x-kom hosting

Skan po wyleczonej infekcji

bfo
utworzono
utworzono

Witam.
Mam prośbę o sprawdzenie logów z OTL'a. Miałem wirusa Win32/NSAnti, którego wykrył i usunął AVG, ale chcę się jeszcze upewnić czy z systemem wszystko w porządku.
[log]
OTL logfile created on: 2010-06-22 17:30:51 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Bartek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
10,00 Gb Paging File | 9,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,00 Gb Total Space | 13,48 Gb Free Space | 44,94% Space Free | Partition Type: NTFS
Drive D: | 217,88 Gb Total Space | 15,54 Gb Free Space | 7,13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 149,04 Gb Total Space | 107,16 Gb Free Space | 71,90% Space Free | Partition Type: NTFS

Computer Name: POKOJ-BARTKA
Current User Name: Bartek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe
PRC - [2010-06-03 16:36:55 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgtray.exe
PRC - [2010-06-03 16:36:55 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgrsx.exe
PRC - [2010-06-03 16:36:54 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgcsrvx.exe
PRC - [2010-06-03 16:36:53 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgchsvx.exe
PRC - [2010-05-03 19:39:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG9\avgwdsvc.exe
PRC - [2010-05-03 19:34:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-11-22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009-11-22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\ZoneAlarm\zlclient.exe
PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-02-27 15:12:38 | 000,053,476 | ---- | M] () -- C:\Program Files\SAMSUNG\Button Manager\Button Manager.exe
PRC - [2008-02-25 11:48:00 | 000,244,224 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2008-02-22 11:33:00 | 000,104,960 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008-02-22 11:33:00 | 000,072,192 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2007-10-25 05:57:56 | 016,855,552 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007-01-12 00:39:12 | 001,423,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2007-01-05 11:39:46 | 000,597,504 | R--- | M] () -- C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
PRC - [2006-08-15 16:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
PRC - [2005-12-12 15:03:54 | 000,417,855 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC PowerChute Personal Edition\apcsystray.exe
PRC - [2005-12-12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC PowerChute Personal Edition\mainserv.exe
PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-05-03 19:39:23 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009-11-22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008-02-22 11:33:00 | 000,104,960 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2005-12-12 15:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-05-06 13:21:04 | 000,496,640 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-22 17:17:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-06-03 16:36:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-05-03 19:39:29 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-11-22 15:42:54 | 000,486,280 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008-08-01 05:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008-08-01 05:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008-04-14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-14 00:06:40 | 000,020,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-01-02 19:18:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-01-02 19:18:05 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007-11-01 08:38:56 | 004,620,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-10-18 21:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006-10-06 09:50:36 | 000,204,080 | R--- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Si3531.sys -- (Si3531)
DRV - [2006-09-21 09:39:16 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-09-05 21:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex)
DRV - [2006-09-05 21:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006-09-05 21:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm)
DRV - [2006-09-05 21:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl)
DRV - [2006-09-05 21:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006-09-05 21:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006-09-05 21:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2006-07-21 09:07:36 | 000,005,504 | R--- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys -- (SiRemFil)
DRV - [2006-07-13 05:42:42 | 000,017,328 | R--- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2006-06-08 11:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005-11-21 12:24:02 | 000,010,624 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfpvbus.sys -- (WUSBVBus)
DRV - [2004-11-29 20:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004-11-25 18:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004-10-28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-08-04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002-09-09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001-10-21 16:57:40 | 000,010,658 | ---- | M] (Trust) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\gjoyclt.sys -- (Gjoyclt)
DRV - [2001-10-20 18:24:26 | 000,004,506 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.interia.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87
FF - prefs.js..extensions.enabledItems: {1dbc4a33-ea62-4330-966c-7bdad3455322}:1.0.6.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: optout@dubfire.net:3.02
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 5\components [2010-05-03 19:34:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 5\plugins [2010-05-03 19:07:02 | 000,000,000 | ---D | M]

[2008-04-20 10:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Extensions
[2010-06-22 15:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions
[2008-09-24 20:06:44 | 000,000,000 | ---D | M] (iFox Metal) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{08c834b4-e025-44a3-9b95-e9885adc4be0}
[2008-04-12 22:48:18 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2010-05-03 19:34:51 | 000,000,000 | ---D | M] (Remove It Permanently) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322}
[2010-05-03 18:39:17 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-06-22 15:11:20 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010-05-03 19:34:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-05-03 19:34:55 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008-01-22 20:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\iSafari.Leopard.Themes@gmail.com
[2010-06-22 13:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\optout@dubfire.net
[2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-05-03 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-05-03 18:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2010-06-22 13:14:26 | 000,002,586 | ---- | M] () -- C:\Documents and Settings\Bartek\Dane aplikacji\Mozilla\Firefox\Profiles\mba4glnz.default\searchplugins\forum-ubuntupl.xml
[2008-04-20 10:48:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006-02-23 17:36:00 | 000,638,976 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSignPlugin.dll

