hyper1pl utworzono 26 sierpnia 2010 utworzono 26 sierpnia 2010 Witam, mam problem na który nie mogę nigdzie znaleźć odpowiedzi. Kupiłem laptopa (używanego) 7 miesięcy temu. Na początku wszystko było w porządku, ale po miesiącu sprzęt zaczął wolniej chodzić, co raz dłużej się wyłączał i włączał. Po pewnym czasie musiałem już czekać 2h na wyłączenie i 30 min na włączenie, więc zrobiłem format. Wszystko było w porządku do pewnego czasu. Po 1,5 miesiącu problem się ponawiał i znów robiłem formata. I tak ze 3 razy. Ostatnio znów pojawił się ten sam problem, a robienie kolejnego formata denerwuje mnie. W czym problem? Mogę dodać, że mam laptopa firmy samsung, a działa na systemie Windows Vista Home Basic ( chyba najgorsza wersja najgorszego systemu ). Czy jest to wina systemu, czy komputera? A może jakiś wirus, którego Antywirus nie znajduje? Proszę o jak najszybszą pomoc. Pozdrawiam [color="#ff0000"]//przenoszę do Bezpieki //raaz[/color]
hyper1pl komentarz 27 sierpnia 2010 Autor komentarz 27 sierpnia 2010 Microsoft Security EssentialsNikt nie potrafi mi pomóc?
raazor90 komentarz 27 sierpnia 2010 komentarz 27 sierpnia 2010 Daj loga z OTL i RSIT http://www.forumpc.pl/index.php?showtopic=104338
hyper1pl komentarz 27 sierpnia 2010 Autor komentarz 27 sierpnia 2010 [log]OTL logfile created on: 2010-08-27 21:38:56 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\kamil\Documents\download Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 28,18 Gb Free Space | 40,81% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 8,78 Gb Free Space | 12,54% Space Free | Partition Type: NTFS Drive E: | 416,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded Drive G: | 405,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAMIL-DOM Current User Name: kamil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-27 21:36:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\download\OTL.exe PRC - [2010-08-24 19:00:46 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe PRC - [2010-08-24 10:33:17 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Gry\Steam\Steam.exe PRC - [2010-07-24 09:37:41 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-06-01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe PRC - [2010-05-31 17:47:31 | 000,107,832 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe PRC - [2010-05-31 17:47:24 | 000,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2010-05-13 16:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2010-05-13 16:12:40 | 000,080,256 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2010-03-25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2010-03-25 21:40:42 | 000,203,312 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-11-24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe PRC - [2009-08-07 04:24:04 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe PRC - [2009-06-15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-02-25 09:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-06-09 00:23:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008-05-23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2008-05-23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008-05-22 10:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008-05-13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008-04-25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008-04-17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-04-17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-03-17 11:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2008-01-21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008-01-21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2008-01-21 04:34:50 | 002,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe PRC - [2008-01-21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-01-21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2008-01-21 04:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2008-01-21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2008-01-21 04:34:32 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe PRC - [2008-01-21 04:34:32 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2008-01-21 04:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2008-01-21 04:33:15 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2008-01-21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2008-01-21 04:32:57 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2008-01-21 04:32:56 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2007-10-26 07:39:14 | 000,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe PRC - [2007-10-26 07:39:04 | 001,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006-12-19 15:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-27 21:36:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\kamil\Documents\download\OTL.exe MOD - [2010-07-26 18:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-07-17 16:35:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-06-15 17:24:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-04-28 11:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll MOD - [2009-04-23 14:43:04 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-02-13 10:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2008-10-21 07:25:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2008-10-16 06:47:33 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll MOD - [2008-02-29 08:53:38 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2008-01-21 04:34:50 | 001,203,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2008-01-21 04:34:50 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2008-01-21 04:34:47 | 001,315,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2008-01-21 04:34:46 | 000,806,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2008-01-21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2008-01-21 04:34:35 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2008-01-21 04:34:34 | 001,590,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2008-01-21 04:34:22 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2008-01-21 04:34:22 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2008-01-21 04:34:21 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2008-01-21 04:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008-01-21 04:34:21 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2008-01-21 04:34:20 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2008-01-21 04:34:11 | 000,798,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2008-01-21 04:34:07 | 001,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2008-01-21 04:34:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2008-01-21 04:34:05 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2008-01-21 04:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2008-01-21 04:34:03 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2008-01-21 