x-kom hosting

100 % zużycia procesora w programach i przeglądarce

slawek8939
utworzono
utworzono (edytowane)

Witam
Mam mały problem, jak włączam jakiś program czy nawet przeglądarkę, to procesor zaczyna działać na 100%
Co robić, czemu tak się dzieje - myślałem że może to jakiś wirus, ale mój anty wirus avast nic nie wykrył.
Proszę o pomoc
[color="#ff0000"]
//przenoszę do logów do sprawdzenia
//dan [/color]

itsmylife
komentarz
komentarz (edytowane)

Podaj konfiguracje kompuitera oraz: system jaki uzywasz i natywirus jaki uzywasz. Sprawdz tez wciskajac ctrl alt del czy to na pewno przeglarka daje takie uzycie na procesor. Jesli uzywasz Firefoxa z jakas nowa aktualizacja ot powiem ze mialem podobnie. Niestety z Firefoxem cos sie ostatnio dzieje i nie jest to ta przegladarka co jheszcze pare miesiecy temu.

A sory widzie ze masz AVAST. Wywal go , sciagnij ze strony symentec.com Norton Internet Security 2010. 30 dnuiowy trial. Zainstaluj, zrob aktualizacje i zrob pelne skanowanie systemu tez. W tej chwili to chyba najlepszy antywir.

slawek8939
komentarz
komentarz

Nie wiem czy o to chodziło
[spoiler]
Komputer:
Typ komputera Jednoprocesorowy komputer PC z interfejsem ACPI (Mobile)
System operacyjny Microsoft Windows XP Professional
Dodatek service pack systemu operacyjnego Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180 (IE 6.0 SP2)
DirectX 4.09.00.0904 (DirectX 9.0c)
Nazwa komputera ----------
Nazwa użytkownika ----------
Domena logowania ----------
Data / Czas 2010-07-31 / 06:07

Płyta główna:
Typ procesora Mobile Intel Celeron M 380, 1600 MHz (16 x 100)
Nazwa płyty głównej NEC COMPUTERS INTERNATIONAL NEC Versa Premium
Mikroukład płyty głównej VIA PN800
Pamięć fizyczna 960 MB (PC2700 DDR SDRAM)
DIMM1: Hynix HYMD564M646CP6J 512 MB PC2700 DDR SDRAM (2.5-3-3-7 @ 166 MHz) (2.0-3-3-6 @ 133 MHz)
DIMM2: Hynix HYMD564M646CP6J 512 MB PC2700 DDR SDRAM (2.5-3-3-7 @ 166 MHz) (2.0-3-3-6 @ 133 MHz)
Typ BIOS'u Insyde (07/12/04)

Ekran:
Karta wideo VIA/S3G UniChrome Pro IGP (64 MB)
Karta wideo VIA/S3G UniChrome Pro IGP (64 MB)
Akcelerator 3D VIA/S3G UniChrome Pro
Monitor Monitor Plug and Play

Multimedia:
Karta dźwiękowa Realtek ALC655 @ VIA AC'97 Enhanced Audio Controller

Magazyn:
Kontroler IDE Kontroler VIA Bus Master IDE
Dysk fizyczny ST980811A (80 GB, 5400 RPM, Ultra-ATA/100)
Napęd dysków optycznych _NEC DVD_RW ND-6750A (DVD+R9:8x, DVD-R9:6x, DVD+RW:8x/8x, DVD-RW:8x/8x, DVD-ROM:8x, CD:24x/16x/24x DVD+RW/DVD-RW)
Status dysków SMART OK

Partycje:
C: (NTFS) 42147 MB (1920 MB wolne)
D: (NTFS) 34161 MB (3928 MB wolne)
Rozmiar całkowity 76308 MB (5848 MB wolne)

Urządzenia wejściowe:
Klawiatura Standardowa klawiatura 101/102 klawisze lub Microsoft Natural Keyboard PS/2
Mysz Synaptics PS/2 Port TouchPad

Sieć:
Podstawowy adres IP ----------
Podstawowy adres karty (MAC) 00-10-60-AF-67-35
Karta sieciowa Karta Fast Ethernet zgodna z VIA
Karta sieciowa Ralink RT2500 Wireless LAN Card (192.168.2.7)
Modem Motorola SM56 Speakerphone Modem

