-06 19:14:24 | 057,962,610 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-06 11:48:49 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-06 10:07:58 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\question.doc
[2010-05-05 12:59:36 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-04-28 16:37:28 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 21:36:20 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-27 19:45:33 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-24 20:02:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ts.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-22 10:07:36 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:48:52 | 000,545,830 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:41 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 15:14:30 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:44 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-16 14:37:47 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-12 15:31:32 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 18:19:17 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 12:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 12:04:45 | 000,000,329 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-09 11:52:13 | 000,002,150 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-05-07 19:28:53 | 000,096,628 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-06 11:48:49 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-05 12:59:35 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-05-05 10:11:14 | 061,321,734 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-05 10:00:49 | 057,962,610 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-02 12:34:06 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-04-29 15:24:02 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-04-28 16:08:05 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 19:34:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-27 16:36:10 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-25 10:48:13 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-04-24 20:00:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ts.doc
[2010-04-05 23:11:31 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll
[2010-01-29 12:09:55 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2009-09-14 10:58:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-09-06 18:38:42 | 000,000,472 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2009-08-08 12:45:59 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-07 08:22:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009-08-06 22:44:52 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-06 21:15:56 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009-08-06 19:15:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-05 08:39:59 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-04 13:58:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-24 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla
[2010-05-21 17:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2009-08-05 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
[2009-08-19 18:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-05-22 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
[2010-05-18 23:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2010-04-05 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\devede
[2010-05-10 15:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
[2010-04-03 12:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\ipla
[2009-09-06 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\iScreensaver
[2009-08-17 15:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-17 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\OpenFM
[2009-08-07 20:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2009-08-27 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thinstall
[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-08-04 12:39:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-05-23 18:49:27 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0123\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0124\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

LOG RSIT: [log]Logfile of random's system information tool 1.07 (written by random/random)
Run by user at 2010-05-23 19:52:40
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 5 GB (24%) free of 20 GB
Total RAM: 2046 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:45, on 2010-05-23
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
D:\Program Files\Winamp\winampa.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: gwprimawega - {a483fff4-4066-100c-fe35-a21f44ce74f8} - C:\WINDOWS\system32\-uM5m-M_.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8516 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a483fff4-4066-100c-fe35-a21f44ce74f8}]
gwprimawega - C:\WINDOWS\system32\-uM5m-M_.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-08-05 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-03-19 2046816]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-10-29 196608]
"WinampAgent"=D:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2007-11-15 2850816]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2007-11-16 90112]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-05 39408]

C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-05 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Documents and Settings\Joker\Pulpit\Ares.exe"="C:\Documents and Settings\Joker\Pulpit\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe"="C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\TVUPlayer\TVUPlayer.exe"="D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe"="D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-05-23 10:01:35 ----D---- C:\Program Files\trend micro
2010-05-23 10:01:34 ----DC---- C:\rsit
2010-05-23 09:22:27 ----RASHDC---- C:\autorun.inf
2010-05-16 15:09:37 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
2010-05-12 12:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxinsa64.exe
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxcpya64.exe
2010-05-09 19:40:56 ----C---- C:\WINDOWS\system32\pxhpinst.exe
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxsfs.dll
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxafs.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\vxblock.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxwave.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxdrv.dll
2010-05-09 19:40:53 ----C---- C:\WINDOWS\system32\pxmas.dll
2010-05-09 19:40:52 ----C---- C:\WINDOWS\system32\px.dll
2010-05-09 19:40:47 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Winamp
2010-05-09 12:04:45 ----AC---- C:\WINDOWS\wcx_ftp.ini
2010-05-09 11:52:59 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Help
2010-05-09 11:52:13 ----AC---- C:\WINDOWS\WINCMD.INI
2010-05-07 16:22:12 ----D---- C:\Program Files\GIMP-2.0
2010-05-05 15:38:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-05-05 15:36:36 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
2010-05-05 15:35:27 ----RHDC---- C:\MSOCache
2010-05-02 18:44:36 ----AC---- C:\WINDOWS\system32\mpg4c32.dll

