slawek8939 utworzono 29 lipca 2010 utworzono 29 lipca 2010 (edytowane) Witam Mam mały problem, jak włączam jakiś program czy nawet przeglądarkę, to procesor zaczyna działać na 100% Co robić, czemu tak się dzieje - myślałem że może to jakiś wirus, ale mój anty wirus avast nic nie wykrył. Proszę o pomoc [color="#ff0000"] //przenoszę do logów do sprawdzenia //dan [/color]
itsmylife komentarz 30 lipca 2010 komentarz 30 lipca 2010 (edytowane) Podaj konfiguracje kompuitera oraz: system jaki uzywasz i natywirus jaki uzywasz. Sprawdz tez wciskajac ctrl alt del czy to na pewno przeglarka daje takie uzycie na procesor. Jesli uzywasz Firefoxa z jakas nowa aktualizacja ot powiem ze mialem podobnie. Niestety z Firefoxem cos sie ostatnio dzieje i nie jest to ta przegladarka co jheszcze pare miesiecy temu. A sory widzie ze masz AVAST. Wywal go , sciagnij ze strony symentec.com Norton Internet Security 2010. 30 dnuiowy trial. Zainstaluj, zrob aktualizacje i zrob pelne skanowanie systemu tez. W tej chwili to chyba najlepszy antywir.
slawek8939 komentarz 31 lipca 2010 Autor komentarz 31 lipca 2010 Nie wiem czy o to chodziło [spoiler] Komputer: Typ komputera Jednoprocesorowy komputer PC z interfejsem ACPI (Mobile) System operacyjny Microsoft Windows XP Professional Dodatek service pack systemu operacyjnego Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 (IE 6.0 SP2) DirectX 4.09.00.0904 (DirectX 9.0c) Nazwa komputera ---------- Nazwa użytkownika ---------- Domena logowania ---------- Data / Czas 2010-07-31 / 06:07 Płyta główna: Typ procesora Mobile Intel Celeron M 380, 1600 MHz (16 x 100) Nazwa płyty głównej NEC COMPUTERS INTERNATIONAL NEC Versa Premium Mikroukład płyty głównej VIA PN800 Pamięć fizyczna 960 MB (PC2700 DDR SDRAM) DIMM1: Hynix HYMD564M646CP6J 512 MB PC2700 DDR SDRAM (2.5-3-3-7 @ 166 MHz) (2.0-3-3-6 @ 133 MHz) DIMM2: Hynix HYMD564M646CP6J 512 MB PC2700 DDR SDRAM (2.5-3-3-7 @ 166 MHz) (2.0-3-3-6 @ 133 MHz) Typ BIOS'u Insyde (07/12/04) Ekran: Karta wideo VIA/S3G UniChrome Pro IGP (64 MB) Karta wideo VIA/S3G UniChrome Pro IGP (64 MB) Akcelerator 3D VIA/S3G UniChrome Pro Monitor Monitor Plug and Play Multimedia: Karta dźwiękowa Realtek ALC655 @ VIA AC'97 Enhanced Audio Controller Magazyn: Kontroler IDE Kontroler VIA Bus Master IDE Dysk fizyczny ST980811A (80 GB, 5400 RPM, Ultra-ATA/100) Napęd dysków optycznych _NEC DVD_RW ND-6750A (DVD+R9:8x, DVD-R9:6x, DVD+RW:8x/8x, DVD-RW:8x/8x, DVD-ROM:8x, CD:24x/16x/24x DVD+RW/DVD-RW) Status dysków SMART OK Partycje: C: (NTFS) 42147 MB (1920 MB wolne) D: (NTFS) 34161 MB (3928 MB wolne) Rozmiar całkowity 76308 MB (5848 MB wolne) Urządzenia wejściowe: Klawiatura Standardowa klawiatura 101/102 klawisze lub Microsoft Natural Keyboard PS/2 Mysz Synaptics PS/2 Port TouchPad Sieć: Podstawowy adres IP ---------- Podstawowy adres karty (MAC) 00-10-60-AF-67-35 Karta sieciowa Karta Fast Ethernet zgodna z VIA Karta sieciowa Ralink RT2500 Wireless LAN Card (192.168.2.7) Modem Motorola SM56 Speakerphone Modem Urządzenia zewnętrzne: Drukarka Microsoft XPS Document Writer Drukarka Wysyłanie do programu OneNote 2007 Kontroler USB1 VIA VT8235 USB Universal Host Controller Kontroler USB1 VIA VT8235 USB Universal Host Controller Kontroler USB1 VIA VT8235 USB Universal Host Controller Kontroler USB2 VIA VT8235 USB 2.0 Enhanced Host Controller Bateria Bateria Microsoft o metodzie kontroli zgodnej z ACPI Bateria Microsoft AC Adapter DMI: DMI: producent BIOS'u Insyde Software Corporation DMI: numer wersji BIOS'u R1.05 DMI (system): producent Packard Bell Computers International DMI (system): nazwa Packard Bell EasyNote DMI (system): numer wersji PB42B01101 DMI (system): numer seryjny 716104610235 DMI (system): identyfikator UUID F81B79E2-E522DB11-80004E45-435F4349 DMI (płyta główna): producent NEC COMPUTERS INTERNATIONAL DMI (płyta główna): nazwa NEC Versa Premium DMI (płyta główna): numer wersji 5a DMI (płyta główna): numer seryjny 12345678 DMI (obudowa): producent DMI (obudowa): numer wersji I DMI (obudowa): numer seryjny 50424E DMI (obudowa): metka środka trwałego 12345678 DMI (obudowa): typ Pizza Box [/spoiler] [color="#FF0000"] // Usuwam niepotrzebną część i wstawiam w tagi // Cyp[/color]
Gość komentarz 31 lipca 2010 komentarz 31 lipca 2010 Sprawdź czy procesor posiada dostateczną ilość pasty termoprzewodzącej oraz [url]http://www.forumpc.pl/index.php?showtopic=104338[/url]. Warto sprawdzić czy system jest zainfekowany.