Urządzenia zewnętrzne:
Drukarka Microsoft XPS Document Writer
Drukarka Wysyłanie do programu OneNote 2007
Kontroler USB1 VIA VT8235 USB Universal Host Controller
Kontroler USB1 VIA VT8235 USB Universal Host Controller
Kontroler USB1 VIA VT8235 USB Universal Host Controller
Kontroler USB2 VIA VT8235 USB 2.0 Enhanced Host Controller
Bateria Bateria Microsoft o metodzie kontroli zgodnej z ACPI
Bateria Microsoft AC Adapter

DMI:
DMI: producent BIOS'u Insyde Software Corporation
DMI: numer wersji BIOS'u R1.05
DMI (system): producent Packard Bell Computers International
DMI (system): nazwa Packard Bell EasyNote
DMI (system): numer wersji PB42B01101
DMI (system): numer seryjny 716104610235
DMI (system): identyfikator UUID F81B79E2-E522DB11-80004E45-435F4349
DMI (płyta główna): producent NEC COMPUTERS INTERNATIONAL
DMI (płyta główna): nazwa NEC Versa Premium
DMI (płyta główna): numer wersji 5a
DMI (płyta główna): numer seryjny 12345678
DMI (obudowa): producent
DMI (obudowa): numer wersji I
DMI (obudowa): numer seryjny 50424E
DMI (obudowa): metka środka trwałego 12345678
DMI (obudowa): typ Pizza Box
[/spoiler]
[color="#FF0000"]
// Usuwam niepotrzebną część i wstawiam w tagi
// Cyp[/color]

Gość
komentarz
komentarz

Sprawdź czy procesor posiada dostateczną ilość pasty termoprzewodzącej oraz [url]http://www.forumpc.pl/index.php?showtopic=104338[/url]. Warto sprawdzić czy system jest zainfekowany.

slawek8939
komentarz
komentarz (edytowane)

Jak się wstawia pliki w tagi

[log]OTL Extras logfile created on: 2010-07-31 14:21:54 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): d:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS
Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-D69F46C83DE
Current User Name: slawek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color="#e56717"]========== Extra Registry (SafeList) ==========[/color]


[color="#e56717"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color="#e56717"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color="#e56717"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color="#e56717"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url])
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)


[color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color="#e56717"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022
Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania.

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >

[color="#e56717"]========== Extra Registry (SafeList) ==========[/color]


[color="#e56717"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color="#e56717"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color="#e56717"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color="#e56717"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url])
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)


[color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color="#e56717"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022
Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania.

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >

OTL Extras logfile created on: 2010-07-31 14:21:54 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): d:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS
Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-D69F46C83DE
Current User Name: slawek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color="#e56717"]========== Extra Registry (SafeList) ==========[/color]


[color="#e56717"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color="#e56717"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color="#e56717"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color="#e56717"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url])
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)


[color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color="#e56717"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022
Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania.

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >

[color="#e56717"]========== Extra Registry (SafeList) ==========[/color]


[color="#e56717"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color="#e56717"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color="#e56717"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color="#e56717"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url])
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)


[color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color="#e56717"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022
Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania.

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >[/log]

Gość
komentarz
komentarz

Daj komplet logów, ponieważ log extras to za mało.

itsmylife
komentarz
komentarz

Zamiast kombinowac ctrl alt del gdy masz tak mocne zuzycie procesora uruchom menedzer zadan wejdz w procesy i zobacz ktory proces daje tak duze zuzycie i bedzie wiadome gdzie lezy problem. Przeskanuj tez norton Internet Security 2010, przed instalacja wywal tego AVASTA.

slawek8939
komentarz
komentarz

Do Sayan. Przepraszam, wstawiam jeszcze jeden plik o którym zapomniałem.
Do itsmylife. Wyrzuciłem Avasta i przeskanowałem norton Internet Security 2010 i dalej to samo. Ja widzę jaki proces zwiększa mi wydajność procesowa, jak włączam gadu gadu to procesor zaczyna zapierdzielać 90 - 100% czy jakikolwiek program włączę, robi się to samo, nawet jak przeglądarka chodzi. Cały czas 100% no prawie a czas jądra prawie taki sam. Czy po prostu, to już stary laptop i trzeba zmienić.