04:34:03 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2008-01-21 04:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2008-01-21 04:33:53 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2008-01-21 04:33:53 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2008-01-21 04:33:52 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2008-01-21 04:33:52 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2008-01-21 04:33:48 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2008-01-21 04:33:47 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2008-01-21 04:33:46 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2008-01-21 04:33:37 | 000,750,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2008-01-21 04:33:20 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2008-01-21 04:33:15 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2008-01-21 04:33:14 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll MOD - [2008-01-21 04:33:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2008-01-21 04:33:12 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2008-01-21 04:32:53 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-08-24 19:00:46 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-06-02 18:31:00 | 003,594,440 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010-03-25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) SRV - [2009-04-28 11:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall\acs.exe -- (acssrv) SRV - [2009-02-25 09:28:20 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2008-11-24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2008-05-23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008-05-23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008-05-13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT) DRV - [2010-07-22 02:28:58 | 000,005,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys -- (LLRING0) DRV - [2010-04-27 17:49:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-03-25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter) DRV - [2010-03-25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009-04-06 12:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox) DRV - [2009-02-18 18:27:54 | 000,029,208 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw) DRV - [2009-02-10 17:12:48 | 000,307,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore) DRV - [2008-06-16 14:38:10 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2008-06-09 00:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-04-17 09:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-05 07:56:26 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008-02-14 01:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2008-01-21 04:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 04:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 04:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 04:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 04:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 04:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 04:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 04:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 04:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 04:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008-01-21 04:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 04:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 04:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 04:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 04:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 04:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 04:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 04:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 04:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008-01-21 04:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 04:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 04:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 04:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007-12-28 03:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007-10-26 07:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007-09-13 08:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007-07-16 00:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2007-07-16 00:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2007-05-23 10:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007-01-04 13:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 13:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-11-28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-10-19 04:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=CriticalDamage&utm_medium=start IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.9.134 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-24 09:37:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-24 09:37:44 | 000,000,000 | ---D | M] [2010-04-10 17:54:27 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Extensions [2010-08-26 21:58:03 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions [2010-08-04 16:29:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-27 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\DTToolbar@toolbarnet.com [2010-07-30 13:26:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\toolbar@ask.com [2010-04-27 17:49:40 | 000,002,055 | ---- | M] () -- C:\Users\kamil\AppData\Roaming\Mozilla\FireFox\Profiles\gmr2j1a9.default\searchplugins\daemon-search.xml [2010-07-10 17:19:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-04-10 18:05:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-10 17:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-10 17:18:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-06-30 17:24:17 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-06-30 17:24:17 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-06-30 17:24:17 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-06-30 17:24:17 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-06-30 17:24:17 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-06-30 17:24:17 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [nod32] C:\Users\kamil\AppData\Local\Temp\nodqq.exe File not found O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [Steam] D:\Gry\Steam\Steam.exe (Valve Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2001-04-05 13:56:50 | 000,155,648 | R--- | M] () - E:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2000-09-26 15:57:42 | 000,000,045 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2008-03-27 19:55:30 | 000,000,047 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-08-27 20:33:44 | 000,000,380 | R--- | M] () - G:\autorun.xml -- [ CDFS ] O32 - AutoRun File - [2009-08-27 20:33:44 | 000,003,290 | R--- | M] () - G:\autorun_de.