======List of files/folders modified in the last 1 months======

2010-05-23 19:43:51 ----DC---- C:\WINDOWS\Temp
2010-05-23 19:11:00 ----SDC---- C:\WINDOWS\Tasks
2010-05-23 18:48:16 ----AC---- C:\WINDOWS\SchedLgU.Txt
2010-05-23 18:43:07 ----RD---- C:\Program Files
2010-05-23 18:43:06 ----DC---- C:\WINDOWS\system32
2010-05-23 18:38:07 ----AC---- C:\WINDOWS\system32\Dvbpws.dll
2010-05-23 18:07:36 ----SHDC---- C:\WINDOWS\Installer
2010-05-23 18:07:33 ----SHDC---- C:\Config.Msi
2010-05-23 13:52:39 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-05-23 09:55:25 ----DC---- C:\WINDOWS
2010-05-23 09:43:05 ----RSDC---- C:\WINDOWS\Fonts
2010-05-23 09:42:21 ----DC---- C:\WINDOWS\WinSxS
2010-05-23 09:22:05 ----DC---- C:\WINDOWS\Prefetch
2010-05-22 20:21:13 ----DC---- C:\Documents and Settings\user\Dane aplikacji\vlc
2010-05-22 20:21:08 ----DC---- C:\Documents and Settings\user\Dane aplikacji\dvdcss
2010-05-22 18:44:50 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
2010-05-21 21:26:02 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\avg8
2010-05-21 21:25:38 ----SHD---- C:\System Volume Information
2010-05-21 21:25:38 ----DC---- C:\WINDOWS\system32\Restore
2010-05-21 19:10:08 ----HDC---- C:\$AVG8.VAULT$
2010-05-20 22:48:40 ----D---- C:\Program Files\Nowe Gadu-Gadu
2010-05-18 23:10:48 ----DC---- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
2010-05-15 18:04:40 ----SDC---- C:\Documents and Settings\user\Dane aplikacji\Microsoft
2010-05-12 18:22:35 ----HDC---- C:\WINDOWS\inf
2010-05-12 18:22:34 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-05-12 12:09:27 ----DC---- C:\WINDOWS\system32\dllcache
2010-05-12 12:09:27 ----D---- C:\Program Files\Outlook Express
2010-05-12 10:10:50 ----HDC---- C:\WINDOWS\$hf_mig$
2010-05-10 15:35:51 ----DC---- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
2010-05-09 19:40:59 ----DC---- C:\WINDOWS\system32\drivers
2010-05-09 11:52:59 ----DC---- C:\totalcmd
2010-05-09 10:58:49 ----DC---- C:\WINDOWS\system32\CatRoot
2010-05-09 10:44:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-09 10:20:25 ----D---- C:\Program Files\Common Files
2010-05-09 10:17:47 ----D---- C:\Program Files\Common Files\Nero
2010-05-09 10:15:09 ----D---- C:\Program Files\Nero
2010-05-05 16:09:10 ----DC---- C:\WINDOWS\Microsoft.NET
2010-05-05 15:41:55 ----RSDC---- C:\WINDOWS\assembly
2010-05-05 15:40:54 ----DC---- C:\WINDOWS\system32\config
2010-05-05 15:40:41 ----D---- C:\Program Files\Microsoft Works
2010-05-05 15:39:58 ----D---- C:\Program Files\Microsoft Office
2010-05-05 15:39:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-30 20:51:06 ----AC---- C:\WINDOWS\system32\MRT.exe
2010-04-30 16:11:35 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-05 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-05 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-08-05 108552]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\WINDOWS\system32\drivers\wfeaglxt.sys [2008-12-25 433792]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ddsxeiservice;ddsxeiservice2; \??\C:\Program Files\sXe Injected\ddsxei.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-05 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-05 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-14 135664]
S2 zrbhcp;Microsoft Universal; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-05 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Do notatnika:

[code]Windows Registry Editor Version 5.00
[ -HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
[ -HKEY_USERS\S-1-5-21-1292428093-1326574676-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}][/code]
Zapisz jako fix.reg. ...



Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b]
W polu input script here wklej taki tekst (bez frazy kod):
[code]
Files to delete:
C:\Program Files\Ask.com
C:\Program Files\SopCast\adv\SopAdver.exe
C:\Program Files\SopCast\SopCast.exe
C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

Folders to delete:
C:\Program Files\SopCast
C:\Program Files\Veoh Networks

Registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} |GenericAskToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a483fff4-4066-100c-fe35-a21f44ce74f8}

Registry values to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\0\win32 | C:\Program Files\Ask.com\GenericAskToolbar.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\HELPDIR | C:\Program Files\Ask.com
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list | C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list | C:\Program Files\SopCast\adv\SopAdver.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list | C:\Program Files\SopCast\SopCast.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list | C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[/code]

Klikasz execute, komputer uruchamia się ponownie.