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe ()
O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Button Manager.exe] C:\Program Files\SAMSUNG\Button Manager\Button Manager.exe ()
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [NBKeyScan] D:\Programy\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [USBGamepad] C:\Program Files\Trust\Digital Center\Gnjoyusb.exe (Aashima Technology BV.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1409082233-2025429265-725345543-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\APC UPS Status.lnk = C:\Program Files\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-09 17:36:47 | 000,000,058 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{00407ac3-b85c-11dc-94ee-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{00407ac3-b85c-11dc-94ee-806d6172696f}\Shell\AutoRun\command - "" = F:\Bin\Assetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-01-01 13:20:50 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-22 17:28:46 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe
[2010-06-22 17:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-22 17:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools Lite
[2010-06-22 17:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-06-22 17:15:48 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Bartek\Pulpit\DTLite4356-0091.exe
[2010-06-22 13:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\Abine
[2010-06-22 12:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\vlc
[2010-06-06 11:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\storage
[2010-06-06 11:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-05-03 20:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Dane aplikacji\OpenOffice.org
[2010-05-03 20:49:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2010-05-03 20:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice
[2010-05-03 20:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\VLC
[2010-05-03 20:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-05-03 19:39:55 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-05-03 19:39:29 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010-05-03 19:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVG9
[2010-05-03 19:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-05-03 19:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010-05-03 18:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bartek\Moje dokumenty\Pobieranie
[2010-05-03 18:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-05-03 18:29:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008-08-09 17:36:47 | 000,004,506 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-22 17:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bartek\Pulpit\OTL.exe
[2010-06-22 17:24:41 | 001,012,732 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-22 17:24:41 | 000,457,678 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-22 17:24:41 | 000,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-22 17:24:41 | 000,079,188 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-22 17:24:41 | 000,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-22 17:21:10 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-06-22 17:20:50 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-22 17:20:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-22 17:19:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-22 17:19:53 | 3488,141,312 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-22 17:19:11 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Bartek\NTUSER.DAT
[2010-06-22 17:17:56 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-06-22 17:16:22 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Bartek\Pulpit\DTLite4356-0091.exe
[2010-06-22 12:27:33 | 061,301,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-06-22 12:23:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-08 22:07:40 | 005,335,050 | -H-- | M] () -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-06 11:12:10 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tom Clancy's Splinter Cell Conviction.lnk
[2010-06-03 16:36:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010-06-02 18:41:05 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Bartek\ntuser.ini
[2010-05-30 21:09:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-30 17:02:18 | 000,025,776 | ---- | M] () -- C:\Documents and Settings\Bartek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-04 19:47:04 | 000,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-03 20:50:04 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk
[2010-05-03 20:47:42 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk
[2010-05-03 20:41:20 | 013,154,946 | ---- | M] () -- C:\Documents and Settings\Bartek\Pulpit\GoOo-langpack-pl-3.2-13.exe
[2010-05-03 20:23:37 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Bartek\.rnd
[2010-05-03 20:23:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2010-05-03 19:39:29 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010-05-03 19:39:29 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010-05-03 19:39:29 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk
[2010-05-03 19:39:26 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010-05-03 19:19:47 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-05-03 18:44:46 | 000,063,524 | ---- | M] () -- C:\rollback.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-06 11:12:10 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tom Clancy's Splinter Cell Conviction.lnk
[2010-05-30 21:09:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-03 20:50:03 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk
[2010-05-03 20:47:42 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk
[2010-05-03 20:24:34 | 013,154,946 | ---- | C] () -- C:\Documents and Settings\Bartek\Pulpit\GoOo-langpack-pl-3.2-13.exe
[2010-05-03 20:23:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010-05-03 19:39:29 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk
[2010-05-03 19:19:26 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2008-10-02 22:22:06 | 000,388,096 | R--- | C] () -- C:\WINDOWS\System32\mss32.dll
[2008-06-22 09:54:18 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-02-24 10:51:04 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008-02-22 22:22:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-01-15 22:03:14 | 000,000,112 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2008-01-12 17:46:47 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2008-01-11 22:43:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-01-11 22:43:34 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-01-07 20:38:13 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008-01-02 19:18:05 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-01-02 19:18:05 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-01-02 18:22:01 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS74.DLL
[2008-01-01 17:30:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-01-01 17:17:09 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-01-01 13:45:58 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008-01-01 13:45:58 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008-01-01 13:45:57 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2008-01-01 13:45:57 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2008-01-01 13:42:54 | 000,001,103 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2008-01-01 13:30:30 | 000,000,962 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2008-01-01 13:30:30 | 000,000,399 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2008-01-01 13:28:19 | 000,030,549 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008-01-01 13:28:14 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-01-01 13:28:12 | 000,015,738 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008-01-01 13:28:05 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-10-12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[1999-01-22 21:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-03 19:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2008-12-31 15:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender
[2008-01-01 17:20:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2009-08-06 10:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2010-06-22 17:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2008-01-10 22:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Elaborate Bytes
[2008-02-22 22:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo
[2008-01-01 14:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2008-01-09 22:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2008-01-18 20:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-06 11:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-06-22 17:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Abine
[2009-08-06 11:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Cream Software
[2008-01-28 16:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools
[2010-06-22 17:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\DAEMON Tools Lite
[2010-05-03 20:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Dev-Cpp
[2008-02-13 16:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\FSW2
[2008-03-20 18:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Gadu-Gadu
[2008-07-30 13:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Imperium Romanum
[2008-02-22 22:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\iolo
[2008-05-31 17:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\KompoZer
[2008-10-23 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Leadertech
[2010-05-03 20:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\OpenOffice.org
[2009-01-31 17:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Subversion
[2008-01-15 20:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Teleca
[2009-06-12 16:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\The Creative Assembly
[2008-04-06 15:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bartek\Dane aplikacji\Ubisoft

