bfo utworzono 22 czerwca 2010 utworzono 22 czerwca 2010 Witam. Mam prośbę o sprawdzenie logów z OTL'a. Miałem wirusa Win32/NSAnti, którego wykrył i usunął AVG, ale chcę się jeszcze upewnić czy z systemem wszystko w porządku. [log] OTL logfile created on: 2010-06-22 17:30:51 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Bartek\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free 10,00 Gb Paging File | 9,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 30,00 Gb Total Space | 13,48 Gb Free Space | 44,94% Space Free | Partition Type: NTFS Drive D: | 217,88 Gb Total Space | 15,54 Gb Free Space | 7,13% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 149,04 Gb Total Space | 107,16 Gb Free Space | 71,90% Space Free | Partition Type: NTFS Computer Name: POKOJ-BARTKA Current User Name: Bartek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe PRC - [2010-06-03 16:36:55 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgtray.exe PRC - [2010-06-03 16:36:55 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgrsx.exe PRC - [2010-06-03 16:36:54 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgcsrvx.exe PRC - [2010-06-03 16:36:53 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgchsvx.exe PRC - [2010-05-03 19:39:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgwdsvc.exe PRC - [2010-05-03 19:34:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-11-22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2009-11-22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\ZoneAlarm\zlclient.exe PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-02-27 15:12:38 | 000,053,476 | ---- | M] () -- C:\Program Files\SAMSUNG\Button Manager\Button Manager.exe PRC - [2008-02-25 11:48:00 | 000,244,224 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2008-02-22 11:33:00 | 000,104,960 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008-02-22 11:33:00 | 000,072,192 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2007-10-25 05:57:56 | 016,855,552 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2007-01-12 00:39:12 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe PRC - [2007-01-05 11:39:46 | 000,597,504 | R--- | M] () -- C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe PRC - [2006-08-15 16:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe PRC - [2005-12-12 15:03:54 | 000,417,855 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC PowerChute Personal Edition\apcsystray.exe PRC - [2005-12-12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC PowerChute Personal Edition\mainserv.exe PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-05-03 19:39:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009-11-22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2008-02-22 11:33:00 | 000,104,960 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2005-12-12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service) SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-05-06 13:21:04 | 000,496,640 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-22 17:17:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-06-03 16:36:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-05-03 19:39:29 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-11-22 15:42:54 | 000,486,280 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008-08-01 05:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008-08-01 05:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008-04-14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-14 00:06:40 | 000,020,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-01-02 19:18:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008-01-02 19:18:05 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2007-11-01 08:38:56 | 004,620,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-10-18 21:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2006-10-06 09:50:36 | 000,204,080 | R--- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Si3531.sys -- (Si3531) DRV - [2006-09-21 09:39:16 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-09-05 21:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex) DRV - [2006-09-05 21:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM) DRV - [2006-09-05 21:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm) DRV - [2006-09-05 21:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl) DRV - [2006-09-05 21:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM) DRV - [2006-09-05 21:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS) DRV - [2006-09-05 21:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM) DRV - [2006-07-21 09:07:36 | 000,005,504 | R--- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys -- (SiRemFil) DRV - [2006-07-13 05:42:42 | 000,017,328 | R--- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter) DRV - [2006-06-08 11:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2005-11-21 12:24:02 | 000,010,624 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfpvbus.sys -- (WUSBVBus) DRV - [2004-11-29 20:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004-11-25 18:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2004-10-28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-08-04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2002-09-09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2001-10-21 16:57:40 | 000,010,658 | ---- | M] (Trust) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\gjoyclt.sys -- (Gjoyclt) DRV - [2001-10-20 18:24:26 | 000,004,506 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.interia.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87 FF - prefs.js..extensions.enabledItems: {1dbc4a33-ea62-4330-966c-7bdad3455322}:1.0.6.