Nastepnie nowe logi RSIT i OTL oraz raport z Avenger'a.

  • Dobra wypowiedź 1
f430
komentarz
komentarz

Wystąpiły jakieś błędy, zreszta jak widać: Avenger [log] //////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sun May 23 21:28:13 2010

21:28:07: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:28:11: Error: Invalid registry syntax in command:
"list|C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
21:28:13: Error: Execution aborted by user!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sun May 23 21:31:43 2010

21:30:53: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:31:40: Error: Invalid registry syntax in command:
"list|C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
21:31:43: Error: Execution aborted by user!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sun May 23 21:34:12 2010

21:34:11: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:34:12: Error: Execution aborted by user!


//////////////////////////////////////////


//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sun May 23 21:36:30 2010

21:36:16: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:36:23: Error: Invalid registry syntax in command:
"list|C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
21:36:24: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:36:24: Error: Invalid registry syntax in command:
"list|C:\Program Files\SopCast\adv\SopAdver.exe"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
21:36:25: Error: Invalid syntax in command:
"HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\"
Skipping line. (Registry value deletion mode)
21:36:26: Error: Invalid registry syntax in command:
"list|C:\Program Files\SopCast\SopCast.exe"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "C:\Program Files\Ask.com" not found!
Deletion of file "C:\Program Files\Ask.com" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "C:\Program Files\SopCast\adv\SopAdver.exe"
Deletion of file "C:\Program Files\SopCast\adv\SopAdver.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "C:\Program Files\SopCast\SopCast.exe"
Deletion of file "C:\Program Files\SopCast\SopCast.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe"
Deletion of file "C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: folder "C:\Program Files\SopCast" not found!
Deletion of folder "C:\Program Files\SopCast" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "C:\Program Files\Veoh Networks" not found!
Deletion of folder "C:\Program Files\Veoh Networks" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry value "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list|C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" deleted successfully.
Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL" deleted successfully.

Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} |GenericAskToolbar" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} |GenericAskToolbar" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd" deleted successfully.

Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\CurVer" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\CurVer" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1" deleted successfully.
Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a483fff4-4066-100c-fe35-a21f44ce74f8}" deleted successfully.

Error: could not delete registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\0\win32|C:\Program Files\Ask.com\GenericAskToolbar.dll"
Deletion of registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\0\win32|C:\Program Files\Ask.com\GenericAskToolbar.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\HELPDIR|C:\Program Files\Ask.com"
Deletion of registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}\1.0\HELPDIR|C:\Program Files\Ask.com" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.
[/log]

OTl: [log]OTL logfile created on: 2010-05-23 21:46:20 - Run 4
OTL by OldTimer - Version 3.2.5.0 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,69 Gb Free Space | 24,00% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 2,40 Gb Free Space | 1,85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-9D972C9BFC7
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-04-22 20:32:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-05 22:45:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-19 10:57:15 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-14 11:17:48 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-08-05 08:37:32 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-05 08:37:32 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-05 08:37:31 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-07-13 14:03:10 | 000,292,128 | ---- | M] (Apple Inc.) -- D:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009-07-13 14:02:50 | 000,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- D:\Program Files\Winamp\winampa.exe
PRC - [2009-06-05 11:48:14 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-05-21 08:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-12-12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-11-16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007-11-15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001-10-29 22:29:59 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-05-22 15:28:08 | 000,571,904 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-08-05 08:37:28 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-05 08:37:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-25 00:58:01 | 000,091,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\sXe Injected\ddsxei.sys -- (ddsxeiservice)
DRV - [2009-08-05 08:37:53 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-08-05 08:37:49 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-05 08:37:48 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-14 20:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-06-02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-04-24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)
DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ambfilt.sys -- (Ambfilt)
DRV - [2008-04-14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-02-23 04:07:34 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys -- (AIDA32Driver)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 17:43:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-05 15:40:41 | 000,000,000 | ---D | M]

