gecube1 utworzono 21 sierpnia 2010 utworzono 21 sierpnia 2010 (edytowane) Extras.TXT LOG [log]OTL Extras logfile created on: 2010-08-21 21:55:08 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 30,58 Gb Free Space | 82,07% Space Free | Partition Type: NTFS Drive D: | 74,54 Gb Total Space | 68,37 Gb Free Space | 91,72% Space Free | Partition Type: NTFS Drive E: | 74,50 Gb Total Space | 58,98 Gb Free Space | 79,17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-E5EB53AE3C1 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Extra Registry (SafeList) ==========[/color] [color="#e56717"]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color="#e56717"]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color="#e56717"]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color="#e56717"]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\program files\cs\cs16\cstrike.exe" = E:\program files\cs\cs16\cstrike.exe:*:Enabled:Counter-Strike Launcher -- (Non Steam Powered) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "E:\steam\steamapps\gecube1\counter-strike\hl.exe" = E:\steam\steamapps\gecube1\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{28F451B0-44E5-48C0-8706-84114249F5B4}" = LightScribe 1.4.109.1 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}" = Decal Converter "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61 "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D6B93AF-E2C0-4461-A515-2D79D53DA7FC}" = NETEagle "{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup for Realtek RTL8139/810x Family NIC 3.00 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "Active Ports" = Active Ports "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced SystemCare 3_is1" = Advanced SystemCare 3 "Ares" = Ares 2.1.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "C-Media Audio Driver" = C-Media WDM Audio Driver "CZATeriaKam" = CZATeriaKam 2.6.2 "ffdshow_is1" = ffdshow [rev 3111] [2009-10-22] "FIFA MANAGER 08" = FIFA MANAGER 08 "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Booster_is1" = Game Booster "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Odkurzacz 12.3_is1" = Odkurzacz 12.3 "RegCompact Pro" = RegCompact Pro 2.6.7 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "SopCast" = SopCast 3.2.9 "Steam App 10" = Counter-Strike "StmAdsl" = ADSL Modem "SubEdit-Player_is1" = SubEdit-Player "uTorrent" = µTorrent "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "XP Tools_is1" = XP Tools Pro 9.8 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color="#e56717"]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color="#e56717"]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-16 18:09:23 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-16 18:09:23 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:02 | Computer Name = DOM-E5EB53AE3C1 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-08-18 16:42:04 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:05 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:06 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:06 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:07 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-18 16:42:09 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. [ System Events ] Error - 2010-05-13 10:25:55 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 < End of report > OTL.TXT OTL logfile created on: 2010-08-21 21:55:08 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 30,58 Gb Free Space | 82,07% Space Free | Partition Type: NTFS Drive D: | 74,54 Gb Total Space | 68,37 Gb Free Space | 91,72% Space Free | Partition Type: NTFS Drive E: | 74,50 Gb Total Space | 58,98 Gb Free Space | 79,17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-E5EB53AE3C1 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color="#e56717"]========== Processes (All) ==========[/color] PRC - [2010-08-21 21:53:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Moje dokumenty\Downloads\OTL.exe PRC - [2010-08-03 10:55:18 | 000,175,960 | ---- | M] () -- D:\Game Booster\gbtray.exe PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-04-26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009-03-02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2006-07-20 20:38:26 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [essenger] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [essenger] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color="#e56717"]========== Modules (All) ==========[/color] MOD - [2010-08-21 21:53:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Moje dokumenty\Downloads\OTL.exe MOD - [2010-07-12 13:18:52 | 000,637,592 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\system32\kmon.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-20 10:32:52 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-03 22:11:07 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2006-03-02 14:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color="#e56717"]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- D:\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) [color="#e56717"]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2010-07-10 00:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-04 18:06:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-05-11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-03-30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009-02-13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008-07-08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\84652906.sys -- (is-MU9U0drv) DRV - [2007-03-11 21:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi) DRV - [2006-05-25 19:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 18:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2002-06-13 11:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) [color="#e56717"]========== Standard Registry (SafeList) ==========[/color] [color="#e56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004..\Run: [ccleaner] D:\CCleaner\ccleaner.exe (Piriform Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WindowsUpdate = C:\Program Files\WindowsUpdate\winupdate.exe File not found O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} [url="http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab"]http://cdn.scan.onec...lscbase6087.cab[/url] (Windows Live Safety Center Base Module) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [url="http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab"]http://security.syma...n/bin/cabsa.cab[/url] (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} [url="https://www.bph.pl/sezam/components/SignActivX.cab"]https://www.bph.pl/s.../SignActivX.cab[/url] (SignActivX Control) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} [url="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab"]http://java.sun.com/..._4_0_03-win.cab[/url] (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (kmon.dll) - C:\WINDOWS\System32\kmon.dll (Beijing Rising Information Technology Co., Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-21 07:53:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent [2010-08-20 19:03:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2010-08-20 19:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010-08-20 19:01:25 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-08-20 19:01:00 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010-08-20 18:24:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview [2010-08-20 02:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-08-19 21:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\NETEagle [2010-08-19 20:33:36 | 000,044,000 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPUni.sys [2010-08-19 20:33:36 | 000,043,936 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPAnsi.sys [2010-08-19 20:33:36 | 000,011,264 | ---- | C] (Superlogix) -- C:\WINDOWS\System32\drivers\supermounter.sys [2010-08-19 20:33:35 | 000,073,728 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\smh.dat [2010-08-19 20:33:34 | 001,509,376 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\context.dll [2010-08-19 20:29:50 | 000,049,664 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe [2010-08-19 20:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\Active Ports [2010-08-19 03:26:12 | 000,077,696 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys [2010-08-19 03:26:09 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys [2010-08-19 03:25:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys [2010-08-19 03:24:42 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys [2010-08-19 03:24:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys [2010-08-19 03:24:39 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys [2010-08-19 03:24:38 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys [2010-08-19 03:24:37 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys [2010-08-19 03:24:36 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys [2010-08-19 03:24:32 | 000,061,440 | ---- | C] (Kolorowy skaner płaski) -- C:\WINDOWS\System32\dllcache\acerscad.dll [2010-08-19 03:24:28 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys [2010-08-19 03:24:22 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll [2010-08-19 03:24:14 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys [2010-08-19 03:24:12 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll [2010-08-19 03:24:11 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys [2010-08-14 17:13:10 | 002,826,192 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player_10_active_x.exe [2010-08-13 19:16:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-08-12 13:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit [2010-08-12 13:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska [2010-08-12 12:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-08-12 12:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Ventrilo [2010-08-10 21:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010-08-10 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic-Polska [2010-08-08 16:29:58 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010-08-08 16:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent [2010-08-03 01:34:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Moje obrazy [2010-08-03 01:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Onet.pl [2010-08-02 18:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-07-28 18:37:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2010-07-16 02:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe [2010-07-15 21:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Downloads [2010-07-14 15:30:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2010-07-14 15:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010-07-14 15:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2010-07-12 13:35:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Macromedia [2010-06-27 22:40:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\IObit [2010-06-27 20:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-06-27 18:55:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2010-06-27 18:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010-06-27 18:51:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2010-06-27 18:50:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2010-06-27 18:47:57 | 000,000,000 | RH-D | C] -- C:\AHCache [2010-06-27 17:28:25 | 001,458,176 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe [2010-06-27 17:28:25 | 000,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll [2010-06-27 17:28:24 | 002,494,464 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl [2010-06-27 17:28:24 | 000,917,504 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll [2010-06-27 17:28:24 | 000,151,552 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll [2010-06-27 17:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media [2010-06-27 17:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media AC97 Audio Drivers 23 kwiecień 2004 [2010-06-26 23:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Auslogics [2010-06-26 23:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics [2010-06-26 23:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2010-06-26 22:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Rising [2010-06-26 22:29:17 | 000,637,592 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll [2010-06-26 22:29:17 | 000,096,880 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll [2010-06-26 22:29:17 | 000,015,776 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe [2010-06-26 22:21:49 | 000,148,496 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\84652906.sys [2010-06-26 21:07:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2010-06-26 20:00:47 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-05-13 17:56:24 | 000,562,840 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe [2010-05-13 17:05:05 | 001,924,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe [color="#e56717"]========== Files - Modified Within 60 Days ==========[/color] [2010-08-21 22:23:17 | 142,753,824 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010-08-21 21:50:00 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Windows XP - Forum Komputerowe ForumPC.pl.url [2010-08-21 19:49:11 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT [2010-08-21 19:15:23 | 000,000,079 | ---- | M] () -- C:\WINDOWS\xptools.ini [2010-08-21 19:14:03 | 000,000,120 | ---- | M] () -- C:\WINDOWS\System32\bn.dll [2010-08-21 18:53:25 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\O wszystkim co najistotniejsze - Optymalizacja by Cyba91 CZ1.url [2010-08-21 17:44:31 | 000,000,072 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Problemy z oprogramowaniem.url [2010-08-21 13:27:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-21 07:53:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-21 01:12:10 | 001,666,364 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010-08-21 01:12:04 | 004,812,158 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-20 19:16:33 | 000,233,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-08-20 19:16:33 | 000,233,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-08-20 19:16:33 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-08-20 19:06:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-20 19:05:11 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini [2010-08-20 19:03:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2010-08-20 18:33:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-08-20 18:01:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1972579041-1177238915-1004Core.job [2010-08-20 17:52:36 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-08-20 16:36:50 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Gry na dobrychprogramach.url [2010-08-20 16:32:35 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Problemy i pytania związane z działaniem Counter-Strike 1.6..url [2010-08-19 20:58:51 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\admin\ntuser.dat.rcbak [2010-08-19 20:33:46 | 000,620,032 | ---- | M] () -- C:\WINDOWS\System32\xtsupermenuhook.dll [2010-08-19 20:33:46 | 000,620,032 | ---- | M] () -- C:\WINDOWS\System32\xtbaksm.dat [2010-08-19 20:33:40 | 000,000,513 | ---- | M] () -- C:\WINDOWS\System32\xtupdate.zip [2010-08-19 20:33:40 | 000,000,513 | ---- | M] () -- C:\WINDOWS\System32\xtupdate.dat [2010-08-19 02:35:24 | 000,000,070 | ---- | M] () -- C:\WINDOWS\user.ini [2010-08-18 02:05:56 | 000,000,050 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Szaliki klubowe - Nanasport.pl.url [2010-08-14 22:00:25 | 000,032,640 | ---- | M] () -- C:\WINDOWS\trdl [2010-08-14 22:00:25 | 000,008,981 | ---- | M] () -- C:\WINDOWS\wsc.p2 [2010-08-14 22:00:25 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.ini [2010-08-14 22:00:24 | 000,017,280 | ---- | M] () -- C:\WINDOWS\trdl.p2 [2010-08-14 22:00:24 | 000,015,360 | ---- | M] () -- C:\WINDOWS\trdl.p1 [2010-08-14 22:00:24 | 000,010,240 | ---- | M] () -- C:\WINDOWS\linkinfo.p1 [2010-08-14 22:00:24 | 000,005,285 | ---- | M] () -- C:\WINDOWS\linkinfo.p2 [2010-08-14 22:00:24 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System\run32dll.p2 [2010-08-14 22:00:24 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System\run32dll.p1 [2010-08-14 22:00:24 | 000,000,640 | ---- | M] () -- C:\WINDOWS\rcx.dat [2010-08-14 22:00:24 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.dat [2010-08-14 22:00:24 | 000,000,080 | ---- | M] () -- C:\WINDOWS\rcx.ini [2010-08-14 18:25:17 | 000,000,050 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Legia Warszawa - Bilety Online.url [2010-08-14 14:22:31 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini [2010-08-13 19:16:46 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini [2010-08-13 19:07:11 | 000,110,592 | ---- | M] (Kali Inc.) -- C:\WINDOWS\WSOCK32.DLL [2010-08-13 12:47:33 | 000,015,525 | ---- | M] () -- C:\WINDOWS\linkinfo.dll [2010-08-13 12:47:33 | 000,002,560 | ---- | M] () -- C:\WINDOWS\System\run32dll.exe [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-08-10 20:49:23 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-08 17:41:37 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-08 17:12:00 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Torrenty.org - Polski Katalog Torrentów.url [2010-08-08 16:56:33 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SubEdit-Player.lnk [2010-08-08 16:29:58 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2010-08-08 15:48:10 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\poczta tlen.url [2010-08-04 13:43:26 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Poczta WP..url [2010-08-03 13:13:21 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\bydgoszcz.url [2010-08-03 11:58:58 | 000,000,084 | ---- | M] () -- C:\WINDOWS\System32\kkdelay.def [2010-08-02 20:30:08 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\CSWarszawa.PL -- Strona Główna.url [2010-08-02 15:15:54 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Ekstraklasa.org - Gazeta.pl.url [2010-07-31 13:16:16 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-07-28 18:37:59 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-07-28 18:06:09 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SopCast.lnk [2010-07-23 20:29:31 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Praca dla ochotników - badania kliniczne.url [2010-07-14 18:38:52 | 000,013,488 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-07-14 15:32:22 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-07-14 15:28:49 | 000,490,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-14 15:28:49 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-14 15:28:49 | 000,083,880 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-14 15:28:48 | 001,083,458 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-14 15:28:48 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-14 15:27:43 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-07-12 16:53:19 | 000,000,563 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-12 16:53:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-07-12 16:37:25 | 000,000,157 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Counter-Strike.url [2010-07-12 13:18:52 | 000,637,592 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll [2010-07-11 15:43:09 | 000,000,463 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-07-10 00:38:00 | 002,195,030 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin [2010-07-10 00:38:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-07-10 00:38:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb [2010-07-08 14:22:18 | 000,000,097 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Amx Komendy.url [2010-07-05 19:35:25 | 000,000,089 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\http---kolo4.ompzw.pl-schronisko_zegrze_rybaki,gallery,236.html.url [2010-06-27 17:28:24 | 000,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI [2010-06-27 17:28:24 | 000,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI [2010-06-26 22:28:41 | 000,096,880 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll [2010-06-26 22:28:41 | 000,015,776 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe [2010-06-26 22:15:59 | 000,000,064 | ---- | M] () -- C:\WINDOWS\Wininit.ini [2010-06-26 20:00:44 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-06-25 20:55:31 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\serwery Cs.url [2010-06-25 20:52:10 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SMS.url [2010-06-25 20:51:21 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\poczta gmail.url [2010-06-25 20:49:51 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\INTERNET.lnk [2010-06-25 20:49:30 | 000,001,376 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Google Chrome.lnk [2010-06-25 20:48:48 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\football manager.url [2010-06-25 20:44:41 | 000,000,156 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\LEGIA.url [2010-06-23 20:44:42 | 000,000,083 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Kobieta.pl-wiersze - Serwis Autorów Wierszy wierszyki poezja wiersze miłosne.url [color="#e56717"]========== Files Created - No Company Name ==========[/color] [2010-08-21 21:50:00 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Windows XP - Forum Komputerowe ForumPC.pl.url [2010-08-21 18:53:25 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\O wszystkim co najistotniejsze - Optymalizacja by Cyba91 CZ1.url [2010-08-21 17:44:31 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Problemy z oprogramowaniem.url [2010-08-20 19:03:10 | 000,233,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-08-20 19:03:05 | 000,233,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-08-20 19:03:05 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-08-20 19:03:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2010-08-20 19:01:25 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2010-08-20 19:01:17 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-08-20 18:30:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-08-20 17:52:36 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-08-20 16:36:50 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Gry na dobrychprogramach.url [2010-08-20 16:32:35 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Problemy i pytania związane z działaniem Counter-Strike 1.6..url [2010-08-20 01:23:59 | 000,000,079 | ---- | C] () -- C:\WINDOWS\xptools.ini [2010-08-19 20:33:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\bn.dll [2010-08-19 20:33:40 | 000,620,032 | ---- | C] () -- C:\WINDOWS\System32\xtbaksm.dat [2010-08-19 20:33:40 | 000,000,513 | ---- | C] () -- C:\WINDOWS\System32\xtupdate.zip [2010-08-19 20:33:40 | 000,000,513 | ---- | C] () -- C:\WINDOWS\System32\xtupdate.dat [2010-08-19 20:33:35 | 000,620,032 | ---- | C] () -- C:\WINDOWS\System32\xtsupermenuhook.dll [2010-08-19 20:33:35 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll [2010-08-19 20:33:35 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll [2010-08-19 15:19:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\admin\ntuser.dat.rctemp.LOG [2010-08-18 02:05:56 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Szaliki klubowe - Nanasport.pl.url [2010-08-16 18:57:37 | 000,561,152 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Ventrilo.exe [2010-08-14 18:25:17 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Legia Warszawa - Bilety Online.url [2010-08-13 12:47:07 | 000,015,525 | ---- | C] () -- C:\WINDOWS\linkinfo.dll [2010-08-08 16:56:33 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\SubEdit-Player.lnk [2010-08-08 16:47:51 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Torrenty.org - Polski Katalog Torrentów.url [2010-08-08 16:29:58 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2010-08-08 15:47:07 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\poczta tlen.url [2010-08-04 13:42:25 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Poczta WP..url [2010-08-03 13:00:17 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\bydgoszcz.url [2010-08-02 20:30:08 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\CSWarszawa.PL -- Strona Główna.url [2010-08-02 15:15:54 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Ekstraklasa.org - Gazeta.pl.url [2010-07-28 18:06:09 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\SopCast.lnk [2010-07-27 16:50:28 | 000,000,084 | ---- | C] () -- C:\WINDOWS\System32\kkdelay.def [2010-07-23 20:29:31 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Praca dla ochotników - badania kliniczne.url [2010-07-14 14:42:17 | 000,032,640 | ---- | C] () -- C:\WINDOWS\trdl [2010-07-14 14:42:17 | 000,010,240 | ---- | C] () -- C:\WINDOWS\linkinfo.p1 [2010-07-14 14:42:17 | 000,008,981 | ---- | C] () -- C:\WINDOWS\wsc.p2 [2010-07-14 14:42:17 | 000,005,285 | ---- | C] () -- C:\WINDOWS\linkinfo.p2 [2010-07-14 14:42:17 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System\run32dll.exe [2010-07-14 14:42:17 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System\run32dll.p2 [2010-07-14 14:42:17 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System\run32dll.p1 [2010-07-14 14:42:16 | 000,017,280 | ---- | C] () -- C:\WINDOWS\trdl.p2 [2010-07-14 14:42:16 | 000,015,360 | ---- | C] () -- C:\WINDOWS\trdl.p1 [2010-07-14 14:42:16 | 000,000,640 | ---- | C] () -- C:\WINDOWS\rcx.dat [2010-07-14 14:42:16 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.dat [2010-07-14 14:42:16 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.ini [2010-07-14 14:42:16 | 000,000,080 | ---- | C] () -- C:\WINDOWS\rcx.ini [2010-07-12 15:28:26 | 000,000,157 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Counter-Strike.url [2010-07-12 13:11:16 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-07-11 15:38:01 | 000,000,463 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-07-08 14:22:18 | 000,000,097 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Amx Komendy.url [2010-07-05 19:35:25 | 000,000,089 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\http---kolo4.ompzw.pl-schronisko_zegrze_rybaki,gallery,236.html.url [2010-06-27 17:32:41 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini [2010-06-27 17:28:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2010-06-27 17:28:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2010-06-26 22:31:07 | 000,000,070 | ---- | C] () -- C:\WINDOWS\user.ini [2010-06-26 22:22:00 | 142,731,296 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010-06-26 22:22:00 | 001,666,364 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010-06-23 20:44:42 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Kobieta.pl-wiersze - Serwis Autorów Wierszy wierszyki poezja wiersze miłosne.url [2010-06-04 18:06:55 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-27 16:37:06 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-21 21:09:03 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-05-13 19:41:47 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-13 17:24:30 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-13 17:24:29 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-05-13 17:19:00 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2010-05-13 17:19:00 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2010-05-13 17:18:59 | 000,000,064 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2010-05-13 17:18:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2010-05-13 17:13:11 | 001,072,196 | ---- | C] () -- C:\Program Files\Lan_XP_2K_ME_98(3.00.504).zip [2010-05-13 17:13:04 | 002,380,501 | ---- | C] () -- C:\Program Files\INF_XP_2K_ME_98(4.10.1012).zip [2010-05-13 16:27:09 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2010-05-13 16:27:09 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2010-05-13 16:27:08 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2010-05-13 16:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [color="#e56717"]========== LOP Check ==========[/color] [2010-06-26 23:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Auslogics [2010-05-26 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10 [2010-08-19 03:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\IObit [2010-05-13 17:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Opera [2010-08-19 03:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent [2010-05-26 20:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-19 14:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Rising [color="#e56717"]========== Purity Check ==========[/color] [color="#e56717"]========== Custom Scans ==========[/color] [color="#a23bec"]< %systemdrive%\*.* >[/color] [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-07-12 16:53:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-05-13 16:10:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-05-13 16:10:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-08-21 07:53:24 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color="#a23bec"]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS [color="#a23bec"]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys [color="#a23bec"]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color="#a23bec"]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color="#a23bec"]< MD5 for: NDIS.SYS >[/color] [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log]
Aquil komentarz 21 sierpnia 2010 komentarz 21 sierpnia 2010 Polecam Ci program [b]jv16 Power Tools[/b], wyczyści Ci niezbędne i puste rejestry. M.in ma wiele innych zalet. Mogę tylko tyle pomóc, gdyż nie znam się na logach .