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: optout@dubfire.net:3.02 FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 5\components [2010-05-03 19:34:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 5\plugins [2010-05-03 19:07:02 | 000,000,000 | ---D | M] [2008-04-20 10:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Extensions [2010-06-22 15:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions [2008-09-24 20:06:44 | 000,000,000 | ---D | M] (iFox Metal) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{08c834b4-e025-44a3-9b95-e9885adc4be0} [2008-04-12 22:48:18 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A} [2010-05-03 19:34:51 | 000,000,000 | ---D | M] (Remove It Permanently) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2010-05-03 18:39:17 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2010-06-22 15:11:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010-05-03 19:34:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-05-03 19:34:55 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2008-01-22 20:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\iSafari.Leopard.Themes@gmail.com [2010-06-22 13:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\optout@dubfire.net [2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions [2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions [2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions [2010-05-03 18:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions [2010-06-22 13:14:26 | 000,002,586 | ---- | M] () -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\searchplugins\forum-ubuntupl.xml [2008-04-20 10:48:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2006-02-23 17:36:00 | 000,638,976 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSignPlugin.dll O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe () O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe () O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Button Manager.exe] C:\Program Files\SAMSUNG\Button Manager\Button Manager.exe () O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.) O4 - HKLM..\Run: [NBKeyScan] D:\Programy\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [USBGamepad] C:\Program Files\Trust\Digital Center\Gnjoyusb.exe (Aashima Technology BV.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-21-1409082233-2025429265-725345543-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\APC UPS Status.lnk = C:\Program Files\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-08-09 17:36:47 | 000,000,058 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{00407ac3-b85c-11dc-94ee-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{00407ac3-b85c-11dc-94ee-806d6172696f}\Shell\AutoRun\command - "" = F:\Bin\Assetup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-01-01 13:20:50 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-22 17:28:46 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe [2010-06-22 17:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-22 17:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools Lite [2010-06-22 17:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-06-22 17:15:48 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Bartek\Pulpit\DTLite4356-0091.exe [2010-06-22 13:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\Abine [2010-06-22 12:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\vlc [2010-06-06 11:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\storage [2010-06-06 11:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-05-03 20:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\OpenOffice.org [2010-05-03 20:49:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2010-05-03 20:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice [2010-05-03 20:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\VLC [2010-05-03 20:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2010-05-03 19:39:55 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-05-03 19:39:29 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-05-03 19:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVG9 [2010-05-03 19:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-05-03 19:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm [2010-05-03 18:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Moje dokumenty\Pobieranie [2010-05-03 18:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-05-03 18:29:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2008-08-09 17:36:47 | 000,004,506 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe [2010-06-22 17:24:41 | 001,012,732 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-22 17:24:41 | 000,457,678 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-06-22 17:24:41 | 000,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-06-22 17:24:41 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-06-22 17:24:41 | 000,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-06-22 17:21:10 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2010-06-22 17:20:50 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-06-22 17:20:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-22 17:19:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-22 17:19:53 | 3488,141,312 | -HS- | M] () -- C:\hiberfil.sys [2010-06-22 17:19:11 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Bartek\NTUSER.DAT [2010-06-22 17:17:56 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-06-22 17:16:22 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Bartek\Pulpit\DTLite4356-0091.exe [2010-06-22 12:27:33 | 061,301,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-06-22 12:23:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-08 22:07:40 | 005,335,050 | -H-- | M] () -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-06 11:12:10 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tom Clancy's Splinter Cell Conviction.lnk [2010-06-03 16:36:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010-06-02 18:41:05 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Bartek\ntuser.ini [2010-05-30 21:09:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-05-30 17:02:18 | 000,025,776 | ---- | M] () -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-05-04 19:47:04 | 000,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-05-03 20:50:04 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-03 20:47:42 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2010-05-03 20:41:20 | 013,154,946 | ---- | M] () -- C:\Documents and Settings\Bartek\Pulpit\GoOo-langpack-pl-3.2-13.exe [2010-05-03 20:23:37 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Bartek\.rnd [2010-05-03 20:23:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini [2010-05-03 19:39:29 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-05-03 19:39:29 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-05-03 19:39:29 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk [2010-05-03 19:39:26 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010-05-03 