[log]OTL logfile created on: 2010-07-31 16:45:09 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 271,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): d:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS
Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-D69F46C83DE
Current User Name: slawek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe
PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008-12-01 00:01:22 | 003,738,624 | ---- | M] (Artur Sikora) -- D:\Program Files\SubEdit-Player\subedit.exe
PRC - [2005-03-10 10:44:34 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005-03-10 10:43:30 | 000,688,218 | ---- | M] (Synaptics, Inc.) -- D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe
PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe
PRC - [2001-10-26 17:30:02 | 000,139,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sndvol32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- D:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\slawek\USTAWI~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\slawek\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG)
DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver)
DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger)
DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI)
DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS)
DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON)
DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP)
DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP)
DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB)
DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5
FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions
[2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions
[2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}
[2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com
[2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml
[2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKCU..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.)
O4 - HKCU..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll File not found

MsConfig - StartUpReg: [b]ctfmon.exe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]GrzonuShell[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HUAWEI 3G Data Card MTS[/b] - hkey= - key= - D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe (Huawei Technologies)
MsConfig - StartUpReg: [b]Icon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SMSERIAL[/b] - hkey= - key= - D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
MsConfig - StartUpReg: [b]snpstd3[/b] - hkey= - key= - D:\WINDOWS\vsnpstd3.exe ()
MsConfig - StartUpReg: [b]SoundMan[/b] - hkey= - key= - D:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]SP_ENGLISH[/b] - hkey= - key= - D:\Program Files\English Translator 3\HandyDict.exe (Techland)
MsConfig - StartUpReg: [b]STDSB[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - D:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: [b]SynTPLpr[/b] - hkey= - key= - D:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
MsConfig - StartUpReg: [b]VTTimer[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]VTTrayp[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit
[2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec
[2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys
[2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys
[2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys
[2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys
[2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys
[2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys
[2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys
[2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088
[2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar
[2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security
[2010-07-30 18:34:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-07-30 18:34:01 | 000,000,000 | ---D | C] -- D:\Program Files\kikin
[2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader
[2010-07-30 15:10:30 | 000,000,000 | ---D | C] -- D:\Program Files\Bridge It Demo
[2010-07-30 14:46:42 | 000,000,000 | ---D | C] -- D:\Program Files\Pontifex II Demo
[2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022
[2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec
[2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller
[2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent
[2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX
[2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++
[2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video
[2010-07-28 21:40:55 | 000,000,000 | ---D | C] -- D:\Program Files\Nuclear Coffee
[2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder
[2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland
[2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland
[2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe
[2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5
[2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6
[2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga
[2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++
[2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali
[2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData
[2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe
[2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu
[2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile
[2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger
[2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki
[2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys
[2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client
[2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell
[2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3
[2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus
[2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF
[2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania
[2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro
[2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe
[2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3
[2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll
[2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-31 16:01:01 | 000,000,236 | ---- | M] () -- D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-07-31 16:00:01 | 000,001,036 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI
[2010-07-31 06:41:51 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010-07-31 06:41:49 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-31 06:41:37 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-07-31 06:41:33 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-07-31 06:39:16 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat
[2010-07-31 06:39:16 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini
[2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini
[2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe
[2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old
[2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf
[2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf
[2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf
[2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf
[2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf
[2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf
[2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf
[2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf
[2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat
[2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat
[2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat
[2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat
[2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat
[2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat
[2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat
[2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat
[2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini
[2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI
[2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC
[2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll
[2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL
[2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe
[2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini
[2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak
[2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini
[2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini
[2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys
[2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll
[2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini
[2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll
[2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll
[2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2
[2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc
[2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek
[2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina
[2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
[2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ
[2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla
[2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack
[2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper
[2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10
[2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo
[2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER
[2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla
[2010-07-30 18:39:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech
[2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall
[2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent
[2010-07-31 16:01:01 | 000,000,236 | ---- | M] () -- D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010-07-31 06:41:51 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-31 06:41:23 | 1509,949,440 | -HS- | M] () -- D:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\ERDNT\cache\agp440.sys
[2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ERDNT\cache\atapi.sys
[2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\ERDNT\cache\eventlog.dll
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\system32\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\ERDNT\cache\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\ERDNT\cache\winlogon.exe
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\system32\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation
@Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
@Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807
< End of report >[/log]

[color="#FF0000"]Zgodnie z zasadami forum logi wstawiamy w tag [log][/log]
//Sohei[/color]

Gość
komentarz
komentarz

[quote]
DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger)
[/quote]
Sam zainstalowałeś?


[b]1.[/b] Uruchom [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b][color="blue"][u]SystemLook[/u][/color][/b][/url][b][color="blue"][/color][/b][color="blue"][/color]i w oknie wklej poniższy tekst, kliknij w [b]Look[/b] i czekaj na raport:

[code]
:filefind
wuauserv.dll
[/code]

[b]2.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Script[/b] wklej to:
[quote]
:OTL

@Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation
@Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
@Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807

O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell - "" = AutoRun
O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found

:Files
D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job



:Commands
[emptytemp]
[clearallrestorepoints]
[Reboot]
[/quote]
Kliknij wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.