Tomek01 komentarz 22 sierpnia 2010 komentarz 22 sierpnia 2010 OTL tworzy podczas skanu dwa pliki. Extras i txt. Pierwszy jest mniej przydatny. Drugiego nie widzę
Tomek01 komentarz 22 sierpnia 2010 komentarz 22 sierpnia 2010 Nie zauważyłem bo powinny być wklejone osobno
gecube1 komentarz 23 sierpnia 2010 Autor komentarz 23 sierpnia 2010 (edytowane) [log]OTL Extras logfile created on: 2010-08-23 12:10:54 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 82,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 31,25 Gb Free Space | 83,86% Space Free | Partition Type: NTFS Drive D: | 74,54 Gb Total Space | 68,35 Gb Free Space | 91,69% Space Free | Partition Type: NTFS Drive E: | 74,50 Gb Total Space | 59,03 Gb Free Space | 79,23% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-E5EB53AE3C1 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\program files\cs\cs16\cstrike.exe" = E:\program files\cs\cs16\cstrike.exe:*:Enabled:Counter-Strike Launcher -- (Non Steam Powered) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "E:\steam\steamapps\gecube1\counter-strike\hl.exe" = E:\steam\steamapps\gecube1\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{28F451B0-44E5-48C0-8706-84114249F5B4}" = LightScribe 1.4.109.1 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61 "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup for Realtek RTL8139/810x Family NIC 3.00 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ares" = Ares 2.1.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "C-Media Audio Driver" = C-Media WDM Audio Driver "CZATeriaKam" = CZATeriaKam 2.6.2 "ffdshow_is1" = ffdshow [rev 3111] [2009-10-22] "FIFA MANAGER 08" = FIFA MANAGER 08 "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Booster_is1" = Game Booster "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "jv16 PowerTools 2010" = jv16 PowerTools 2010 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA Drivers" = NVIDIA Drivers "Odkurzacz 12.3_is1" = Odkurzacz 12.3 "RegCompact Pro" = RegCompact Pro 2.6.7 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "SopCast" = SopCast 3.2.9 "Steam App 10" = Counter-Strike "StmAdsl" = ADSL Modem "SubEdit-Player_is1" = SubEdit-Player "UltimateDefrag V1 FREE Public Domain Version" = UltimateDefrag V1 FREE Public Domain Version "uTorrent" = µTorrent "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "XP Tools_is1" = XP Tools Pro 9.8 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-22 10:43:16 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 10:43:16 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 10:43:17 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 10:43:17 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:09 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:09 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. [ System Events ] Error - 2010-05-13 10:25:55 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 < End of report >[/log] [log]OTL logfile created on: 2010-08-23 12:10:54 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 82,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 31,25 Gb Free Space | 83,86% Space Free | Partition Type: NTFS Drive D: | 74,54 Gb Total Space | 68,35 Gb Free Space | 91,69% Space Free | Partition Type: NTFS Drive E: | 74,50 Gb Total Space | 59,03 Gb Free Space | 79,23% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-E5EB53AE3C1 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-23 12:02:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Moje dokumenty\Downloads\OTL.exe PRC - [2010-04-26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009-03-02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2006-10-22 12:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2006-07-20 20:38:26 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\dmadmin.exe PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [essenger] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [essenger] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-23 12:02:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Moje dokumenty\Downloads\OTL.exe MOD - [2010-07-12 13:18:52 | 000,637,592 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\system32\kmon.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-20 10:32:52 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-03 22:11:07 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2006-03-02 14:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- D:\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2010-06-04 18:06:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-05-11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-03-30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009-02-13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2007-03-11 21:39:46 | 000,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi) DRV - [2006-10-22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-05-25 19:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-12 18:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2002-06-13 11:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\Toolbar\WebBrowser: (no name) - {4C350B19-6CA1-4569-B14C-296D8D6535B2} - No CLSID value found. O3 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004..\Run: [ccleaner] D:\CCleaner\ccleaner.exe (Piriform Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab (SignActivX Control) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (kmon.dll) - C:\WINDOWS\System32\kmon.dll (Beijing Rising Information Technology Co., Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Messenger - File not found SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-23 10:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\RelevantKnowledge [2010-08-23 10:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\TabDiscover [2010-08-23 10:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Jookz Toolbar [2010-08-23 10:48:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent [2010-08-22 05:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles [2010-08-22 05:07:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2010-08-22 05:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Carambis [2010-08-22 04:49:00 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe [2010-08-22 04:49:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview [2010-08-22 04:26:43 | 064,393,944 | ---- | C] (NVIDIA Corporation ) -- C:\93.71_forceware_winxp2k_international_whql.exe [2010-08-22 03:59:27 | 063,762,768 | ---- | C] (NVIDIA Corporation ) -- C:\91.31_winxp2kmce_international_whql.exe [2010-08-22 03:57:55 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE [2010-08-21 23:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\SystemRequirementsLab [2010-08-20 19:01:00 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010-08-20 02:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-08-19 20:33:36 | 000,044,000 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPUni.sys [2010-08-19 20:33:36 | 000,043,936 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPAnsi.sys [2010-08-19 20:33:36 | 000,011,264 | ---- | C] (Superlogix) -- C:\WINDOWS\System32\drivers\supermounter.sys [2010-08-19 20:33:35 | 000,073,728 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\smh.dat [2010-08-19 20:33:34 | 001,509,376 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\context.dll [2010-08-19 12:54:46 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll [2010-08-19 03:26:18 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys [2010-08-19 03:26:16 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys [2010-08-19 03:26:13 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys [2010-08-19 03:26:12 | 000,077,696 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys [2010-08-19 03:26:11 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll [2010-08-19 03:26:09 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys [2010-08-19 03:26:07 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys [2010-08-19 03:26:06 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys [2010-08-19 03:26:05 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys [2010-08-19 03:26:01 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys [2010-08-19 03:25:58 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys [2010-08-19 03:25:56 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys [2010-08-19 03:25:53 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\dllcache\amdagp.sys [2010-08-19 03:25:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys [2010-08-19 03:25:50 | 000,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alim1541.sys [2010-08-19 03:25:49 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys [2010-08-19 03:25:48 