[2009-08-06 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2010-05-23 17:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions
[2009-09-02 20:36:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-03 10:22:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-02-25 12:03:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-03 10:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\firefox@tvunetworks.com
[2010-02-06 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\extensions\searchrecs@veoh.com
[2010-02-09 23:23:38 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\tyk2b4ej.default\searchplugins\Search.xml
[2010-05-23 15:47:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-09 23:23:36 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{8fefcb16-cab7-ad5d-a6a4-59b7d57b1f4f}
[2010-04-22 20:32:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-22 20:32:13 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.211 212.76.39.205
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Pulpit\gf.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-12 20:46:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:27 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-23 09:22:28 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-04 12:46:28 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-05-23 21:37:21 | 000,000,000 | ---D | C] -- C:\Avenger
[2010-05-23 18:59:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\UserData
[2010-05-23 10:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-05-23 10:01:34 | 000,000,000 | ---D | C] -- C:\rsit
[2010-05-23 09:22:27 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-05-16 15:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2010-05-14 17:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\JJJ
[2010-05-09 19:40:58 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010-05-09 19:40:58 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010-05-09 19:40:58 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010-05-09 19:40:58 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010-05-09 19:40:56 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010-05-09 19:40:55 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010-05-09 19:40:55 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010-05-09 19:40:54 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010-05-09 19:40:54 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010-05-09 19:40:54 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010-05-09 19:40:53 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010-05-09 19:40:52 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010-05-09 19:40:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2010-05-09 12:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Help
[2010-05-09 11:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Help
[2010-05-07 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\gegl-0.0
[2010-05-07 16:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010-05-05 15:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-05-05 15:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-05-05 15:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
[2010-05-05 15:35:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-02 18:44:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010-05-02 18:44:36 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job
[2010-05-23 21:50:20 | 000,741,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2010-05-23 21:38:14 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-05-23 21:38:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-23 21:38:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-23 21:36:41 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010-05-23 21:36:41 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010-05-23 20:24:11 | 000,087,040 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-23 20:12:41 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-23 18:38:07 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010-05-23 17:47:40 | 060,300,038 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-05-23 15:36:45 | 000,478,720 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\lol.doc
[2010-05-22 22:42:59 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-05-22 10:07:36 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:49:43 | 000,545,830 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:42 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 17:15:33 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:45 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 23:09:03 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-17 09:12:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-16 21:02:18 | 000,002,150 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010-05-16 20:56:59 | 000,000,329 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-16 14:37:47 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-14 15:05:39 | 000,047,488 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-14 09:19:27 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-12 18:07:46 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 23:37:20 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\bash.org.doc
[2010-05-11 18:45:33 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-11 17:47:10 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | M] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 15:11:25 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 10:33:25 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iTunes.lnk
[2010-05-07 19:28:53 | 000,096,628 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-07 10:19:29 | 061,321,734 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-06 19:14:24 | 057,962,610 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-06 11:48:49 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-06 10:07:58 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\question.doc
[2010-05-05 12:59:36 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-04-28 16:37:28 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 21:36:20 | 000,048,128 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-27 19:45:33 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-24 20:02:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ts.doc

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-22 10:07:36 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\FIX.REG
[2010-05-21 10:56:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\SDFGH.doc
[2010-05-20 22:48:52 | 000,545,830 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zzzz.jpg
[2010-05-20 16:29:41 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\2.doc
[2010-05-20 16:00:55 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\zeromski_ludzie.pdf
[2010-05-20 16:00:20 | 000,117,905 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\zeromski_ludzie.pdf
[2010-05-19 15:14:30 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\PO spr.doc
[2010-05-18 11:53:44 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\swiet.doc
[2010-05-17 21:28:01 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\hist.doc
[2010-05-16 14:37:47 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Earth.lnk
[2010-05-15 15:58:04 | 000,015,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\PRZEMIANY PROZY W OKRESIE M.docx
[2010-05-12 15:31:32 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\niemiecki.doc
[2010-05-11 18:19:17 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\niemiexcki.doc
[2010-05-10 15:38:16 | 000,005,425 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2010-05-09 19:41:36 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Winamp.lnk
[2010-05-09 12:51:25 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\ftp.doc
[2010-05-09 12:04:45 | 000,000,329 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-05-09 11:52:13 | 000,002,150 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010-05-07 19:28:53 | 000,096,628 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\winamp playlist.m3u
[2010-05-07 16:22:31 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\GIMP 2.lnk
[2010-05-06 11:48:49 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\DANE KONTA WWW.doc
[2010-05-05 12:59:35 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Odtwarzacze typu iPod są w stanie wygenerować dźwięk o 15 dB przewyższający odgłos młota pneumatycznego i o 5 dB hałas startującego samolotu.doc
[2010-05-05 10:11:14 | 061,321,734 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\map usa PB.bmp
[2010-05-05 10:00:49 | 057,962,610 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\map usa.bmp
[2010-05-02 12:34:06 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\fg.doc
[2010-04-29 15:24:02 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Jugend von heute.doc
[2010-04-28 16:08:05 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\die Ablehnung.doc
[2010-04-27 19:34:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Bibliografia.doc
[2010-04-27 16:36:10 | 000,048,128 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\Rola kobiety w kulturze.doc
[2010-04-25 10:48:13 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ang.doc
[2010-04-24 20:00:00 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ts.doc
[2010-04-05 23:11:31 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll
[2010-01-29 12:09:55 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\egcvktlt.sys
[2009-09-14 10:58:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-09-06 18:38:42 | 000,000,472 | ---- | C] () -- C:\WINDOWS\iScreensaver.ini
[2009-08-08 12:45:59 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009-08-07 19:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-08-07 08:22:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009-08-06 22:44:52 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-06 21:15:56 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009-08-06 19:15:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-05 08:39:59 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-04 13:58:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-03-24 10:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla
[2010-05-21 17:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
[2009-08-05 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
[2009-08-19 18:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-05-22 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
[2010-05-18 23:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2010-04-05 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\devede
[2010-05-10 15:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
[2010-04-03 12:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\ipla
[2009-09-06 18:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\iScreensaver
[2009-08-17 15:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-17 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\OpenFM
[2009-08-07 20:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Opera
[2009-08-27 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thinstall
[2010-11-03 08:08:01 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-23 21:44:45 | 000,001,138 | ---- | M] () -- C:\avenger
[2009-08-04 12:39:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-08-12 20:46:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-12 20:46:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-05-23 21:38:01 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\ReinstallBackups\0123\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\ReinstallBackups\0124\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\System32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\System32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\drivers\cdrom.sys
[2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\System32\dllcache\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\System32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\System32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\System32\winlogon.exe
< End of report >
[/log]