19:19:47 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2010-05-03 18:44:46 | 000,063,524 | ---- | M] () -- C:\rollback.ini [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-06 11:12:10 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tom Clancy's Splinter Cell Conviction.lnk [2010-05-30 21:09:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-05-03 20:50:03 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-03 20:47:42 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk [2010-05-03 20:24:34 | 013,154,946 | ---- | C] () -- C:\Documents and Settings\Bartek\Pulpit\GoOo-langpack-pl-3.2-13.exe [2010-05-03 20:23:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2010-05-03 19:39:29 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk [2010-05-03 19:19:26 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml [2008-10-02 22:22:06 | 000,388,096 | R--- | C] () -- C:\WINDOWS\System32\mss32.dll [2008-06-22 09:54:18 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-02-24 10:51:04 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-02-22 22:22:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-01-15 22:03:14 | 000,000,112 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2008-01-12 17:46:47 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2008-01-11 22:43:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-01-11 22:43:34 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-01-07 20:38:13 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2008-01-02 19:18:05 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-01-02 19:18:05 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-01-02 18:22:01 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS74.DLL [2008-01-01 17:30:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-01-01 17:17:09 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-01-01 13:45:58 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008-01-01 13:45:58 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008-01-01 13:45:57 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008-01-01 13:45:57 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008-01-01 13:42:54 | 000,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2008-01-01 13:30:30 | 000,000,962 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2008-01-01 13:30:30 | 000,000,399 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2008-01-01 13:28:19 | 000,030,549 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008-01-01 13:28:14 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-01-01 13:28:12 | 000,015,738 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-01-01 13:28:05 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [1999-01-22 21:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010-05-03 19:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2008-12-31 15:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender [2008-01-01 17:20:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2009-08-06 10:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-06-22 17:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2008-01-10 22:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Elaborate Bytes [2008-02-22 22:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2008-01-01 14:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier [2008-01-09 22:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca [2008-01-18 20:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-06 11:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2010-06-22 17:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Abine [2009-08-06 11:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Cream Software [2008-01-28 16:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools [2010-06-22 17:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools Lite [2010-05-03 20:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Dev-Cpp [2008-02-13 16:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\FSW2 [2008-03-20 18:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Gadu-Gadu [2008-07-30 13:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Imperium Romanum [2008-02-22 22:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\iolo [2008-05-31 17:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\KompoZer [2008-10-23 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Leadertech [2010-05-03 20:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\OpenOffice.org [2009-01-31 17:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Subversion [2008-01-15 20:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Teleca [2009-06-12 16:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\The Creative Assembly [2008-04-06 15:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Ubisoft [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-24 20:26:53 | 000,000,170 | ---- | M] () -- C:\ASWL2K.ini [2008-08-09 17:36:47 | 000,000,058 | ---- | M] () -- C:\AUTOEXEC.BAT [2008-03-14 15:57:37 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2008-03-13 22:51:26 | 000,000,000 | RHS- | M] () -- C:\config.sys [2010-06-22 17:19:53 | 3488,141,312 | -HS- | M] () -- C:\hiberfil.sys [2008-01-01 12:54:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008-01-01 12:54:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-05-04 17:42:34 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-06-22 17:19:53 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2008-01-01 13:31:51 | 000,000,499 | ---- | M] () -- C:\RHDSetup.log [2010-05-03 18:44:46 | 000,063,524 | ---- | M] () -- C:\rollback.ini [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log] OTL Extras logfile created on: 2010-06-22 17:30:51 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Bartek\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free 10,00 Gb Paging File | 9,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 30,00 Gb Total Space | 13,48 Gb Free Space | 44,94% Space Free | Partition Type: NTFS Drive D: | 217,88 Gb Total Space | 15,54 Gb Free Space | 7,13% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 149,04 Gb Total Space | 107,16 Gb Free Space | 71,90% Space Free | Partition Type: NTFS Computer Name: POKOJ-BARTKA Current User Name: Bartek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ Unreal Commander] -- "D:\Programy\Unreal