slawek8939 komentarz 31 lipca 2010 Autor komentarz 31 lipca 2010 (edytowane) Jak się wstawia pliki w tagi [log]OTL Extras logfile created on: 2010-07-31 14:21:54 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 959,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 29,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): d:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,68% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-D69F46C83DE Current User Name: slawek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Extra Registry (SafeList) ==========[/color] [color="#e56717"]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#e56717"]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#e56717"]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color="#e56717"]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) [color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color="#e56717"]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report > [color="#e56717"]========== Extra Registry (SafeList) ==========[/color] [color="#e56717"]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#e56717"]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#e56717"]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color="#e56717"]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) [color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color="#e56717"]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report > OTL Extras logfile created on: 2010-07-31 14:21:54 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 959,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 29,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): d:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,68% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-D69F46C83DE Current User Name: slawek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Extra Registry (SafeList) ==========[/color] [color="#e56717"]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#e56717"]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#e56717"]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color="#e56717"]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) [color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color="#e56717"]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report > [color="#e56717"]========== Extra Registry (SafeList) ==========[/color] [color="#e56717"]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color="#e56717"]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#e56717"]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color="#e56717"]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- ([url="http://www.emule-project.net"]http://www.emule-project.net[/url]) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.) [color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color="#e56717"]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-29 17:58:53 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7022 Description = Usługa avast! Antivirus zawiesiła się podczas uruchamiania. Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report >[/log]
Gość komentarz 31 lipca 2010 komentarz 31 lipca 2010 Daj komplet logów, ponieważ log extras to za mało.
itsmylife komentarz 31 lipca 2010 komentarz 31 lipca 2010 Zamiast kombinowac ctrl alt del gdy masz tak mocne zuzycie procesora uruchom menedzer zadan wejdz w procesy i zobacz ktory proces daje tak duze zuzycie i bedzie wiadome gdzie lezy problem. Przeskanuj tez norton Internet Security 2010, przed instalacja wywal tego AVASTA.
slawek8939 komentarz 31 lipca 2010 Autor komentarz 31 lipca 2010 Do Sayan. Przepraszam, wstawiam jeszcze jeden plik o którym zapomniałem. Do itsmylife. Wyrzuciłem Avasta i przeskanowałem norton Internet Security 2010 i dalej to samo. Ja widzę jaki proces zwiększa mi wydajność procesowa, jak włączam gadu gadu to procesor zaczyna zapierdzielać 90 - 100% czy jakikolwiek program włączę, robi się to samo, nawet jak przeglądarka chodzi. Cały czas 100% no prawie a czas jądra prawie taki sam. Czy po prostu, to już stary laptop i trzeba zmienić. [log]OTL logfile created on: 2010-07-31 16:45:09 - Run 2 OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 959,00 Mb Total Physical Memory | 271,00 Mb Available Physical Memory | 28,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): d:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,56% Space Free | Partition Type: NTFS Drive D: | 33,36 Gb Total Space | 3,56 Gb Free Space | 10,67% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-D69F46C83DE Current User Name: slawek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe PRC - [2008-12-01 00:01:22 | 003,738,624 | ---- | M] (Artur Sikora) -- D:\Program Files\SubEdit-Player\subedit.exe PRC - [2005-03-10 10:44:34 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- D:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2005-03-10 10:43:30 | 000,688,218 | ---- | M] (Synaptics, Inc.) -- D:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe PRC - [2001-10-26 17:30:02 | 000,139,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\sndvol32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- D:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\slawek\USTAWI~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\slawek\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15) DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG) DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver) DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI) DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA) DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS) DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON) DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP) DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP) DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB) DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions [2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions [2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB} [2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com [2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml [2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions [2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKCU..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.) O4 - HKCU..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll File not found MsConfig - StartUpReg: [b]ctfmon.exe[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]GrzonuShell[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]HUAWEI 3G Data Card MTS[/b] - hkey= - key= - D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe (Huawei Technologies) MsConfig - StartUpReg: [b]Icon[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SMSERIAL[/b] - hkey= - key= - D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) MsConfig - StartUpReg: [b]snpstd3[/b] - hkey= - key= - D:\WINDOWS\vsnpstd3.exe () MsConfig - StartUpReg: [b]SoundMan[/b] - hkey= - key= - D:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]SP_ENGLISH[/b] - hkey= - key= - D:\Program Files\English Translator 3\HandyDict.exe (Techland) MsConfig - StartUpReg: [b]STDSB[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - D:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - StartUpReg: [b]SynTPLpr[/b] - hkey= - key= - D:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) MsConfig - StartUpReg: [b]VTTimer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]VTTrayp[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 1 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit [2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec [2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys [2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys [2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys [2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys [2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys [2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys [2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys [2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088 [2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar [2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security [2010-07-30 18:34:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-07-30 18:34:01 | 000,000,000 | ---D | C] -- D:\Program Files\kikin [2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader [2010-07-30 15:10:30 | 000,000,000 | ---D | C] -- D:\Program Files\Bridge It Demo [2010-07-30 14:46:42 | 000,000,000 | ---D | C] -- D:\Program Files\Pontifex II Demo [2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022 [2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec [2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller [2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent [2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX [2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++ [2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video [2010-07-28 21:40:55 | 000,000,000 | ---D | C] -- D:\Program Files\Nuclear Coffee [2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder [2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland [2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland [2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe [2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5 [2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6 [2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga [2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++ [2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali [2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData [2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe [2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu [2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile [2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER [2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT [2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger [2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki [2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys [2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys [2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll [2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll [2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys [2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client [2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell [2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3 [2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss [2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus [2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF [2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania [2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro [2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3 [2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll [2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll [4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-07-31 16:01:01 | 000,000,236 | ---- | M] () -- D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-07-31 16:00:01 | 000,001,036 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI [2010-07-31 06:41:51 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job [2010-07-31 06:41:49 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-31 06:41:37 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT [2010-07-31 06:41:33 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2010-07-31 06:39:16 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat [2010-07-31 06:39:16 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini [2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini [2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini [2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe [2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI [2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf [2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx [2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb [2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb [2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest [2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old [2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf [2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf [2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf [2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf [2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf [2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf [2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf [2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf [2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat [2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat [2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat [2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat [2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat [2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat [2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat [2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat [2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini [2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI [2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC [2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll [2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL [2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe [2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls [2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls [2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls [2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls [2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe [2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe [2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex [2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex [2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll [2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll [2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls [2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls [2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls [2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls [2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls [2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls [2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls [2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls [2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls [2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls [2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls [2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls [2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls [2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls [2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls [2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls [2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls [2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls [2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat [2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT [2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT [2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini [2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak [2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll [2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini [2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI [2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini [2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini [2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll [2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini [2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll [2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll [2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll [2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest [2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys [2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll [2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini [2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll [2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll [2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2 [2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc [2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek [2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2} [2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ [2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla [2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack [2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper [2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10 [2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo [2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER [2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla [2010-07-30 18:39:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech [2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall [2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent [2010-07-31 16:01:01 | 000,000,236 | ---- | M] () -- D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [2010-07-31 06:41:51 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-07-31 06:41:23 | 1509,949,440 | -HS- | M] () -- D:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\ERDNT\cache\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- D:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ERDNT\cache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\ERDNT\cache\beep.sys [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\ERDNT\cache\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\system32\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\ERDNT\cache\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\ERDNT\cache\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\system32\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 < End of report >[/log] [color="#FF0000"]Zgodnie z zasadami forum logi wstawiamy w tag [log][/log] //Sohei[/color]
Gość komentarz 31 lipca 2010 komentarz 31 lipca 2010 [quote] DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger) [/quote] Sam zainstalowałeś? [b]1.[/b] Uruchom [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b][color="blue"][u]SystemLook[/u][/color][/b][/url][b][color="blue"][/color][/b][color="blue"][/color]i w oknie wklej poniższy tekst, kliknij w [b]Look[/b] i czekaj na raport: [code] :filefind wuauserv.dll [/code] [b]2.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Script[/b] wklej to: [quote] :OTL @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{085285cc-8d76-11df-8243-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{5749d6ac-7ee7-11df-822a-001060af6735}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell - "" = AutoRun O33 - MountPoints2\{cbd4c2a8-7d6c-11df-8227-001060af6735}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found :Files D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job :Commands [emptytemp] [clearallrestorepoints] [Reboot] [/quote] Kliknij wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij Skanuj. Pokaż nowy log OTL.txt oraz raport z usuwania. [color="#FF0000"]Kolego jak już się bierzesz za sprawdzanie logów rób to dokładnie!! catchme rpcapd D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job oraz większość twojego skryptu usuwa prawidłowe wartości!!! Jest to 1 ostrzeżenie , następne będzie karane warnem. cpuz132_x32.sys ten plik w 1 kolejności przeskanuj na virustotal zanim go usuniesz. Zanim usuniesz kikin najpierw pogadaj z autorem postu czy nie jest to przypadkiem plugin/nakładka do przeglądarki która zainstalował sam! //Sohei[/color] [color="#0000FF"]Zawartość twojego postu została skasowana celowo //Sohei[/color]
slawek8939 komentarz 31 lipca 2010 Autor komentarz 31 lipca 2010 raport z SystemLooki SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 18:34 on 31/07/2010 by slawek (Administrator - Elevation successful) ========== filefind ========== Searching for "wuauserv.dll" D:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\wuauserv.dll --a--- 6656 bytes [17:21 14/04/2008] [17:21 14/04/2008] 04550D5EB7EE82C115DB547C01DF09FD D:\WINDOWS\system32\dllcache\wuauserv.dll --a--c 6656 bytes [16:05 20/03/2010] [22:44 03/08/2004] 40C600488FF127953AA2F1835E5FD433 D:\WINDOWS\system32\wuauserv.dll --a--- 6656 bytes [16:05 20/03/2010] [22:44 03/08/2004] 40C600488FF127953AA2F1835E5FD433 -=End Of File=- Raport z OTL [log]OTL Extras logfile created on: 2010-07-31 18:43:26 - Run 3 OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 959,00 Mb Total Physical Memory | 378,00 Mb Available Physical Memory | 39,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): d:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,57% Space Free | Partition Type: NTFS Drive D: | 33,36 Gb Total Space | 6,55 Gb Free Space | 19,62% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-D69F46C83DE Current User Name: slawek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. Error - 2010-07-31 11:05:29 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. Error - 2010-07-31 11:20:01 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 12:23:29 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "D:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "D:\Program Files\BitTorrent\bittorrent.exe" = D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "D:\Program Files\SoulseekNS\slsk.exe" = D:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- () "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = D:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem -- (Huawei Technologies) "D:\Program