RSIT: [log]Logfile of random's system information tool 1.07 (written by random/random)
Run by user at 2010-05-23 21:53:45
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 5 GB (24%) free of 20 GB
Total RAM: 2046 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:50, on 2010-05-23
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
D:\Program Files\Winamp\winampa.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\WINDOWS\notepad.exe
D:\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249461463000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8355 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{D2C91241-EBD4-49FE-BC48-D201B9C27D30}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-08-05 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-08-05 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-03-19 2046816]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-10-29 196608]
"WinampAgent"=D:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2007-11-15 2850816]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2007-11-16 90112]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-05 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Documents and Settings\Joker\Pulpit\Ares.exe"="C:\Documents and Settings\Joker\Pulpit\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe"="C:\Documents and Settings\user\Pulpit\JOANNA\Ares.exe:*:Enabled:Ares p2p for windows"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\TVUPlayer\TVUPlayer.exe"="D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe"="D:\JOANNA\Aplikacje\muzyka 1\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-05-23 21:44:45 ----AC---- C:\avenger.txt
2010-05-23 21:37:21 ----DC---- C:\Avenger
2010-05-23 10:01:35 ----D---- C:\Program Files\trend micro
2010-05-23 10:01:34 ----DC---- C:\rsit
2010-05-23 09:22:27 ----RASHDC---- C:\autorun.inf
2010-05-16 15:09:37 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\OpenFM
2010-05-12 12:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxinsa64.exe
2010-05-09 19:40:58 ----C---- C:\WINDOWS\system32\pxcpya64.exe
2010-05-09 19:40:56 ----C---- C:\WINDOWS\system32\pxhpinst.exe
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxsfs.dll
2010-05-09 19:40:55 ----C---- C:\WINDOWS\system32\pxafs.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\vxblock.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxwave.dll
2010-05-09 19:40:54 ----C---- C:\WINDOWS\system32\pxdrv.dll
2010-05-09 19:40:53 ----C---- C:\WINDOWS\system32\pxmas.dll
2010-05-09 19:40:52 ----C---- C:\WINDOWS\system32\px.dll
2010-05-09 19:40:47 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Winamp
2010-05-09 12:04:45 ----AC---- C:\WINDOWS\wcx_ftp.ini
2010-05-09 11:52:59 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Help
2010-05-09 11:52:13 ----AC---- C:\WINDOWS\WINCMD.INI
2010-05-07 16:22:12 ----D---- C:\Program Files\GIMP-2.0
2010-05-05 15:38:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-05-05 15:36:36 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
2010-05-05 15:35:27 ----RHDC---- C:\MSOCache
2010-05-02 18:44:36 ----AC---- C:\WINDOWS\system32\mpg4c32.dll