[color="#FF0000"]Kolego jak już się bierzesz za sprawdzanie logów rób to dokładnie!!
catchme
rpcapd
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
oraz większość twojego skryptu usuwa prawidłowe wartości!!!
Jest to 1 ostrzeżenie , następne będzie karane warnem.
cpuz132_x32.sys ten plik w 1 kolejności przeskanuj na virustotal zanim go usuniesz.
Zanim usuniesz kikin najpierw pogadaj z autorem postu czy nie jest to przypadkiem plugin/nakładka do przeglądarki która zainstalował sam!

//Sohei[/color]

[color="#0000FF"]Zawartość twojego postu została skasowana celowo
//Sohei[/color]

slawek8939
komentarz
komentarz

raport z SystemLooki


SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 18:34 on 31/07/2010 by slawek (Administrator - Elevation successful)

========== filefind ==========

Searching for "wuauserv.dll"
D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\wuauserv.dll --a--- 6656 bytes [17:21 14/04/2008] [17:21 14/04/2008] 04550D5EB7EE82C115DB547C01DF09FD
D:\WINDOWS\system32\dllcache\wuauserv.dll --a--c 6656 bytes [16:05 20/03/2010] [22:44 03/08/2004] 40C600488FF127953AA2F1835E5FD433
D:\WINDOWS\system32\wuauserv.dll --a--- 6656 bytes [16:05 20/03/2010] [22:44 03/08/2004] 40C600488FF127953AA2F1835E5FD433

-=End Of File=-


Raport z OTL
[log]OTL Extras logfile created on: 2010-07-31 18:43:26 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 378,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): d:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,57% Space Free | Partition Type: NTFS
Drive D: | 33,36 Gb Total Space | 6,55 Gb Free Space | 19,62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-D69F46C83DE
Current User Name: slawek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

Error - 2010-07-31 11:05:29 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

Error - 2010-07-31 11:20:01 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 12:23:29 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies)
"D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found
"D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found
"D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found
"D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- ()
"D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"#1 CD Ripper 1.9" = #1 CD Ripper 1.9
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Biznes filmowy" = Biznes filmowy
"Biznes_0" = Biznes Filmowy 2 (v0.6.3)
"Borland C++Builder 1.0" = Borland C++Builder 1.0
"Caesar 3" = Caesar 3
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"CDisplay_is1" = CDisplay 1.8
"Cywilizacja III" = Cywilizacja III
"Cywilizacja III - Conquests" = Cywilizacja III - Conquests
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Driver Updater Pro" = Driver Updater Pro
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ET3" = English Translator 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"Pontifex II Demo" = Pontifex II Demo
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"Sierra Utilities" = Sierra Utilities
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Soulseek2" = SoulSeek 157 NS 13e
"STDSB" = Scroll Bar Driver V1.4.0.8
"SubEdit-Player_is1" = SubEdit-Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.3
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Określony serwer nie może wykonać żądanej operacji.

Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.

Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

Error - 2010-07-31 11:05:29 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

Error - 2010-07-31 11:20:01 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący
błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625.

[ System Events ]
Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010
Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się
w modelu DCOM w wymaganym czasie.

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126

Error - 2010-07-31 12:23:29 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2

Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023
Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący
błąd: %%126


< End of report >

I raport 2


OTL logfile created on: 2010-07-31 18:43:26 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,00 Mb Total Physical Memory | 378,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): d:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,57% Space Free | Partition Type: NTFS
Drive D: | 33,36 Gb Total Space | 6,55 Gb Free Space | 19,62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM-D69F46C83DE
Current User Name: slawek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe
PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-22 20:42:34 | 000,135,664 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\notepad.exe
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe
PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG)
DRV - [2010-07-31 06:54:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver)
DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger)
DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI)
DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS)
DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON)
DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP)
DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP)
DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB)
DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5
FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions
[2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions
[2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}
[2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com
[2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml
[2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.)
O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[clearallrestorepoints]
Restore points cleared and new OTL Restore Point set!