Files\Cain\Cain.exe" = D:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility -- File not found "D:\WINDOWS\system32\java.exe" = D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\GrzonuShell\GrzonuShell.exe" = D:\Program Files\GrzonuShell\GrzonuShell.exe:*:Enabled:GrzonuShell -- () "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Documents and Settings\slawek\Pulpit\wp.exe" = D:\Documents and Settings\slawek\Pulpit\wp.exe:*:Disabled:wp -- File not found "D:\Documents and Settings\slawek\Pulpit\xex.exe" = D:\Documents and Settings\slawek\Pulpit\xex.exe:*:Enabled:xex -- File not found "D:\Program Files\GrzonuShell\Łucja.exe" = D:\Program Files\GrzonuShell\Łucja.exe:*:Enabled:Łucja -- () "D:\Program Files\Java\jre6\bin\javaw.exe" = D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "#1 CD Ripper 1.9" = #1 CD Ripper 1.9 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = safeSEARCH Toolbar (CyberDefender Corporation) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Biznes filmowy" = Biznes filmowy "Biznes_0" = Biznes Filmowy 2 (v0.6.3) "Borland C++Builder 1.0" = Borland C++Builder 1.0 "Caesar 3" = Caesar 3 "Cain & Abel v4.9.35" = Cain & Abel v4.9.35 "CDisplay_is1" = CDisplay 1.8 "Cywilizacja III" = Cywilizacja III "Cywilizacja III - Conquests" = Cywilizacja III - Conquests "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Driver Updater Pro" = Driver Updater Pro "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "ET3" = English Translator 3 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NIS" = Norton Internet Security "NSS" = Norton Security Scan "Pontifex II Demo" = Pontifex II Demo "RealAlt_is1" = Real Alternative 1.9.0 Lite "Sierra Utilities" = Sierra Utilities "SMSERIAL" = Motorola SM56 Speakerphone Modem "Soulseek2" = SoulSeek 157 NS 13e "STDSB" = Scroll Bar Driver V1.4.0.8 "SubEdit-Player_is1" = SubEdit-Player "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0342 "VideoGet_is1" = Nuclear Coffee - VideoGet "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.3.3 "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-30 03:00:53 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2010-07-30 03:00:54 | Computer Name = DOM-D69F46C83DE | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error - 2010-07-31 07:40:11 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. Error - 2010-07-31 11:05:29 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. Error - 2010-07-31 11:20:01 | Computer Name = DOM-D69F46C83DE | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd firefox.exe, wersja 1.9.2.3855, moduł powodujący błąd kikin_3_6.dll, wersja 2.1.4.0, adres błędu 0x0004c625. [ System Events ] Error - 2010-07-30 08:57:24 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:19 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-30 08:58:49 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:03:36 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 00:04:06 | Computer Name = DOM-D69F46C83DE | Source = DCOM | ID = 10010 Description = Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 00:42:48 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-07-31 12:23:29 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi STDSB z powodu następującego błędu: %%2 Error - 2010-07-31 12:28:10 | Computer Name = DOM-D69F46C83DE | Source = Service Control Manager | ID = 7023 Description = Usługa Aktualizacje automatyczne zakończyła działanie; wystąpił następujący błąd: %%126 < End of report > I raport 2 OTL logfile created on: 2010-07-31 18:43:26 - Run 3 OTL by OldTimer - Version 3.2.9.1 Folder = D:\Documents and Settings\slawek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 959,00 Mb Total Physical Memory | 378,00 Mb Available Physical Memory | 39,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): d:\pagefile.sys 1440 2880 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 41,16 Gb Total Space | 1,88 Gb Free Space | 4,57% Space Free | Partition Type: NTFS Drive D: | 33,36 Gb Total Space | 6,55 Gb Free Space | 19,62% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-D69F46C83DE Current User Name: slawek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-03-22 20:42:34 | 000,135,664 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\notepad.exe PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15) DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG) DRV - [2010-07-31 06:54:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver) DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI) DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA) DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS) DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON) DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP) DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP) DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB) DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions [2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions [2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB} [2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com [2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml [2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions [2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.) O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [clearallrestorepoints] Restore points cleared and new OTL Restore Point set! [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-31 18:30:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-07-31 18:23:28 | 000,000,000 | ---D | C] -- D:\_OTL [2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit [2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec [2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys [2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys [2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys [2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys [2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys [2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys [2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys [2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088 [2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar [2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security [2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader [2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022 [2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec [2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller [2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent [2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX [2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++ [2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video [2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder [2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland [2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland [2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe [2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5 [2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6 [2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga [2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++ [2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali [2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData [2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe [2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu [2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile [2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER [2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT [2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger [2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki [2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys [2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys [2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll [2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll [2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys [2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client [2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell [2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3 [2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss [2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus [2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF [2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania [2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro [2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3 [2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll [2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job [2010-07-31 18:27:44 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-31 18:27:31 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT [2010-07-31 18:27:26 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2010-07-31 18:24:46 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat [2010-07-31 18:24:46 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini [2010-07-31 18:20:05 | 000,100,908 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe [2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI [2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini [2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini [2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe [2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI [2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf [2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx [2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb [2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb [2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest [2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old [2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-31 18:20:05 | 000,100,908 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe [2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf [2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf [2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf [2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf [2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf [2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf [2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf [2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf [2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat [2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat [2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat [2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat [2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat [2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat [2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat [2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat [2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini [2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI [2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC [2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll [2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL [2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe [2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls [2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls [2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls [2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls [2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe [2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe [2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex [2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex [2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll [2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll [2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls [2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls [2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls [2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls [2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls [2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls [2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls [2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls [2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls [2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls [2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls [2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls [2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls [2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls [2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls [2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls [2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls [2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls [2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat [2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT [2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT [2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini [2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak [2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll [2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini [2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI [2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini [2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini [2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll [2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini [2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll [2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll [2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll [2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest [2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys [2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll [2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini [2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll [2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll [2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2 [2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc [2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek [2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2} [2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ [2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla [2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack [2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper [2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10 [2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo [2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER [2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla [2010-07-31 18:30:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech [2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall [2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent [2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :OTL >[/color] [color=#A23BEC]< O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color] [color=#A23BEC]< O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color] [color=#A23BEC]< MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: GrzonuShell - hkey= - key= - File not found >[/color] [color=#A23BEC]< O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: Icon - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: STDSB - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: VTTimer - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: VTTrayp - hkey= - key= - File not found >[/color] [color=#A23BEC]< @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation >[/color] [color=#A23BEC]< @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E >[/color] [color=#A23BEC]< @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Files >[/color] [color=#A23BEC]< D:\Documents and Settings\slawek\Dane aplikacji\kikin >[/color] [color=#A23BEC]< D:\Program Files\kikin >[/color] [color=#A23BEC]< D:\Program Files\Bridge It Demo >[/color] [color=#A23BEC]< D:\Program Files\Pontifex II Demo >[/color] [color=#A23BEC]< D:\Program Files\WinPcap >[/color] [color=#A23BEC]< D:\Program Files\Nuclear Coffee >[/color] [color=#A23BEC]< D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >[/color] [color=#A23BEC]< D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Services >[/color] [color=#A23BEC]< rpcapd >[/color] [color=#A23BEC]< cpuz132 >[/color] [color=#A23BEC]< catchme >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Reg >[/color] [color=#A23BEC]< [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Commands >[/color] [color=#A23BEC]< [emptytemp] >[/color] [color=#A23BEC]< [Reboot] >[/color] < End of report > PRC - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe PRC - [2010-07-26 15:08:42 | 002,479,712 | ---- | M] (Lavalys, Inc.) -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe PRC - [2010-07-24 00:32:28 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-24 00:32:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-05-08 13:56:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-04-21 10:40:00 | 011,985,504 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-03-22 20:42:34 | 000,135,664 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\notepad.exe PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2004-08-04 00:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe PRC - [2004-05-10 00:02:28 | 000,512,000 | ---- | M] (Techland) -- D:\Program Files\English Translator 3\HandyDict.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe MOD - [2009-09-01 10:23:05 | 000,405,872 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\asOEHook.dll MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2009-07-11 20:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2006-10-27 01:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2006-10-27 01:48:34 | 000,955,680 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveUtil.dll MOD - [2006-10-27 01:48:02 | 000,222,512 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll MOD - [2006-10-27 01:47:40 | 000,022,808 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office12\GrooveNew.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,658,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wininet.dll MOD - [2004-08-04 00:44:16 | 000,351,232 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winhttp.dll MOD - [2004-08-04 00:44:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wintrust.dll MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 00:44:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-04 00:44:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ws2help.dll MOD - [2004-08-04 00:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 00:44:14 | 000,602,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\urlmon.dll MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shdocvw.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 00:44:08 | 000,332,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\netapi32.dll MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-04 00:44:06 | 001,236,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msxml3.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:06 | 000,278,528 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mstask.dll MOD - [2004-08-04 00:44:06 | 000,004,608 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msimg32.dll MOD - [2004-08-04 00:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-04 00:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mpr.dll MOD - [2004-08-04 00:44:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msasn1.dll MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 00:44:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,601,088 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\crypt32.dll MOD - [2004-08-04 00:43:56 | 000,520,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\cryptui.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:56 | 000,148,480 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dnsapi.dll MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\apphelp.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx MOD - [2004-08-03 22:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rsaenh.dll MOD - [2002-07-08 02:08:02 | 000,049,152 | ---- | M] () -- D:\Program Files\English Translator 3\WinHook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2009-08-25 00:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-07-31 06:54:29 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVEX15.SYS -- (NAVEX15) DRV - [2010-07-31 06:54:27 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100730.048\NAVENG.SYS -- (NAVENG) DRV - [2010-07-31 06:54:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010-07-31 06:54:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010-07-09 21:44:46 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010-07-06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2010-06-17 23:13:36 | 000,027,760 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\kerneld.wnt -- (EverestDriver) DRV - [2010-04-05 18:03:44 | 001,096,832 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2010-04-05 18:03:34 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2009-11-20 16:51:48 | 000,055,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\slawek\Pulpit\Keylogger\AntiKey.sys -- (AntiKeyLogger) DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009-08-30 02:17:21 | 000,361,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMTDI.SYS -- (SYMTDI) DRV - [2009-08-30 02:17:20 | 000,169,008 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMEFA.SYS -- (SymEFA) DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SYMDS.SYS -- (SymDS) DRV - [2009-08-30 02:16:50 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\Ironx86.SYS -- (SymIRON) DRV - [2009-08-30 02:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP) DRV - [2009-08-30 02:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2009-08-25 00:50:39 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\NIS\1100000.088\ccHPx86.sys -- (ccHP) DRV - [2007-08-08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-04-13 19:24:04 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (STDSB) DRV - [2005-08-25 07:00:16 | 000,011,279 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\STDSB.sys -- (MTC0007_STDSB) DRV - [2005-08-19 18:31:52 | 003,644,800 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-03-10 10:31:40 | 000,189,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005-02-23 11:46:00 | 000,228,992 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Encyklopedia PWN" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:2.0 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.1 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14774&locale=en_UK&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010-07-31 06:32:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: D:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010-07-31 06:32:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-07-28 13:49:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-07-27 16:47:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-21 15:10:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Extensions [2010-07-31 09:54:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions [2010-04-06 16:45:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-23 00:07:49 | 000,000,000 | ---D | M] (Speed Dial) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010-07-28 22:03:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB} [2010-07-30 18:39:14 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010-04-15 17:26:13 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-04-11 03:43:15 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-06-18 20:12:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\extensions\toolbar@ask.com [2010-04-11 15:09:37 | 000,002,426 | ---- | M] () -- D:\Documents and Settings\slawek\Dane aplikacji\Mozilla\Firefox\Profiles\hyymiy33.default\searchplugins\askcom.xml [2010-07-31 09:54:53 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions [2010-05-08 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-08 13:56:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-06-23 18:08:13 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-23 18:08:13 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-23 18:08:13 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-23 18:08:13 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-23 18:08:13 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-23 18:08:13 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-06-25 19:24:44 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [EVEREST AutoStart] D:\Documents and Settings\slawek\Moje dokumenty\Downloads\Everest Ultimate Edition 5.50\EVEREST Ultimate Edition 5.50.2209 Beta\FFF_Keygen\everest.exe (Lavalys, Inc.) O4 - HKU\S-1-5-21-1229272821-287218729-725345543-1003..\Run: [SP_ENGLISH] D:\Program Files\English Translator 3\HandyDict.exe (Techland) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1229272821-287218729-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Funkcja Google Sidewiki - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-03-18 02:46:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-07-31 18:30:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-07-31 18:23:28 | 000,000,000 | ---D | C] -- D:\_OTL [2010-07-31 13:54:16 | 000,000,000 | ---D | C] -- D:\rsit [2010-07-31 13:47:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 06:31:47 | 000,124,976 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | C] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,000,000 | ---D | C] -- D:\Program Files\Symantec [2010-07-31 06:31:27 | 000,361,392 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdi.sys [2010-07-31 06:31:27 | 000,338,480 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symtdiv.sys [2010-07-31 06:31:27 | 000,169,008 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.sys [2010-07-31 06:31:26 | 000,328,752 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.sys [2010-07-31 06:31:26 | 000,043,696 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.sys [2010-07-31 06:31:25 | 000,325,168 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.sys [2010-07-31 06:31:23 | 000,114,736 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Ironx86.sys [2010-07-31 06:31:22 | 000,501,888 | R--- | C] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.sys [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS [2010-07-31 06:29:40 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NIS\1100000.088 [2010-07-31 06:29:37 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Sidebar [2010-07-31 06:29:31 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Internet Security [2010-07-30 18:32:50 | 000,000,000 | ---D | C] -- D:\Program Files\JDownloader [2010-07-30 08:56:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Symantec Shared [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Program Files\Norton Security Scan [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Norton [2010-07-30 01:47:21 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\NSS\0207030.022 [2010-07-30 01:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Symantec [2010-07-30 01:47:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2010-07-30 01:47:12 | 000,000,000 | ---D | C] -- D:\Program Files\NortonInstaller [2010-07-30 00:04:02 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\slawek\Recent [2010-07-29 22:50:38 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\DivX [2010-07-28 21:42:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Filmy C++ [2010-07-28 21:41:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Moje dokumenty\My Downloaded Video [2010-07-28 19:17:51 | 000,000,000 | ---D | C] -- D:\Program Files\PDFBinder [2010-07-28 18:31:59 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Borland [2010-07-28 18:30:55 | 000,000,000 | ---D | C] -- D:\Program Files\Borland [2010-07-28 18:30:44 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- D:\WINDOWS\uninst.exe [2010-07-28 18:28:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 5 [2010-07-28 18:18:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Borland C++ 6 [2010-07-28 16:31:14 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-07-28 14:23:55 | 000,000,000 | ---D | C] -- D:\Program Files\Tomiga [2010-07-27 16:41:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Symfonia C++ [2010-07-26 20:55:47 | 000,983,204 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:48 | 000,421,515 | ---- | C] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-24 21:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\Haali [2010-07-24 20:03:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\NtmsData [2010-07-24 19:30:12 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\dokumentu tekstowe [2010-07-24 18:50:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Nieużywane skróty pulpitu [2010-06-30 07:58:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\emaile [2010-06-25 19:54:15 | 000,000,000 | -HSD | C] -- D:\RECYCLER [2010-06-25 19:17:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERDNT [2010-06-25 18:37:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\Keylogger [2010-06-21 23:34:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\sterowniki [2010-06-21 23:14:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-06-21 21:40:51 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewusbmdm.sys [2010-06-21 21:40:51 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- D:\WINDOWS\System32\drivers\ewdcsc.sys [2010-06-21 21:25:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll [2010-06-21 21:21:02 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll [2010-06-21 21:21:02 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll [2010-06-21 21:19:13 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys [2010-06-20 14:30:05 | 000,000,000 | ---D | C] -- D:\Program Files\FileZilla FTP Client [2010-06-20 00:37:44 | 000,000,000 | ---D | C] -- D:\Program Files\GrzonuShell [2010-06-20 00:12:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-06-20 00:11:41 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\iS3 [2010-06-20 00:11:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:58:51 | 000,390,656 | ---- | C] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 21:37:08 | 000,000,000 | ---D | C] -- D:\WINDOWS\pss [2010-06-19 21:16:34 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\brutus [2010-06-18 00:10:50 | 000,000,000 | -H-D | C] -- D:\WINDOWS\PIF [2010-06-17 00:43:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Pulpit\wyciszanie nagrania [2010-06-11 21:58:26 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro [2010-06-10 19:48:13 | 025,321,384 | ---- | C] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [2010-06-03 00:14:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-06-03 00:10:02 | 000,000,000 | ---D | C] -- D:\Program Files\OpenOffice.org 3 [2010-04-19 17:52:25 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpstd3.dll [2010-04-19 17:52:24 | 000,172,032 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnpstd3.dll [2010-04-19 17:52:23 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\csnpstd3.