Commander\Uncom.exe" /l="%L" (Max Diesel) Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "13364:UDP" = 13364:UDP:*:Enabled:Print Server Utility "13621:UDP" = 13621:UDP:*:Enabled:Print Server Utility "13107:UDP" = 13107:UDP:*:Enabled:Print Server Utility "69:UDP" = 69:UDP:*:Enabled:Print Server Utility TFTP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\Programy\eMule\emule.exe" = E:\Programy\eMule\emule.exe:*:Enabled:eMule -- File not found "E:\Programy\AQQ\AQQ.exe" = E:\Programy\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found "C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- File not found "C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- File not found "D:\Gry\Vegas 2\Binaries\R6Vegas2_Game.exe" = D:\Gry\Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 -- () "D:\Gry\Vegas 2\Binaries\R6Vegas2_Launcher.exe" = D:\Gry\Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update -- (Ubisoft) "D:\Gry\PES2008\PES2008.exe" = D:\Gry\PES2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found "D:\Gry\PES2009\pes2009.exe" = D:\Gry\PES2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found "D:\Gry\Wolfenstein\MP\Wolf2MP.exe" = D:\Gry\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) -- (Activision) "D:\Gry\Wolfenstein\MP\Wolf2MPLite.exe" = D:\Gry\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) -- (Activision) "C:\Program Files\AVG9\avgupd.exe" = C:\Program Files\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft) "D:\Gry\SC Conviction\src\system\conviction_game.exe" = D:\Gry\SC Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction -- () "D:\Gry\SC Conviction\src\system\gu.exe" = D:\Gry\SC Conviction\src\system\gu.exe:*:Enabled:Aktualizacja Tom Clancy's Splinter Cell Conviction -- (Ubisoft) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0343444C-1A4C-46FF-BFF8-878353ED5389}" = Button Manager "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 20 "{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition "{60CE6B15-E8DC-4096-83FA-5D8DE8B9ED5B}" = OpenOffice.org 3.2 "{6A8D556E-8D56-4A85-86E0-2EACFA63C02E}" = OpenOffice.org 3.2 Language Pack (Polish) "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{779B9B0B-7EB9-48D9-B730-D1C937A49798}" = ArcSoft WebCam Companion 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III "{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2 "{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2 "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FE6397C1-CECA-4EC3-B064-42AED7676898}" = Sony Ericsson PC Suite "{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE "Adobe Shockwave Player" = Adobe Shockwave Player "ArmA 2" = ArmA 2 Uninstall "AVG9Uninstall" = AVG Free 9.0 "CANONBJ_Deinstall_CNMCP74.DLL" = Canon iP2200 "CMake 2.6" = CMake 2.6 a cross-platform, open-source build system "eMule" = eMule "ffdshow_is1" = ffdshow [rev 1763] [2008-01-08] "InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "MozBackup_is1" = MozBackup 1.4.7 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OpenAL" = OpenAL "Speed Reader PL_is1" = Speed Reader PL "SystemRequirementsLab" = System Requirements Lab "Trust Digital Center" = Trust Digital Center, Version 1.1 "UnrealCommander_is1" = Unreal Commander v0.96 "VLC media player" = VLC media player 1.0.5 "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "ZoneAlarm" = ZoneAlarm [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Competition Arena" = Competition Arena [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2008-06-04 11:23:50 | Computer Name = POKOJ-BARTKA | Source = MsiInstaller | ID = 11316 Description = Product: Microsoft Games for Windows - LIVE Redistributable -- Error 1316. A network error occurred while attempting to read from the file: G:\Support\XLiveRedist.msi Error - 2008-06-04 11:38:44 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x05280072. Error - 2008-06-05 12:15:02 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x137f0655. Error - 2008-06-08 13:18:29 | Computer Name = POKOJ-BARTKA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca wmplayer.exe, wersja 9.0.0.4503, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2008-06-08 14:25:38 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x10eb0d60. Error - 2008-06-12 12:34:25 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd acrord32.exe, wersja 8.1.0.137, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00011669. Error - 2008-06-12 12:45:03 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x12df09bf. Error - 2008-06-17 08:21:11 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x41b30155. Error - 2008-06-19 14:58:30 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x054800ec. Error - 2008-06-19 15:02:58 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0def0992. [ System Events ] Error - 2010-06-22 10:57:53 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-06-22 11:03:03 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-06-22 11:08:13 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-06-22 11:10:04 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error - 2010-06-22 11:12:24 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148 Description = Error - 2010-06-22 11:12:46 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148 Description = Error - 2010-06-22 11:13:22 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148 Description = Error - 2010-06-22 11:13:52 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148 Description = Error - 2010-06-22 11:14:36 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148 Description = Error - 2010-06-22 11:15:15 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321 Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie tej nazwy przez ten komputer. < End of report > [/log]
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Do notatnika wklej: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code]Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą [b]FIX.REG[/b] Uruchom utworzony plik [b]FIX.REG[/b] i potwierdź dodanie do Rejestru i zresetuj komputer. Ogólnie ok, AVG się sprawdził.
bfo komentarz 24 czerwca 2010 Autor komentarz 24 czerwca 2010 Nie wiem czy to nie był false positive, bo niektóre skanery wskazują na "broken.signature/Ubisoft", ale mimo wszystko dziękuję za pomoc stokrotnie!
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.