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-02-24 20:26:53 | 000,000,170 | ---- | M] () -- C:\ASWL2K.ini
[2008-08-09 17:36:47 | 000,000,058 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008-03-14 15:57:37 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-03-13 22:51:26 | 000,000,000 | RHS- | M] () -- C:\config.sys
[2010-06-22 17:19:53 | 3488,141,312 | -HS- | M] () -- C:\hiberfil.sys
[2008-01-01 12:54:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-01-01 12:54:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-05-04 17:42:34 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-06-22 17:19:53 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2008-01-01 13:31:51 | 000,000,499 | ---- | M] () -- C:\RHDSetup.log
[2010-05-03 18:44:46 | 000,063,524 | ---- | M] () -- C:\rollback.ini


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]
[log]
OTL Extras logfile created on: 2010-06-22 17:30:51 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Bartek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
10,00 Gb Paging File | 9,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,00 Gb Total Space | 13,48 Gb Free Space | 44,94% Space Free | Partition Type: NTFS
Drive D: | 217,88 Gb Total Space | 15,54 Gb Free Space | 7,13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 149,04 Gb Total Space | 107,16 Gb Free Space | 71,90% Space Free | Partition Type: NTFS

Computer Name: POKOJ-BARTKA
Current User Name: Bartek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ Unreal Commander] -- "D:\Programy\Unreal Commander\Uncom.exe" /l="%L" (Max Diesel)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"13364:UDP" = 13364:UDP:*:Enabled:Print Server Utility
"13621:UDP" = 13621:UDP:*:Enabled:Print Server Utility
"13107:UDP" = 13107:UDP:*:Enabled:Print Server Utility
"69:UDP" = 69:UDP:*:Enabled:Print Server Utility TFTP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Programy\eMule\emule.exe" = E:\Programy\eMule\emule.exe:*:Enabled:eMule -- File not found
"E:\Programy\AQQ\AQQ.exe" = E:\Programy\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found
"D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- File not found
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- File not found
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- File not found
"D:\Gry\Vegas 2\Binaries\R6Vegas2_Game.exe" = D:\Gry\Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 -- ()
"D:\Gry\Vegas 2\Binaries\R6Vegas2_Launcher.exe" = D:\Gry\Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update -- (Ubisoft)
"D:\Gry\PES2008\PES2008.exe" = D:\Gry\PES2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"D:\Gry\PES2009\pes2009.exe" = D:\Gry\PES2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found
"D:\Gry\Wolfenstein\MP\Wolf2MP.exe" = D:\Gry\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"D:\Gry\Wolfenstein\MP\Wolf2MPLite.exe" = D:\Gry\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"C:\Program Files\AVG9\avgupd.exe" = C:\Program Files\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"D:\Gry\SC Conviction\src\system\conviction_game.exe" = D:\Gry\SC Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction -- ()
"D:\Gry\SC Conviction\src\system\gu.exe" = D:\Gry\SC Conviction\src\system\gu.exe:*:Enabled:Aktualizacja Tom Clancy's Splinter Cell Conviction -- (Ubisoft)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0343444C-1A4C-46FF-BFF8-878353ED5389}" = Button Manager
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 20
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{60CE6B15-E8DC-4096-83FA-5D8DE8B9ED5B}" = OpenOffice.org 3.2
"{6A8D556E-8D56-4A85-86E0-2EACFA63C02E}" = OpenOffice.org 3.2 Language Pack (Polish)
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{779B9B0B-7EB9-48D9-B730-D1C937A49798}" = ArcSoft WebCam Companion 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FE6397C1-CECA-4EC3-B064-42AED7676898}" = Sony Ericsson PC Suite
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player
"ArmA 2" = ArmA 2 Uninstall
"AVG9Uninstall" = AVG Free 9.0
"CANONBJ_Deinstall_CNMCP74.DLL" = Canon iP2200
"CMake 2.6" = CMake 2.6 a cross-platform, open-source build system
"eMule" = eMule