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job [2010-07-31 18:27:44 | 000,001,032 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-07-31 18:27:31 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT [2010-07-31 18:27:26 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2010-07-31 18:24:46 | 005,242,880 | ---- | M] () -- D:\Documents and Settings\slawek\ntuser.dat [2010-07-31 18:24:46 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\slawek\ntuser.ini [2010-07-31 18:20:05 | 000,100,908 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe [2010-07-31 15:25:27 | 000,201,216 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-31 15:17:57 | 000,000,476 | -H-- | M] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-31 13:52:41 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 13:47:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\slawek\Pulpit\OTL.exe [2010-07-31 12:56:07 | 000,000,085 | ---- | M] () -- D:\WINDOWS\CIV.INI [2010-07-31 06:32:03 | 000,495,802 | ---- | M] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,124,976 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010-07-31 06:31:47 | 000,060,808 | ---- | M] (Symantec Corporation) -- D:\WINDOWS\System32\S32EVNT1.DLL [2010-07-31 06:31:47 | 000,007,443 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | M] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:05:15 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2010-07-30 20:54:37 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2010-07-30 18:35:57 | 043,487,886 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 18:33:39 | 000,000,740 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 09:13:35 | 000,003,526 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:29 | 000,000,979 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 21:51:44 | 000,002,267 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-07-29 17:09:26 | 000,000,119 | ---- | M] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 13:42:46 | 000,000,834 | ---- | M] () -- D:\WINDOWS\win.ini [2010-07-29 13:42:46 | 000,000,227 | ---- | M] () -- D:\WINDOWS\system.ini [2010-07-28 21:41:02 | 000,000,751 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:24 | 000,001,803 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:24 | 000,000,597 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:33:20 | 000,000,876 | ---- | M] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 17:14:29 | 000,000,445 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-28 04:25:20 | 001,576,500 | -H-- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-07-26 20:55:50 | 000,983,204 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuAmp.exe [2010-07-26 18:42:49 | 000,421,515 | ---- | M] (Grzonu ) -- D:\Documents and Settings\slawek\Pulpit\GrzonuShell.exe [2010-07-25 17:34:42 | 000,014,336 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:18:11 | 000,718,824 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | M] () -- D:\Documents and Settings\slawek\x.exe [2010-07-13 13:24:23 | 000,494,214 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2010-07-13 13:24:23 | 000,085,334 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2010-07-13 13:24:22 | 001,096,384 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI [2010-07-13 13:24:22 | 000,435,594 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2010-07-13 13:24:22 | 000,068,490 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2010-06-25 19:24:44 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-06-24 20:38:14 | 000,000,240 | ---- | M] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-22 19:29:42 | 000,004,456 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-06-21 21:41:07 | 000,001,720 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:24:22 | 000,295,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-06-21 21:23:23 | 000,027,151 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf [2010-06-21 21:18:03 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx [2010-06-21 21:18:02 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb [2010-06-21 21:18:02 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb [2010-06-21 21:17:44 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\WindowsLogon.manifest [2010-06-21 21:16:47 | 000,000,488 | RH-- | M] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | M] () -- D:\WINDOWS\System32\cdplayer.exe.manifest [2010-06-21 21:14:55 | 000,023,044 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-06-21 00:12:43 | 000,000,783 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-20 00:25:54 | 001,694,953 | ---- | M] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:59:12 | 000,390,656 | ---- | M] (iS3, Inc.) -- D:\Documents and Settings\slawek\Pulpit\STOPzilla_Setup.exe [2010-06-19 23:18:25 | 000,177,692 | ---- | M] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | M] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | M] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | M] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-18 19:51:28 | 000,075,064 | ---- | M] () -- D:\Documents and Settings\slawek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-18 00:23:10 | 000,000,000 | ---- | M] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-06-14 22:03:42 | 000,769,732 | ---- | M] () -- D:\WINDOWS\setupapi.old [2010-06-10 19:57:54 | 025,321,384 | ---- | M] ( ) -- D:\Documents and Settings\slawek\Pulpit\AdbeRdr90_pl_PL.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-07-31 18:20:05 | 000,100,908 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\SystemLook.exe [2010-07-31 13:52:40 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\RSIT.exe [2010-07-31 06:31:55 | 000,495,802 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Cat.DB [2010-07-31 06:31:47 | 000,007,443 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.CAT [2010-07-31 06:31:47 | 000,000,805 | ---- | C] () -- D:\WINDOWS\System32\drivers\SYMEVENT.INF [2010-07-31 06:31:32 | 000,001,984 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Internet Security.LNK [2010-07-31 06:30:24 | 000,003,375 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.inf [2010-07-31 06:30:24 | 000,002,793 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.inf [2010-07-31 06:30:24 | 000,001,756 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\ccHPx86.inf [2010-07-31 06:30:24 | 000,001,475 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNetV.inf [2010-07-31 06:30:24 | 000,001,447 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.inf [2010-07-31 06:30:24 | 000,001,389 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.inf [2010-07-31 06:30:24 | 000,001,383 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.inf [2010-07-31 06:30:24 | 000,000,743 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\Iron.inf [2010-07-31 06:29:41 | 000,007,787 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\symnetv.cat [2010-07-31 06:29:41 | 000,007,438 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtsp.cat [2010-07-31 06:29:41 | 000,007,431 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymEFA.cat [2010-07-31 06:29:41 | 000,007,429 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\srtspx.cat [2010-07-31 06:29:41 | 000,007,425 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymDS.cat [2010-07-31 06:29:41 | 000,007,424 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\iron.cat [2010-07-31 06:29:41 | 000,007,396 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\cchpx86.cat [2010-07-31 06:29:41 | 000,007,355 | R--- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\SymNet.cat [2010-07-31 06:29:40 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NIS\1100000.088\isolate.ini [2010-07-30 18:44:53 | 000,000,085 | ---- | C] () -- D:\WINDOWS\CIV.INI [2010-07-30 18:33:39 | 000,000,740 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\JDownloader.lnk [2010-07-30 18:30:19 | 043,487,886 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Civilization_II.rar [2010-07-30 09:13:33 | 000,003,526 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\index.html [2010-07-30 01:47:33 | 000,000,476 | -H-- | C] () -- D:\WINDOWS\tasks\Norton Security Scan for slawek.job [2010-07-30 01:47:29 | 000,000,979 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Norton Security Scan.lnk [2010-07-30 01:47:21 | 000,000,172 | ---- | C] () -- D:\WINDOWS\System32\drivers\NSS\0207030.022\isolate.ini [2010-07-29 17:08:03 | 000,000,119 | ---- | C] () -- D:\Documents and Settings\slawek\.jupload.properties [2010-07-29 08:59:15 | 000,165,448 | ---- | C] () -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-07-28 21:41:02 | 000,000,751 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\VideoGet.lnk [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.mak [2010-07-28 18:34:22 | 000,001,803 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~ma [2010-07-28 18:34:22 | 000,000,876 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.res [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.cpp [2010-07-28 18:34:22 | 000,000,597 | ---- | C] () -- D:\Documents and Settings\slawek\Moje dokumenty\Project1.~cp [2010-07-28 18:31:35 | 000,000,432 | ---- | C] () -- D:\WINDOWS\System32\CFX32.LIC [2010-07-28 18:30:55 | 000,181,248 | ---- | C] () -- D:\WINDOWS\System32\PPUNINST.dll [2010-07-28 18:30:55 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\PDUNINST.DLL [2010-07-28 17:14:29 | 000,000,445 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\Dev-C++ (2).lnk [2010-07-25 17:34:42 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\foty.exe [2010-07-25 15:31:12 | 000,002,855 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.PIF [2010-07-24 21:15:42 | 000,718,824 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\MatroskaSplitter_mkv.exe [2010-07-21 13:21:06 | 000,027,840 | ---- | C] () -- D:\Documents and Settings\slawek\x.exe [2010-06-24 20:38:14 | 000,000,240 | ---- | C] () -- D:\WINDOWS\System32\drivers\kgpcpy.cfg [2010-06-21 21:41:07 | 000,001,720 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\3 USB Modem.lnk [2010-06-21 21:21:52 | 000,028,288 | ---- | C] () -- D:\WINDOWS\System32\dllcache\xjis.nls [2010-06-21 21:20:53 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prcp.nls [2010-06-21 21:20:52 | 000,083,748 | ---- | C] () -- D:\WINDOWS\System32\dllcache\prc.nls [2010-06-21 21:20:51 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-06-21 21:20:12 | 000,047,066 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ksc.nls [2010-06-21 21:20:11 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-06-21 21:20:00 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe [2010-06-21 21:19:58 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe [2010-06-21 21:19:56 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex [2010-06-21 21:19:45 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-06-21 21:19:39 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex [2010-06-21 21:19:33 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll [2010-06-21 21:19:15 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll [2010-06-21 21:19:12 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_870.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_864.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_862.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_858.nls [2010-06-21 21:19:11 | 000,066,594 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_720.nls [2010-06-21 21:19:11 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_708.nls [2010-06-21 21:19:10 | 000,180,770 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20932.nls [2010-06-21 21:19:10 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20949.nls [2010-06-21 21:19:10 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20936.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_28596.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21027.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_21025.nls [2010-06-21 21:19:10 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20924.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20880.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20871.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20838.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20833.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20424.