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-31 18:30:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-07-31 18:23:28 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit
[2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec
[2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys
[2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys
[2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys
[2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys
[2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys
[2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys
[2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys
[2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088
[2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar
[2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security
[2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader
[2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022
[2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec
[2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller
[2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent
[2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX
[2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++
[2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video
[2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder
[2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland
[2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland
[2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe
[2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5
[2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6
[2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga
[2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++
[2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali
[2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData
[2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe
[2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu
[2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile
[2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger
[2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki
[2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys
[2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client
[2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell
[2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3
[2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus
[2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF
[2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania
[2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro
[2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe
[2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3
[2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll
[2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010-07-31 18:27:44 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-31 18:27:31 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-07-31 18:27:26 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-07-31 18:24:46 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat
[2010-07-31 18:24:46 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini
[2010-07-31 18:20:05 | 000,100,908 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe
[2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI
[2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini
[2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe
[2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old
[2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-31 18:20:05 | 000,100,908 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe
[2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf
[2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf
[2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf
[2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf
[2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf
[2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf
[2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf
[2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf
[2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat
[2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat
[2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat
[2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat
[2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat
[2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat
[2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat
[2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat
[2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini
[2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI
[2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC
[2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll
[2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL
[2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe
[2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini
[2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak
[2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini
[2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini
[2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys
[2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll
[2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini
[2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll
[2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll
[2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2
[2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc
[2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek
[2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina
[2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
[2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ
[2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla
[2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack
[2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper
[2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10
[2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo
[2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER
[2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla
[2010-07-31 18:30:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech
[2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall
[2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent
[2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< :OTL >[/color]

[color=#A23BEC]< O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color]

[color=#A23BEC]< O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: GrzonuShell - hkey= - key= - File not found >[/color]

[color=#A23BEC]< O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: Icon - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: STDSB - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: VTTimer - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: VTTrayp - hkey= - key= - File not found >[/color]

[color=#A23BEC]< @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation >[/color]

[color=#A23BEC]< @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E >[/color]

[color=#A23BEC]< @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Files >[/color]

[color=#A23BEC]< D:\Documents and Settings\slawek\Dane aplikacji\kikin >[/color]

[color=#A23BEC]< D:\Program Files\kikin >[/color]

[color=#A23BEC]< D:\Program Files\Bridge It Demo >[/color]

[color=#A23BEC]< D:\Program Files\Pontifex II Demo >[/color]

[color=#A23BEC]< D:\Program Files\WinPcap >[/color]

[color=#A23BEC]< D:\Program Files\Nuclear Coffee >[/color]

[color=#A23BEC]< D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >[/color]

[color=#A23BEC]< D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Services >[/color]

[color=#A23BEC]< rpcapd >[/color]

[color=#A23BEC]< cpuz132 >[/color]

[color=#A23BEC]< catchme >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Reg >[/color]

[color=#A23BEC]< [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Commands >[/color]

[color=#A23BEC]< [emptytemp] >[/color]