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 20:33:44 | 000,003,300 | R--- | M] () - G:\autorun_en.css -- [ CDFS ] O32 - AutoRun File - [2009-08-27 20:33:44 | 000,003,300 | R--- | M] () - G:\autorun_pl.css -- [ CDFS ] O33 - MountPoints2\{c62b9339-5214-11df-9312-001377f510d9}\Shell - "" = AutoRun O33 - MountPoints2\{c62b9339-5214-11df-9312-001377f510d9}\Shell\AutoRun\command - "" = G:\cdstart.exe -- [2009-08-27 20:33:26 | 000,266,240 | R--- | M] () O33 - MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\Shell\AutoRun\command - "" = F:\22yj2fy1.exe -- File not found O33 - MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\Shell\open\Command - "" = F:\22yj2fy1.exe -- File not found O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{fd9cf149-1d00-11de-95d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2001-04-05 13:56:50 | 000,155,648 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - () MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - State: "startup" - 2 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-24 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\The Witcher [2010-08-24 15:02:13 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Local\The Witcher [2010-08-24 12:39:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher [2010-08-19 19:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2010-08-19 19:40:39 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\FastStone [2010-08-19 19:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Photo Resizer [2010-08-19 14:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-08-18 10:54:00 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-08-18 10:01:10 | 000,000,000 | ---D | C] -- C:\Users\kamil\.thumbnails [2010-08-18 09:45:46 | 000,000,000 | ---D | C] -- C:\Users\kamil\.gimp-2.6 [2010-08-18 09:45:45 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\gegl-0.0 [2010-08-18 09:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-08-17 21:55:00 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-08-17 21:38:00 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Local\Google [2010-08-17 21:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-08-17 13:20:28 | 000,080,980 | ---- | C] (BioWare Corp.) -- C:\Windows\Uninstall Jade Empire.exe [2010-08-04 14:06:27 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU [2010-08-01 10:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials [2010-08-01 09:26:51 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Odebrane pliki [2010-07-31 21:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Messenger [2010-07-30 13:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010-07-30 13:28:08 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Local\AskToolbar [2010-07-30 09:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2010-07-30 09:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010-07-30 08:59:55 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\uTorrent [2010-07-28 00:14:29 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\download [2010-07-20 21:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo [2010-07-20 21:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-07-20 21:14:20 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\WinRAR [2010-07-20 21:14:18 | 000,249,856 | ---- | C] (Alexander Roshal) -- C:\Windows\UnRAR.exe [2010-07-20 20:51:53 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\Ventrilo [2010-07-13 21:08:05 | 000,000,000 | ---D | C] -- C:\Users\kamil\.gstreamer-0.10 [2010-07-13 21:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\OpenFM [2010-07-13 21:07:15 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-07-12 10:55:07 | 000,000,000 | ---D | C] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-07-11 11:19:07 | 000,000,000 | ---D | C] -- C:\Users\kamil\Documents\Guild Wars [2010-07-10 17:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010-07-10 17:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-07-10 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-07-08 23:59:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe [2010-07-04 14:48:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment [2010-06-29 17:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2006-11-24 07:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006-11-24 07:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-27 21:43:01 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-08-27 21:43:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-08-27 21:39:09 | 002,097,152 | -HS- | M] () -- C:\Users\kamil\NTUSER.DAT [2010-08-27 21:37:07 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010-08-27 21:37:07 | 000,137,021 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010-08-27 20:42:35 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-08-27 20:42:35 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-08-27 19:12:30 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2010-08-27 12:46:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDDK968.html [2010-08-27 12:46:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempylo968.html [2010-08-27 12:45:49 | 000,002,379 | ---- | M] () -- C:\Users\kamil\Desktop\Skype.lnk [2010-08-27 12:42:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-08-27 12:42:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-08-27 12:42:26 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2010-08-26 22:00:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010-08-26 22:00:01 | 002,516,196 | -H-- | M] () -- C:\Users\kamil\AppData\Local\IconCache.db [2010-08-26 21:51:54 | 000,044,534 | ---- | M] () -- C:\Users\kamil\Documents\adda.jpeg [2010-08-26 21:48:28 | 000,077,674 | ---- | M] () -- C:\Users\kamil\Documents\aga.jpeg [2010-08-26 21:46:26 | 000,118,262 | ---- | M] () -- C:\Users\kamil\Documents\ada.jpeg [2010-08-26 21:44:25 | 000,038,114 | ---- | M] () -- C:\Users\kamil\Documents\asa.jpeg [2010-08-26 18:54:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEP3404.html [2010-08-26 15:56:31 | 000,524,288 | -HS- | M] () -- C:\Users\kamil\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms [2010-08-26 15:56:31 | 000,065,536 | -HS- | M] () -- C:\Users\kamil\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf [2010-08-25 15:45:03 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempIy5004.html [2010-08-24 13:22:50 | 000,000,808 | ---- | M] () -- C:\Users\kamil\Desktop\launcher — skrót.lnk [2010-08-23 16:55:41 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmT5472.html [2010-08-23 03:43:32 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempdw4684.html [2010-08-23 03:43:32 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempzM4684.html [2010-08-22 16:45:30 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010-08-19 21:31:44 | 000,024,634 | ---- | M] () -- C:\Users\kamil\Documents\WoWtest.jpg [2010-08-19 21:31:44 | 