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20423.nls [2010-06-21 21:19:09 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20420.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20297.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20290.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20285.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20284.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20280.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20278.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20277.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20273.nls [2010-06-21 21:19:08 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20269.nls [2010-06-21 21:19:07 | 000,187,938 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20005.nls [2010-06-21 21:19:07 | 000,185,378 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20003.nls [2010-06-21 21:19:07 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20004.nls [2010-06-21 21:19:07 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20002.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20108.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20107.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20106.nls [2010-06-21 21:19:07 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20105.nls [2010-06-21 21:19:06 | 000,189,986 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1361.nls [2010-06-21 21:19:06 | 000,186,402 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20001.nls [2010-06-21 21:19:06 | 000,180,258 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_20000.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1149.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1148.nls [2010-06-21 21:19:06 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1147.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1146.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1145.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1144.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1143.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1142.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1141.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1140.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_1047.nls [2010-06-21 21:19:05 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10021.nls [2010-06-21 21:19:04 | 000,195,618 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10002.nls [2010-06-21 21:19:04 | 000,177,698 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10003.nls [2010-06-21 21:19:04 | 000,173,602 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10008.nls [2010-06-21 21:19:04 | 000,162,850 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10001.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10005.nls [2010-06-21 21:19:04 | 000,066,082 | ---- | C] () -- D:\WINDOWS\System32\dllcache\c_10004.nls [2010-06-21 21:19:03 | 000,082,172 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bopomofo.nls [2010-06-21 21:19:02 | 000,066,728 | ---- | C] () -- D:\WINDOWS\System32\dllcache\big5.nls [2010-06-21 21:16:47 | 000,000,488 | RH-- | C] () -- D:\WINDOWS\System32\logonui.exe.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\WindowsShell.Manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\sapi.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\nwc.cpl.manifest [2010-06-21 21:16:39 | 000,000,749 | RH-- | C] () -- D:\WINDOWS\System32\ncpa.cpl.manifest [2010-06-21 21:07:05 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat [2010-06-21 21:07:04 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-06-21 21:07:04 | 000,030,983 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT [2010-06-21 21:07:04 | 000,014,043 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT [2010-06-21 21:07:04 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-06-21 21:07:04 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-06-21 00:12:43 | 000,000,783 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\FileZilla (2).lnk [2010-06-19 23:47:14 | 001,694,953 | ---- | C] () -- D:\WINDOWS\System32\shdcache.dll [2010-06-19 23:15:18 | 000,177,692 | ---- | C] () -- D:\WINDOWS\System32\pancache.dll [2010-06-19 15:21:00 | 002,953,216 | ---- | C] () -- D:\WINDOWS\System32\pentnsvr.exe [2010-06-19 15:13:48 | 001,094,144 | ---- | C] () -- D:\WINDOWS\System32\kbdtux86.dll [2010-06-19 15:13:48 | 000,135,168 | ---- | C] () -- D:\WINDOWS\System32\psbase32.dll [2010-06-17 23:53:38 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\slawek\Pulpit\serwer.exe [2010-04-19 17:52:41 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snpstd3.ini [2010-04-11 04:41:26 | 000,258,048 | ---- | C] () -- D:\WINDOWS\System32\libFLAC.dll.bak [2010-03-29 16:24:18 | 000,043,520 | ---- | C] () -- D:\WINDOWS\System32\CmdLineExt03.dll [2010-03-23 02:42:19 | 000,000,073 | ---- | C] () -- D:\WINDOWS\wininit.ini [2010-03-22 13:41:02 | 000,000,458 | ---- | C] () -- D:\WINDOWS\SIERRA.INI [2010-03-21 19:22:34 | 000,001,065 | ---- | C] () -- D:\WINDOWS\Winamp.ini [2010-03-21 19:22:29 | 000,000,041 | ---- | C] () -- D:\WINDOWS\winampa.ini [2010-03-21 08:17:32 | 000,178,176 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll [2010-03-21 08:17:31 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini [2010-03-21 08:17:28 | 000,881,664 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll [2010-03-21 08:17:28 | 000,205,824 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll [2010-03-21 08:17:26 | 000,085,504 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll [2010-03-21 08:17:26 | 000,000,547 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll.manifest [2010-03-20 18:34:14 | 000,011,279 | ---- | C] () -- D:\WINDOWS\System32\drivers\STDSB.sys [2010-03-20 18:34:14 | 000,003,584 | ---- | C] () -- D:\WINDOWS\System32\drivers\mxkeybd.dll [2010-03-20 18:34:14 | 000,001,495 | ---- | C] () -- D:\WINDOWS\System32\drivers\HotKey.ini [2010-03-10 19:23:38 | 000,156,672 | R--- | C] () -- D:\WINDOWS\System32\RTLCPAPI.dll [2009-10-20 20:19:30 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll [2007-11-09 13:01:59 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-07-31 06:05:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-12 23:45:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Biznes Filmowy 2 [2010-06-21 23:14:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Driver Whiz [2010-04-08 18:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-03-21 16:39:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-03-21 08:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-04-04 00:13:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-03-27 23:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2010-04-05 17:39:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc [2010-06-20 00:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\SITEguard [2010-03-21 17:18:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Soulseek [2010-05-19 21:03:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-21 10:58:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! [2010-06-19 23:50:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-04-05 16:17:34 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\{CC51AE54-B346-4954-ADDB-30BD4F138CF2} [2010-07-28 17:09:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Dev-Cpp [2010-03-21 20:43:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\DriveHQ [2010-07-28 18:43:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FileZilla [2010-03-28 13:59:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeAudioPack [2010-04-05 07:44:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\FreeCDRipper [2010-07-17 10:19:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Gadu-Gadu 10 [2010-06-21 22:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GetRightToGo [2010-03-21 17:37:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\GHISLER [2010-06-19 23:40:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\ipla [2010-07-31 18:30:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\kikin [2010-03-29 16:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Leadertech [2010-06-03 00:14:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\OpenOffice.org [2010-04-06 15:00:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\Thinstall [2010-07-31 05:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\slawek\Dane aplikacji\uTorrent [2010-07-31 18:28:22 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :OTL >[/color] [color=#A23BEC]< O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color] [color=#A23BEC]< O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - D:\Program Files\kikin\ie_kikin.dll (kikin) >[/color] [color=#A23BEC]< MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: GrzonuShell - hkey= - key= - File not found >[/color] [color=#A23BEC]< O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: Icon - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: STDSB - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: VTTimer - hkey= - key= - File not found >[/color] [color=#A23BEC]< MsConfig - StartUpReg: VTTrayp - hkey= - key= - File not found >[/color] [color=#A23BEC]< @Alternate Data Stream - 88 bytes -> D:\Documents and Settings\slawek\Pulpit\serwer.exe:SummaryInformation >[/color] [color=#A23BEC]< @Alternate Data Stream - 159 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E >[/color] [color=#A23BEC]< @Alternate Data Stream - 121 bytes -> D:\Documents and Settings\All Users\Dane aplikacji\TEMP:8303F807 >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Files >[/color] [color=#A23BEC]< D:\Documents and Settings\slawek\Dane aplikacji\kikin >[/color] [color=#A23BEC]< D:\Program Files\kikin >[/color] [color=#A23BEC]< D:\Program Files\Bridge It Demo >[/color] [color=#A23BEC]< D:\Program Files\Pontifex II Demo >[/color] [color=#A23BEC]< D:\Program Files\WinPcap >[/color] [color=#A23BEC]< D:\Program Files\Nuclear Coffee >[/color] [color=#A23BEC]< D:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >[/color] [color=#A23BEC]< D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Services >[/color] [color=#A23BEC]< rpcapd >[/color] [color=#A23BEC]< cpuz132 >[/color] [color=#A23BEC]< catchme >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Reg >[/color] [color=#A23BEC]< [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Commands >[/color] [color=#A23BEC]< [emptytemp] >[/color] [color=#A23BEC]< [Reboot] >[/color] < End of report >[/log] [color="#FF0000"]Ostatni raz powtarzam że logi wstawiamy w tag!! 2 sprawa na twoje szczęście źle wykonałeś polecenia kolegi z góry; ) przeczytaj to co w jego poście napisałem na czerwono i napisz czy kikin sam instalowałeś oraz przeskanuj wskazany przeze mnie plik na virustotal. //Sohei[/color]Nie mogę zlokalizować tego pliku. cpuz132_x32.sys
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.