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys [2010-08-19 03:25:47 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys [2010-08-19 03:25:42 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys [2010-08-19 03:25:41 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys [2010-08-19 03:25:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys [2010-08-19 03:25:09 | 000,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agpcpq.sys [2010-08-19 03:25:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax [2010-08-19 03:25:03 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll [2010-08-19 03:25:02 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll [2010-08-19 03:24:59 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll [2010-08-19 03:24:57 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll [2010-08-19 03:24:53 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll [2010-08-19 03:24:52 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll [2010-08-19 03:24:49 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll [2010-08-19 03:24:43 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys [2010-08-19 03:24:42 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys [2010-08-19 03:24:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys [2010-08-19 03:24:39 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys [2010-08-19 03:24:38 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys [2010-08-19 03:24:37 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys [2010-08-19 03:24:36 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys [2010-08-19 03:24:35 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys [2010-08-19 03:24:32 | 000,061,440 | ---- | C] (Kolorowy skaner płaski) -- C:\WINDOWS\System32\dllcache\acerscad.dll [2010-08-19 03:24:29 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys [2010-08-19 03:24:28 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys [2010-08-19 03:24:27 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys [2010-08-19 03:24:24 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys [2010-08-19 03:24:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys [2010-08-19 03:24:22 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll [2010-08-19 03:24:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll [2010-08-19 03:24:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys [2010-08-19 03:24:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys [2010-08-19 03:24:14 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys [2010-08-19 03:24:12 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll [2010-08-19 03:24:11 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys [2010-08-19 03:24:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys [2010-08-19 03:24:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys [2010-08-19 03:23:06 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll [2010-08-14 21:37:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\wsc32.dll [2010-08-14 17:13:10 | 002,826,192 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player_10_active_x.exe [2010-08-13 19:16:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-08-12 13:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit [2010-08-12 13:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska [2010-08-12 12:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-08-12 12:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Ventrilo [2010-08-10 21:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010-08-10 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic-Polska [2010-08-08 16:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent [2010-08-03 01:34:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Moje obrazy [2010-08-02 18:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-07-28 18:38:38 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2010-07-28 18:38:38 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2010-07-28 18:37:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2010-07-28 18:36:15 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010-07-28 18:36:15 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-07-28 18:36:15 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-07-28 18:36:15 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-07-28 18:36:15 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-07-28 18:36:15 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010-07-28 18:36:15 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-07-28 18:36:15 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-07-28 18:36:15 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010-07-28 18:36:15 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010-07-28 18:36:15 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-07-28 18:36:15 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-07-16 02:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe [2010-07-15 21:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Moje dokumenty\Downloads [2010-07-14 15:30:57 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2010-07-14 15:30:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2010-07-14 15:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010-07-14 15:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2010-07-14 15:27:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2010-07-14 15:27:33 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2010-07-14 15:27:33 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2010-07-14 15:27:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2010-07-14 15:27:32 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2010-07-14 15:27:32 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2010-07-14 14:42:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\lnk32.dll [2010-07-12 13:35:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Macromedia [2010-07-12 13:10:31 | 002,059,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2010-07-12 13:10:30 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010-07-12 13:10:24 | 002,137,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010-06-27 20:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-06-27 18:55:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2010-06-27 18:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010-06-27 18:51:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2010-06-27 18:50:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2010-06-27 18:48:14 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2010-06-27 18:47:57 | 000,000,000 | RH-D | C] -- C:\AHCache [2010-06-27 17:28:25 | 001,458,176 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe [2010-06-27 17:28:25 | 000,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll [2010-06-27 17:28:24 | 002,494,464 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl [2010-06-27 17:28:24 | 000,917,504 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll [2010-06-27 17:28:24 | 000,712,704 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll [2010-06-27 17:28:24 | 000,151,552 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll [2010-06-27 17:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media [2010-06-27 17:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media AC97 Audio Drivers 23 kwiecień 2004 [2010-06-26 23:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dane aplikacji\Auslogics [2010-06-26 23:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics [2010-06-26 23:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2010-06-26 22:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Rising [2010-06-26 22:29:17 | 000,637,592 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll [2010-06-26 22:29:17 | 000,096,880 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll [2010-06-26 22:29:17 | 000,015,776 | ---- | C] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe [2010-06-26 21:07:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2010-06-26 20:00:47 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-05-13 17:56:24 | 000,562,840 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe [2010-05-13 17:05:05 | 001,924,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-23 11:43:09 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Szaliki klubowe - Nanasport.pl.url [2010-08-23 11:42:56 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Ekstraklasa.org - Gazeta.pl.url [2010-08-23 11:42:33 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\bilety LEGIA.url [2010-08-23 11:42:18 | 000,000,207 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\BL.url [2010-08-23 10:48:10 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-08-23 10:48:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-23 