"ffdshow_is1" = ffdshow [rev 1763] [2008-01-08]
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MozBackup_is1" = MozBackup 1.4.7
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Speed Reader PL_is1" = Speed Reader PL
"SystemRequirementsLab" = System Requirements Lab
"Trust Digital Center" = Trust Digital Center, Version 1.1
"UnrealCommander_is1" = Unreal Commander v0.96
"VLC media player" = VLC media player 1.0.5
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"ZoneAlarm" = ZoneAlarm

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1409082233-2025429265-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Competition Arena" = Competition Arena

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2008-06-04 11:23:50 | Computer Name = POKOJ-BARTKA | Source = MsiInstaller | ID = 11316
Description = Product: Microsoft Games for Windows - LIVE Redistributable -- Error
1316. A network error occurred while attempting to read from the file: G:\Support\XLiveRedist.msi

Error - 2008-06-04 11:38:44 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x05280072.

Error - 2008-06-05 12:15:02 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x137f0655.

Error - 2008-06-08 13:18:29 | Computer Name = POKOJ-BARTKA | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 9.0.0.4503, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2008-06-08 14:25:38 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x10eb0d60.

Error - 2008-06-12 12:34:25 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd acrord32.exe, wersja 8.1.0.137, moduł powodujący
błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00011669.

Error - 2008-06-12 12:45:03 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x12df09bf.

Error - 2008-06-17 08:21:11 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x41b30155.

Error - 2008-06-19 14:58:30 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x054800ec.

Error - 2008-06-19 15:02:58 | Computer Name = POKOJ-BARTKA | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wargame-g4wlive.exe, wersja 1.0.3340.131,
moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0def0992.

[ System Events ]
Error - 2010-06-22 10:57:53 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321
Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o
adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2010-06-22 11:03:03 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321
Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o
adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2010-06-22 11:08:13 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321
Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o
adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2010-06-22 11:10:04 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321
Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o
adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie
tej nazwy przez ten komputer.

Error - 2010-06-22 11:12:24 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148
Description =

Error - 2010-06-22 11:12:46 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148
Description =

Error - 2010-06-22 11:13:22 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148
Description =

Error - 2010-06-22 11:13:52 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148
Description =

Error - 2010-06-22 11:14:36 | Computer Name = POKOJ-BARTKA | Source = as1wu3kz | ID = 262148
Description =

Error - 2010-06-22 11:15:15 | Computer Name = POKOJ-BARTKA | Source = NetBT | ID = 4321
Description = Nie można zarejestrować nazwy „DOM :1d” w interfejsie o
adresie IP 192.168.1.246. Komputer o adresie IP 192.168.1.245 nie zezwolił na przejęcie
tej nazwy przez ten komputer.


< End of report >
[/log]

Mateusz J.
komentarz
komentarz

Do notatnika wklej:
[code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą [b]FIX.REG[/b]
Uruchom utworzony plik [b]FIX.REG[/b] i potwierdź dodanie do Rejestru i zresetuj komputer.


Ogólnie ok, AVG się sprawdził.

bfo
komentarz
komentarz

Nie wiem czy to nie był false positive, bo niektóre skanery wskazują na "broken.signature/Ubisoft", ale mimo wszystko dziękuję za pomoc stokrotnie!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.