[color=#A23BEC]< [Reboot] >[/color]
< End of report >
PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe
PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-22 20:42:34 | 000,135,664 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe
PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 00:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\notepad.exe
PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe
PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll
MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-07-11 20:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-10-27 01:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2006-10-27 01:48:34 | 000,955,680 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
MOD - [2006-10-27 01:48:02 | 000,222,512 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MOD - [2006-10-27 01:47:40 | 000,022,808 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveNew.dll
MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 00:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wininet.dll
MOD - [2004-08-04 00:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winhttp.dll
MOD - [2004-08-04 00:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wintrust.dll
MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 00:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\urlmon.dll
MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdocvw.dll
MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 00:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netapi32.dll
MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 00:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 00:44:06 | 001,236,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msxml3.dll
MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 00:44:06 | 000,278,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mstask.dll
MOD - [2004-08-04 00:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msimg32.dll
MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 00:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 00:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msasn1.dll
MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 00:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imagehlp.dll
MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 00:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\crypt32.dll
MOD - [2004-08-04 00:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptui.dll
MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 00:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dnsapi.dll
MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 00:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-03 22:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsaenh.dll
MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG)
DRV - [2010-07-31 06:54:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver)
DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger)
DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI)
DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS)
DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON)
DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP)
DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP)
DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB)
DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB)
DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5
FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions
[2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions
[2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}
[2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com
[2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml
[2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.)
O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-31 18:30:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-07-31 18:23:28 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit
[2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec
[2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys
[2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys
[2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys
[2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys
[2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys
[2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys
[2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys
[2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS
[2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088
[2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar
[2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security
[2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader
[2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022
[2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec
[2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller
[2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent
[2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX
[2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++
[2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video
[2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder
[2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland
[2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland
[2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe
[2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5
[2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6
[2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga
[2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++
[2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali
[2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData
[2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe
[2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu
[2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile
[2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT
[2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger
[2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki
[2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys
[2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client
[2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell
[2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3
[2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss
[2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus
[2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF
[2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania
[2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro
[2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe
[2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3
[2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll
[2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll
[2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010-07-31 18:27:44 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-31 18:27:31 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-07-31 18:27:26 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-07-31 18:24:46 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat
[2010-07-31 18:24:46 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini
[2010-07-31 18:20:05 | 000,100,908 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe
[2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe
[2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI
[2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL
[2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini
[2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe
[2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe
[2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe
[2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest
[2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe
[2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old
[2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-31 18:20:05 | 000,100,908 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe
[2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe
[2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB
[2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK
[2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf
[2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf
[2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf
[2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf
[2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf
[2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf
[2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf
[2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf
[2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat
[2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat
[2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat
[2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat
[2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat
[2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat
[2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat
[2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat
[2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini
[2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI
[2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk
[2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar
[2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html
[2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job
[2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk
[2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini
[2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties
[2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak
[2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma
[2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp
[2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp
[2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC
[2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll
[2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL
[2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk
[2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe
[2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF
[2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe
[2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe
[2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk
[2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls
[2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls
[2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls
[2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls
[2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls
[2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls
[2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls
[2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls
[2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls
[2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls
[2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls
[2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls
[2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls
[2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls
[2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls
[2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls
[2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls
[2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls
[2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls
[2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls
[2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls
[2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls
[2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls
[2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls
[2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls
[2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls
[2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls
[2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls
[2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls
[2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls
[2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk
[2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll
[2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll
[2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe
[2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll
[2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll
[2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe
[2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini
[2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak
[2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll
[2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI
[2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini
[2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini
[2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys
[2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll
[2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini
[2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll
[2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll
[2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2
[2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz
[2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc
[2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard
[2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek
[2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina
[2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla!
[2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
[2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp
[2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ
[2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla
[2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack
[2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper
[2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10
[2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo
[2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER
[2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla
[2010-07-31 18:30:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin
[2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech
[2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org
[2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall
[2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent
[2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< :OTL >[/color]

[color=#A23BEC]< O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color]

[color=#A23BEC]< O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: GrzonuShell - hkey= - key= - File not found >[/color]

[color=#A23BEC]< O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: Icon - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: STDSB - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: VTTimer - hkey= - key= - File not found >[/color]

[color=#A23BEC]< MsConfig - StartUpReg: VTTrayp - hkey= - key= - File not found >[/color]

[color=#A23BEC]< @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation >[/color]

[color=#A23BEC]< @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E >[/color]

[color=#A23BEC]< @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Files >[/color]

[color=#A23BEC]< D:\Documents and Settings\slawek\Dane aplikacji\kikin >[/color]

[color=#A23BEC]< D:\Program Files\kikin >[/color]

[color=#A23BEC]< D:\Program Files\Bridge It Demo >[/color]

[color=#A23BEC]< D:\Program Files\Pontifex II Demo >[/color]

[color=#A23BEC]< D:\Program Files\WinPcap >[/color]

[color=#A23BEC]< D:\Program Files\Nuclear Coffee >[/color]

[color=#A23BEC]< D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >[/color]

[color=#A23BEC]< D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Services >[/color]

[color=#A23BEC]< rpcapd >[/color]

[color=#A23BEC]< cpuz132 >[/color]

[color=#A23BEC]< catchme >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Reg >[/color]

[color=#A23BEC]< [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Commands >[/color]

[color=#A23BEC]< [emptytemp] >[/color]

[color=#A23BEC]< [Reboot] >[/color]

< End of report >[/log]

[color="#FF0000"]Ostatni raz powtarzam że logi wstawiamy w tag!!
2 sprawa na twoje szczęście źle wykonałeś polecenia kolegi z góry; )
przeczytaj to co w jego poście napisałem na czerwono i napisz czy kikin sam instalowałeś oraz przeskanuj wskazany przeze mnie plik na virustotal.
//Sohei[/color]

Nie mogę zlokalizować tego pliku. cpuz132_x32.sys

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.