10:48:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-23 10:30:47 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\admin\ntuser.ini [2010-08-23 10:30:46 | 003,932,160 | ---- | M] () -- C:\Documents and Settings\admin\NTUSER.DAT [2010-08-23 10:30:45 | 001,978,054 | -H-- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-23 03:16:02 | 000,000,079 | ---- | M] () -- C:\WINDOWS\xptools.ini [2010-08-23 03:11:27 | 000,000,120 | ---- | M] () -- C:\WINDOWS\System32\bn.dll [2010-08-23 00:41:45 | 000,000,103 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\2,8 GHz-1M-533 _ INTEL PENTIUM 4 PRESCOTT (1192649085) - Aukcje internetowe Allegro.url [2010-08-22 18:12:55 | 144,230,432 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010-08-22 18:12:55 | 001,693,364 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010-08-22 18:01:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1972579041-1177238915-1004Core.job [2010-08-22 17:54:11 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Dokonaj zakupu jv16 PowerTools.url [2010-08-22 17:52:48 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\Sys6925.Config Collection.sys [2010-08-22 17:52:48 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin [2010-08-22 05:01:18 | 000,004,990 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe [2010-08-22 05:01:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-22 04:35:33 | 064,393,944 | ---- | M] (NVIDIA Corporation ) -- C:\93.71_forceware_winxp2k_international_whql.exe [2010-08-22 04:07:58 | 063,762,768 | ---- | M] (NVIDIA Corporation ) -- C:\91.31_winxp2kmce_international_whql.exe [2010-08-22 00:23:07 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-08-21 23:35:55 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Procesory - Forum Komputerowe ForumPC.pl.url [2010-08-21 22:39:49 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Bezpieczeństwo - Forum Komputerowe ForumPC.pl.url [2010-08-21 21:50:00 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Windows XP - Forum Komputerowe ForumPC.pl.url [2010-08-21 17:44:31 | 000,000,072 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Problemy z oprogramowaniem.url [2010-08-20 18:33:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-08-20 17:52:36 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-08-20 16:36:50 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Gry na dobrychprogramach.url [2010-08-19 20:58:51 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\admin\ntuser.dat.rcbak [2010-08-19 20:33:46 | 000,620,032 | ---- | M] () -- C:\WINDOWS\System32\xtsupermenuhook.dll [2010-08-19 20:33:46 | 000,620,032 | ---- | M] () -- C:\WINDOWS\System32\xtbaksm.dat [2010-08-19 20:33:40 | 000,000,513 | ---- | M] () -- C:\WINDOWS\System32\xtupdate.zip [2010-08-19 20:33:40 | 000,000,513 | ---- | M] () -- C:\WINDOWS\System32\xtupdate.dat [2010-08-19 12:52:20 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll [2010-08-19 02:35:24 | 000,000,070 | ---- | M] () -- C:\WINDOWS\user.ini [2010-08-14 22:00:25 | 000,032,640 | ---- | M] () -- C:\WINDOWS\trdl [2010-08-14 22:00:25 | 000,008,981 | ---- | M] () -- C:\WINDOWS\wsc.p2 [2010-08-14 22:00:25 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.ini [2010-08-14 22:00:24 | 000,017,280 | ---- | M] () -- C:\WINDOWS\trdl.p2 [2010-08-14 22:00:24 | 000,015,360 | ---- | M] () -- C:\WINDOWS\trdl.p1 [2010-08-14 22:00:24 | 000,010,240 | ---- | M] () -- C:\WINDOWS\linkinfo.p1 [2010-08-14 22:00:24 | 000,005,285 | ---- | M] () -- C:\WINDOWS\linkinfo.p2 [2010-08-14 22:00:24 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System\run32dll.p2 [2010-08-14 22:00:24 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System\run32dll.p1 [2010-08-14 22:00:24 | 000,000,640 | ---- | M] () -- C:\WINDOWS\rcx.dat [2010-08-14 22:00:24 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.dat [2010-08-14 22:00:24 | 000,000,080 | ---- | M] () -- C:\WINDOWS\rcx.ini [2010-08-14 17:13:26 | 002,826,192 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player_10_active_x.exe [2010-08-14 14:22:31 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini [2010-08-13 12:47:33 | 000,015,525 | ---- | M] () -- C:\WINDOWS\linkinfo.dll [2010-08-13 12:47:33 | 000,002,560 | ---- | M] () -- C:\WINDOWS\System\run32dll.exe [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-08-12 01:59:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-08-10 20:49:23 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-08 17:41:37 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-08 17:12:00 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Torrenty.org - Polski Katalog Torrentów.url [2010-08-08 16:56:33 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SubEdit-Player.lnk [2010-08-08 15:48:10 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\poczta tlen.url [2010-08-04 13:43:26 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Poczta WP..url [2010-08-03 13:13:21 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\bydgoszcz.url [2010-08-03 11:58:58 | 000,000,084 | ---- | M] () -- C:\WINDOWS\System32\kkdelay.def [2010-07-31 13:16:16 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-07-28 18:37:59 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-07-28 18:06:09 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SopCast.lnk [2010-07-23 20:29:31 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Praca dla ochotników - badania kliniczne.url [2010-07-14 18:38:52 | 000,013,488 | ---- | M] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-07-14 15:32:22 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-07-14 15:28:49 | 000,490,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-07-14 15:28:49 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-07-14 15:28:49 | 000,083,880 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-07-14 15:28:48 | 001,083,458 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-07-14 15:28:48 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-07-14 15:27:43 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-07-12 16:53:19 | 000,000,563 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-12 16:53:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-07-12 16:37:25 | 000,000,157 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Counter-Strike.url [2010-07-12 13:18:52 | 000,637,592 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kmon.dll [2010-07-11 15:43:09 | 000,000,463 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-07-10 00:38:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb [2010-07-08 14:22:18 | 000,000,097 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Amx Komendy.url [2010-07-05 19:35:25 | 000,000,089 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\http---kolo4.ompzw.pl-schronisko_zegrze_rybaki,gallery,236.html.url [2010-06-27 17:28:24 | 000,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI [2010-06-27 17:28:24 | 000,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI [2010-06-26 22:28:41 | 000,096,880 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\KakaTool.dll [2010-06-26 22:28:41 | 000,015,776 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\WINDOWS\System32\kknative.exe [2010-06-26 22:15:59 | 000,000,064 | ---- | M] () -- C:\WINDOWS\Wininit.ini [2010-06-26 20:00:44 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-06-25 20:55:31 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\serwery Cs.url [2010-06-25 20:52:10 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\SMS.url [2010-06-25 20:51:21 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\poczta gmail.url [2010-06-25 20:49:51 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\INTERNET.lnk [2010-06-25 20:49:30 | 000,001,376 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\Google Chrome.lnk [2010-06-25 20:48:48 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\football manager.url [2010-06-25 20:44:41 | 000,000,156 | ---- | M] () -- C:\Documents and Settings\admin\Pulpit\LEGIA.url [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-23 11:42:08 | 000,000,207 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\BL.url [2010-08-23 00:41:45 | 000,000,103 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\2,8 GHz-1M-533 _ INTEL PENTIUM 4 PRESCOTT (1192649085) - Aukcje internetowe Allegro.url [2010-08-22 17:54:11 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Dokonaj zakupu jv16 PowerTools.url [2010-08-22 17:52:48 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\Sys6925.Config Collection.sys [2010-08-22 17:52:48 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin [2010-08-22 05:01:18 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe [2010-08-22 04:49:20 | 000,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml [2010-08-22 04:49:00 | 000,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu [2010-08-21 23:35:55 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Procesory - Forum Komputerowe ForumPC.pl.url [2010-08-21 22:39:49 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Bezpieczeństwo - Forum Komputerowe ForumPC.pl.url [2010-08-21 21:50:00 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Windows XP - Forum Komputerowe ForumPC.pl.url [2010-08-21 17:44:31 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Problemy z oprogramowaniem.url [2010-08-20 19:01:25 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2010-08-20 18:30:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-08-20 17:52:36 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-08-20 16:36:50 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Gry na dobrychprogramach.url [2010-08-20 01:23:59 | 000,000,079 | ---- | C] () -- C:\WINDOWS\xptools.ini [2010-08-19 20:33:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\bn.dll [2010-08-19 20:33:40 | 000,620,032 | ---- | C] () -- C:\WINDOWS\System32\xtbaksm.dat [2010-08-19 20:33:40 | 000,000,513 | ---- | C] () -- C:\WINDOWS\System32\xtupdate.zip [2010-08-19 20:33:40 | 000,000,513 | ---- | C] () -- C:\WINDOWS\System32\xtupdate.dat [2010-08-19 20:33:35 | 000,620,032 | ---- | C] () -- C:\WINDOWS\System32\xtsupermenuhook.dll [2010-08-19 20:33:35 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll [2010-08-19 20:33:35 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll [2010-08-19 15:19:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\admin\ntuser.dat.rctemp.LOG [2010-08-18 02:05:56 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Szaliki klubowe - Nanasport.pl.url [2010-08-16 18:57:37 | 000,561,152 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Ventrilo.exe [2010-08-14 18:25:17 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\bilety LEGIA.url [2010-08-13 12:47:07 | 000,015,525 | ---- | C] () -- C:\WINDOWS\linkinfo.dll [2010-08-08 16:56:33 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\SubEdit-Player.lnk [2010-08-08 16:47:51 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Torrenty.org - Polski Katalog Torrentów.url [2010-08-08 15:47:07 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\poczta tlen.url [2010-08-04 13:42:25 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Poczta WP..url [2010-08-03 13:00:17 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\bydgoszcz.url [2010-08-02 15:15:54 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Ekstraklasa.org - Gazeta.pl.url [2010-07-28 18:06:09 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\SopCast.lnk [2010-07-27 16:50:28 | 000,000,084 | ---- | C] () -- C:\WINDOWS\System32\kkdelay.def [2010-07-23 20:29:31 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Praca dla ochotników - badania kliniczne.url [2010-07-14 14:42:17 | 000,032,640 | ---- | C] () -- C:\WINDOWS\trdl [2010-07-14 14:42:17 | 000,010,240 | ---- | C] () -- C:\WINDOWS\linkinfo.p1 [2010-07-14 14:42:17 | 000,008,981 | ---- | C] () -- C:\WINDOWS\wsc.p2 [2010-07-14 14:42:17 | 000,005,285 | ---- | C] () -- C:\WINDOWS\linkinfo.p2 [2010-07-14 14:42:17 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System\run32dll.exe [2010-07-14 14:42:17 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System\run32dll.p2 [2010-07-14 14:42:17 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System\run32dll.p1 [2010-07-14 14:42:16 | 000,017,280 | ---- | C] () -- C:\WINDOWS\trdl.p2 [2010-07-14 14:42:16 | 000,015,360 | ---- | C] () -- C:\WINDOWS\trdl.p1 [2010-07-14 14:42:16 | 000,000,640 | ---- | C] () -- C:\WINDOWS\rcx.dat [2010-07-14 14:42:16 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.dat [2010-07-14 14:42:16 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\admin\Dane aplikacji\rcx.ini [2010-07-14 14:42:16 | 000,000,080 | ---- | C] () -- C:\WINDOWS\rcx.ini [2010-07-12 15:28:26 | 000,000,157 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Counter-Strike.url [2010-07-12 13:11:16 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2010-07-11 15:38:01 | 000,000,463 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-07-08 14:22:18 | 000,000,097 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\Amx Komendy.url [2010-07-05 19:35:25 | 000,000,089 | ---- | C] () -- C:\Documents and Settings\admin\Pulpit\http---kolo4.ompzw.pl-schronisko_zegrze_rybaki,gallery,236.html.url [2010-06-27 17:32:41 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini [2010-06-27 17:28:24 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2010-06-27 17:28:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2010-06-26 22:31:07 | 000,000,070 | ---- | C] () -- C:\WINDOWS\user.ini [2010-06-26 22:22:00 | 144,230,432 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010-06-26 22:22:00 | 001,693,364 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010-06-04 18:06:55 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-27 16:37:06 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-21 21:09:03 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2010-05-13 19:41:47 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-13 17:24:30 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-05-13 17:24:29 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-05-13 17:19:00 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2010-05-13 17:19:00 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2010-05-13 17:18:59 | 000,000,064 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2010-05-13 17:18:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2010-05-13 17:13:11 | 001,072,196 | ---- | C] () -- C:\Program Files\Lan_XP_2K_ME_98(3.00.504).zip [2010-05-13 17:13:04 | 002,380,501 | ---- | C] () -- C:\Program Files\INF_XP_2K_ME_98(4.10.1012).zip [2010-05-13 16:27:09 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini [2010-05-13 16:27:09 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini [2010-05-13 16:27:08 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys [2010-05-13 16:25:34 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2006-10-22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-10-22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-10-22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2010-06-26 23:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Auslogics [2010-08-22 05:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Carambis [2010-05-26 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10 [2010-05-13 17:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\Opera [2010-08-19 03:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dane aplikacji\uTorrent [2010-05-26 20:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-08-19 14:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Rising [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-08-22 04:07:58 | 063,762,768 | ---- | M] (NVIDIA Corporation ) -- C:\91.31_winxp2kmce_international_whql.exe [2010-08-22 04:35:33 | 064,393,944 | ---- | M] (NVIDIA Corporation ) -- C:\93.71_forceware_winxp2k_international_whql.exe [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-07-12 16:53:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-05-13 16:10:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-05-13 16:10:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-05-13 16:10:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-08-23 10:47:58 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log]Sorki mój błąd:) Już poprawine
Tomek01 komentarz 23 sierpnia 2010 komentarz 23 sierpnia 2010 Są Adwar'e. Odinstaluj Softonic-Polska Toolbar, Jookz Toolbar, RelevantKnowledge, TabDiscover W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL IE - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\Toolbar\WebBrowser: (no name) - {4C350B19-6CA1-4569-B14C-296D8D6535B2} - No CLSID value found. O3 - HKU\S-1-5-21-448539723-1972579041-1177238915-1004\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) :Files C:\Program Files\RelevantKnowledge C:\Program Files\TabDiscover C:\Program Files\Jookz Toolbar C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska C:\Program Files\Conduit C:\Program Files\Softonic-Polska C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe C:\Documents and Settings\admin\Dane aplikacji\rcx.ini C:\WINDOWS\trdl.p2 C:\WINDOWS\trdl.p1 C:\WINDOWS\linkinfo.p1 C:\WINDOWS\linkinfo.p2 C:\WINDOWS\System\run32dll.p2 C:\WINDOWS\System\run32dll.p1 C:\WINDOWS\rcx.dat C:\Documents and Settings\admin\Dane aplikacji\rcx.dat C:\WINDOWS\rcx.ini C:\Documents and Settings\admin\Pulpit\SopCast.lnk :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Dajesz raport log z usuwania oraz nowe logi OTL i koniecznie RSIT.