000,008,350 | ---- | M] () -- C:\Users\kamil\.recently-used.xbel [2010-08-19 21:20:50 | 000,023,436 | ---- | M] () -- C:\Users\kamil\Documents\WoW.jpg [2010-08-19 21:01:49 | 000,408,587 | ---- | M] () -- C:\Users\kamil\Documents\WoW.xcf [2010-08-19 20:06:16 | 000,360,054 | ---- | M] () -- C:\Users\kamil\Documents\kopia.jpg.bmp [2010-08-19 19:55:20 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2010-08-19 19:55:20 | 000,000,807 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk [2010-08-19 19:40:35 | 000,000,914 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk [2010-08-19 14:01:51 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-18 09:45:34 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010-08-17 23:37:25 | 001,600,210 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-08-17 23:37:25 | 000,708,820 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-08-17 23:37:25 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-08-17 23:37:25 | 000,144,430 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-08-17 23:37:25 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-08-17 13:20:29 | 000,080,980 | ---- | M] (BioWare Corp.) -- C:\Windows\Uninstall Jade Empire.exe [2010-08-17 13:20:29 | 000,000,619 | ---- | M] () -- C:\Users\Public\Desktop\Jade Empire.lnk [2010-08-15 21:41:55 | 000,069,632 | ---- | M] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-15 10:58:32 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWX1360.html [2010-08-13 20:36:21 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplQ1032.html [2010-08-12 21:29:06 | 000,372,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-08-10 21:00:46 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPx3640.html [2010-08-10 21:00:46 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemplL3640.html [2010-08-08 23:45:52 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDx3124.html [2010-08-08 23:45:52 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempIh3124.html [2010-08-05 23:44:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempez1412.html [2010-08-05 23:44:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEs1412.html [2010-08-05 23:44:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBW4588.html [2010-08-05 23:25:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXp4588.html [2010-08-05 23:23:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempah3576.html [2010-08-05 18:47:19 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemprQ3576.html [2010-08-05 15:04:29 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempbZ3836.html [2010-08-05 15:04:28 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempyt3836.html [2010-08-04 18:34:08 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempoU4032.html [2010-08-04 18:34:08 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAw4032.html [2010-08-04 16:17:14 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempAi4032.html [2010-08-04 15:41:18 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempzC3172.html [2010-08-04 15:41:11 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMl3172.html [2010-08-04 00:46:41 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFX1580.html [2010-08-03 22:54:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXI1580.html [2010-08-03 20:49:14 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUC1708.html [2010-08-03 20:49:14 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempgn1708.html [2010-08-03 20:31:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemphL1708.html [2010-08-03 18:50:26 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempzr2748.html [2010-08-03 18:50:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempub2748.html [2010-08-03 16:20:29 | 000,000,680 | ---- | M] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-08-03 15:42:29 | 000,000,585 | ---- | M] () -- C:\Users\kamil\Desktop\Critical Damage.lnk [2010-08-03 14:33:11 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCC1656.html [2010-08-03 14:05:16 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCq1656.html [2010-08-02 23:47:02 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempkl2268.html [2010-08-02 23:30:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempFV2268.html [2010-08-02 12:51:25 | 000,101,040 | ---- | M] () -- C:\Users\kamil\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-02 11:45:57 | 000,000,433 | ---- | M] () -- C:\Windows\System32\mapisvc.inf [2010-08-02 11:41:45 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini [2010-08-01 18:01:34 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempQN2172.html [2010-08-01 18:01:32 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempNT2172.html [2010-08-01 11:55:12 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll [2010-08-01 11:55:12 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll [2010-08-01 11:55:12 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll [2010-08-01 11:48:54 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempvU2172.html [2010-08-01 11:19:47 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk [2010-08-01 09:49:03 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBo1592.html [2010-08-01 09:49:02 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temppx1592.html [2010-07-31 21:24:00 | 000,000,725 | ---- | M] () -- C:\Users\Public\Desktop\BV2 ProClient.lnk [2010-07-31 21:14:04 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\MSN Messenger 7.0.lnk [2010-07-31 00:46:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempQP4392.html [2010-07-31 00:46:17 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnR4392.html [2010-07-30 09:00:54 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010-07-28 20:01:35 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempwl4792.html [2010-07-28 17:38:05 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempxT2044.html [2010-07-28 17:38:05 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjX2044.html [2010-07-28 16:26:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templf4680.html [2010-07-28 16:26:27 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempew4680.html [2010-07-28 04:33:47 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWn1440.html [2010-07-28 04:33:47 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempuO1440.html [2010-07-27 10:59:54 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempSh2912.html [2010-07-27 10:59:54 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempfg2912.html [2010-07-26 23:39:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempTN5868.html [2010-07-26 23:39:27 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPQ5868.html [2010-07-26 16:15:08 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCf1680.html [2010-07-26 16:15:08 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfL1680.html [2010-07-26 01:27:28 