======List of files/folders modified in the last 1 months======

2010-05-23 21:50:09 ----DC---- C:\WINDOWS\Temp
2010-05-23 21:44:45 ----DC---- C:\WINDOWS
2010-05-23 21:37:21 ----DC---- C:\WINDOWS\system32\drivers
2010-05-23 21:36:45 ----AC---- C:\WINDOWS\SchedLgU.Txt
2010-05-23 21:31:43 ----RD---- C:\Program Files
2010-05-23 21:28:13 ----DC---- C:\WINDOWS\system32
2010-05-23 20:12:41 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-05-23 19:11:00 ----SDC---- C:\WINDOWS\Tasks
2010-05-23 18:38:07 ----AC---- C:\WINDOWS\system32\Dvbpws.dll
2010-05-23 18:07:36 ----SHDC---- C:\WINDOWS\Installer
2010-05-23 18:07:33 ----SHDC---- C:\Config.Msi
2010-05-23 09:43:05 ----RSDC---- C:\WINDOWS\Fonts
2010-05-23 09:42:21 ----DC---- C:\WINDOWS\WinSxS
2010-05-23 09:22:05 ----DC---- C:\WINDOWS\Prefetch
2010-05-22 20:21:13 ----DC---- C:\Documents and Settings\user\Dane aplikacji\vlc
2010-05-22 20:21:08 ----DC---- C:\Documents and Settings\user\Dane aplikacji\dvdcss
2010-05-22 18:44:50 ----DC---- C:\Documents and Settings\user\Dane aplikacji\Any Video Converter
2010-05-21 21:26:02 ----DC---- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\avg8
2010-05-21 21:25:38 ----SHD---- C:\System Volume Information
2010-05-21 21:25:38 ----DC---- C:\WINDOWS\system32\Restore
2010-05-21 19:10:08 ----HDC---- C:\$AVG8.VAULT$
2010-05-20 22:48:40 ----D---- C:\Program Files\Nowe Gadu-Gadu
2010-05-18 23:10:48 ----DC---- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
2010-05-15 18:04:40 ----SDC---- C:\Documents and Settings\user\Dane aplikacji\Microsoft
2010-05-12 18:22:35 ----HDC---- C:\WINDOWS\inf
2010-05-12 18:22:34 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-05-12 12:09:27 ----DC---- C:\WINDOWS\system32\dllcache
2010-05-12 12:09:27 ----D---- C:\Program Files\Outlook Express
2010-05-12 10:10:50 ----HDC---- C:\WINDOWS\$hf_mig$
2010-05-10 15:35:51 ----DC---- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
2010-05-09 11:52:59 ----DC---- C:\totalcmd
2010-05-09 10:58:49 ----DC---- C:\WINDOWS\system32\CatRoot
2010-05-09 10:44:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-09 10:20:25 ----D---- C:\Program Files\Common Files
2010-05-09 10:17:47 ----D---- C:\Program Files\Common Files\Nero
2010-05-09 10:15:09 ----D---- C:\Program Files\Nero
2010-05-05 16:09:10 ----DC---- C:\WINDOWS\Microsoft.NET
2010-05-05 15:41:55 ----RSDC---- C:\WINDOWS\assembly
2010-05-05 15:40:54 ----DC---- C:\WINDOWS\system32\config
2010-05-05 15:40:41 ----D---- C:\Program Files\Microsoft Works
2010-05-05 15:39:58 ----D---- C:\Program Files\Microsoft Office
2010-05-05 15:39:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-30 20:51:06 ----AC---- C:\WINDOWS\system32\MRT.exe
2010-04-30 16:11:35 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-05 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-05 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-08-05 108552]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\WINDOWS\system32\drivers\wfeaglxt.sys [2008-12-25 433792]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ddsxeiservice;ddsxeiservice2; \??\C:\Program Files\sXe Injected\ddsxei.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-05 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-05 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-14 135664]
S2 zrbhcp;Microsoft Universal; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-05 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Do notatnika wklej:

[code]Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\ list]
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"=-
"C:\Program Files\SopCast\adv\SopAdver.exe"=-
"C:\Program Files\SopCast\SopCast.exe"=-[/code]
Plik zapisz jako/zmień rozszerzenie na wszystkie pliki/zapisz jako fix.reg/dwuklikiem dodajesz do rejestru.

I to byłoby wszystko.
W OTL użyj funkcji Clean Up.

  • Dobra wypowiedź 1
f430
komentarz
komentarz

[b]Wielkie dzięki za pomoc :D [/b]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.