gecube1 komentarz 23 sierpnia 2010 Autor komentarz 23 sierpnia 2010 (edytowane) Log z usuwania[log]All processes killed Error: Unable to interpret <Processes> in the current context! Error: Unable to interpret <Explorer.exe> in the current context! ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ deleted successfully. C:\Program Files\Softonic-Polska\tbSoft.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ not found. File C:\Program Files\Softonic-Polska\tbSoft.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ not found. File Polska\tbSoft.dll not found. Registry value HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4C350B19-6CA1-4569-B14C-296D8D6535B2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C350B19-6CA1-4569-B14C-296D8D6535B2}\ not found. Registry value HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}\ not found. File Polska\tbSoft.dll not found. ========== FILES ========== File\Folder C:\Program Files\RelevantKnowledge not found. File\Folder C:\Program Files\TabDiscover not found. File\Folder C:\Program Files\Jookz Toolbar not found. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\Log folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\LanguagePacks folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts\Feeds folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit\Community Alerts folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Conduit folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\UserDefinedItems folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\SearchInNewTab folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Rss folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Repository\conduit_CT2530240_CT2530240\ToolbarSettings folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Repository\conduit_CT2530240_CT2530240\ToolbarLogin folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Repository\conduit_CT2530240_CT2530240 folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Repository folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\RadioPlayer\Skins folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\RadioPlayer folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\MyStuffComponents folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Logs folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\LanguagePack\pl-pl folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\LanguagePack folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\EmailNotifier folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\Chat folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska\CacheIcons folder moved successfully. C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Softonic-Polska folder moved successfully. C:\Program Files\Conduit\Community Alerts folder moved successfully. C:\Program Files\Conduit folder moved successfully. C:\Program Files\Softonic-Polska folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe moved successfully. C:\Documents and Settings\admin\Dane aplikacji\rcx.ini moved successfully. C:\WINDOWS\trdl.p2 moved successfully. C:\WINDOWS\trdl.p1 moved successfully. C:\WINDOWS\linkinfo.p1 moved successfully. C:\WINDOWS\linkinfo.p2 moved successfully. C:\WINDOWS\System\run32dll.p2 moved successfully. C:\WINDOWS\System\run32dll.p1 moved successfully. C:\WINDOWS\rcx.dat moved successfully. C:\Documents and Settings\admin\Dane aplikacji\rcx.dat moved successfully. C:\WINDOWS\rcx.ini moved successfully. C:\Documents and Settings\admin\Pulpit\SopCast.lnk moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: admin ->Temp folder emptied: 379789 bytes ->Temporary Internet Files folder emptied: 81176 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 122093122 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 502 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 686581 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 494450 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 663184 bytes RecycleBin emptied: 79 bytes Total Files Cleaned = 119,00 mb OTL by OldTimer - Version 3.2.10.0 log created on 08232010_220919 Files\Folders moved on Reboot... Registry entries deleted on Reboot...[/log] Extras.TXT[log]OTL Extras logfile created on: 2010-08-23 22:23:10 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\admin\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 84,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 31,16 Gb Free Space | 83,63% Space Free | Partition Type: NTFS Drive D: | 74,54 Gb Total Space | 68,35 Gb Free Space | 91,69% Space Free | Partition Type: NTFS Drive E: | 74,50 Gb Total Space | 59,02 Gb Free Space | 79,23% Space Free | Partition Type: NTFS Drive F: | 4,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-E5EB53AE3C1 Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\MSHTML.DLL,PrintHTML "%1" (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\MSHTML.DLL,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "c:\program files\internet explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "E:\program files\cs\cs16\cstrike.exe" = E:\program files\cs\cs16\cstrike.exe:*:Enabled:Counter-Strike Launcher -- (Non Steam Powered) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "E:\steam\steamapps\gecube1\counter-strike\hl.exe" = E:\steam\steamapps\gecube1\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{28F451B0-44E5-48C0-8706-84114249F5B4}" = LightScribe 1.4.109.1 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400 "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61 "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup for Realtek RTL8139/810x Family NIC 3.00 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ares" = Ares 2.1.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "C-Media Audio Driver" = C-Media WDM Audio Driver "CZATeriaKam" = CZATeriaKam 2.6.2 "ffdshow_is1" = ffdshow [rev 3111] [2009-10-22] "FIFA MANAGER 08" = FIFA MANAGER 08 "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Booster_is1" = Game Booster "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "jv16 PowerTools 2010" = jv16 PowerTools 2010 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA Drivers" = NVIDIA Drivers "Odkurzacz 12.3_is1" = Odkurzacz 12.3 "RegCompact Pro" = RegCompact Pro 2.6.7 "Shop for HP Supplies" = Shop for HP Supplies "SopCast" = SopCast 3.2.9 "Steam App 10" = Counter-Strike "StmAdsl" = ADSL Modem "SubEdit-Player_is1" = SubEdit-Player "UltimateDefrag V1 FREE Public Domain Version" = UltimateDefrag V1 FREE Public Domain Version "uTorrent" = µTorrent "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "XP Tools_is1" = XP Tools Pro 9.8 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-448539723-1972579041-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-22 10:43:16 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 10:43:17 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 10:43:17 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:08 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:09 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-22 12:15:09 | Computer Name = DOM-E5EB53AE3C1 | Source = WmiAdapter | ID = 4099 Description = Otwarcie usługi nie powiodło się. Error - 2010-08-23 14:35:24 | Computer Name = DOM-E5EB53AE3C1 | Source = nview_info | ID = 11141121 Description = [ System Events ] Error - 2010-05-13 10:25:55 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2010-05-13 10:30:28 | Computer Name = DOM-E5EB53AE3C1 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 Error - 2010-05-13 11:37:31 | Computer Name = DOM-E5EB53AE3C1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PCAMPR5 NDIS Protocol Driver z powodu następującego błędu: %%2 < End of report >[/log]
Tomek01 komentarz 23 sierpnia 2010 komentarz 23 sierpnia 2010 Teraz jest czysto, mała kosmetyka, Do OTL wklej jeszcze: [code]:Processes Explorer.exe :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm :Commands [emptytemp] [start explorer][/code] Run Fix... Po tej operacji, w OTL użyj funkcji Clean Up. Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach. Użyj ATF Cleaner, zaznacz 3 pierwsze fajki i empty selected. Profilaktycznie wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki podaj na forum.
gecube1 komentarz 23 sierpnia 2010 Autor komentarz 23 sierpnia 2010 (edytowane) ok[log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: admin ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 11028560 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 456 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 680054 bytes Total Files Cleaned = 11,00 mb OTL by OldTimer - Version 3.2.10.0 log created on 08232010_233431 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\admin\Ustawienia lokalne\Temp\etilqs_rF0QDCqDLomTJLlidVZj not found! Registry entries deleted on Reboot...[/log]Zrobiłem wszystko co zaleciłeś,skanowałem i jest czysto.Tylko powiem ci że zbytnio nie widzę różnicy,komp jak był wolny tak jest nadal.
Tomek01 komentarz 24 sierpnia 2010 komentarz 24 sierpnia 2010 W takim razie to nie jest wina infekcji.
gecube1 komentarz 24 sierpnia 2010 Autor komentarz 24 sierpnia 2010 A jaka może być przyczyna? Procek dobry,temperatura też ok,Płyta też ok oglądałem wszystkie oporniki i żaden nie spuchł.
raazor90 komentarz 24 sierpnia 2010 komentarz 24 sierpnia 2010 Spróbuj wykonać optymalizację ustawień systemu: http://www.forumpc.pl/index.php?showtopic=17478
gecube1 komentarz 24 sierpnia 2010 Autor komentarz 24 sierpnia 2010 Większość z tych rzeczy miałem już zrobine,wykonałem resztę i tez nic nie dało.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.