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempuZ5516.html [2010-07-26 01:27:28 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempEY5516.html [2010-07-25 04:36:33 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempjB5988.html [2010-07-25 04:36:33 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempVS5988.html [2010-07-24 21:43:30 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemppO1912.html [2010-07-24 03:13:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempyu5472.html [2010-07-24 03:13:27 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempxP5472.html [2010-07-23 16:17:17 | 000,000,645 | ---- | M] () -- C:\Users\Public\Desktop\Evil Islands.lnk [2010-07-23 03:02:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempog4168.html [2010-07-23 03:02:12 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempfj4168.html [2010-07-22 16:01:06 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempCp2036.html [2010-07-22 16:01:06 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDw2036.html [2010-07-22 03:38:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempIw5672.html [2010-07-22 03:38:12 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempyC5672.html [2010-07-22 02:22:30 | 000,000,539 | ---- | M] () -- C:\Users\Public\Desktop\Launch ZhyperMU.EXE.lnk [2010-07-22 02:22:30 | 000,000,521 | ---- | M] () -- C:\Users\Public\Desktop\Launch mu.exe.lnk [2010-07-21 13:42:16 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempgr2452.html [2010-07-21 02:24:51 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLl4348.html [2010-07-21 02:24:51 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPI4348.html [2010-07-20 01:26:32 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempXl1504.html [2010-07-20 01:26:32 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempsW1504.html [2010-07-15 21:30:55 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempxs5152.html [2010-07-15 21:30:55 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempfD5152.html [2010-07-15 00:43:32 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDq5844.html [2010-07-15 00:43:32 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempiZ5844.html [2010-07-13 21:55:14 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLK5340.html [2010-07-13 21:55:14 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempZu5340.html [2010-07-13 02:03:59 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempci5688.html [2010-07-13 02:03:59 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempOy5688.html [2010-07-12 18:40:57 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempdB1472.html [2010-07-12 18:40:57 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempBc1472.html [2010-07-12 13:49:39 | 000,000,649 | ---- | M] () -- C:\Users\Public\Desktop\Battle of the Immortals.lnk [2010-07-12 11:53:22 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempLw5664.html [2010-07-11 22:31:31 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempww4668.html [2010-07-11 22:31:31 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDv4668.html [2010-07-11 15:26:55 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempgt3568.html [2010-07-11 15:26:55 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPT3568.html [2010-07-11 02:07:59 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempmK2360.html [2010-07-11 02:07:59 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempki2360.html [2010-07-10 18:08:49 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempaO1444.html [2010-07-10 18:08:49 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeW1444.html [2010-07-10 11:14:44 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPq1360.html [2010-07-10 11:14:44 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMK1360.html [2010-07-10 00:40:46 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWd2240.html [2010-07-10 00:40:46 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempZy2240.html [2010-07-09 23:01:54 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempza3228.html [2010-07-09 23:01:54 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemphE3228.html [2010-07-09 22:54:31 | 000,000,504 | ---- | M] () -- C:\Windows\tasks\Install.job [2010-07-09 00:24:42 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempqhU600.html [2010-07-09 00:24:42 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temposg600.html [2010-07-08 16:29:27 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempwK2196.html [2010-07-08 16:29:27 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempgq2196.html [2010-07-07 23:21:40 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempwj3452.html [2010-07-07 23:21:40 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempeR3452.html [2010-07-06 22:47:23 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temprw5876.html [2010-07-06 22:47:23 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempRT5876.html [2010-07-06 04:31:08 | 000,100,516 | ---- | M] () -- C:\Windows\serwer.rar [2010-07-06 01:06:02 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempgP2016.html [2010-07-06 01:06:02 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Temptu2016.html [2010-07-05 23:56:17 | 000,000,676 | ---- | M] () -- C:\Users\kamil\Desktop\Zagraj.lnk [2010-07-05 18:48:00 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempxo4312.html [2010-07-05 18:48:00 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempkp4312.html [2010-07-05 12:05:57 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempJl1692.html [2010-07-05 12:05:57 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempWo1692.html [2010-07-04 18:20:38 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempPi2236.html [2010-07-04 18:20:38 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnU2236.html [2010-07-02 21:13:29 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\Templa3964.html [2010-07-02 21:13:29 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\Tempho3964.html [2010-07-01 20:37:15 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempDU2316.html [2010-07-01 20:37:15 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempUc2316.html [2010-06-30 20:30:12 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempkXB696.html [2010-06-30 20:30:12 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempnTD696.html [2010-06-29 20:24:53 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempMp4320.html [2010-06-29 20:24:53 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempQq4320.html [2010-06-29 18:01:13 | 000,000,202 | ---- | M] () -- C:\Users\kamil\Desktop\Counter-Strike.url [2010-06-29 17:58:19 | 000,000,568 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010-06-29 17:35:17 | 000,002,432 | ---- | M] () -- C:\Users\kamil\AppData\Local\TemppH1316.html [2010-06-29 17:35:17 | 000,002,089 | ---- | M] () -- C:\Users\kamil\AppData\Local\TempxH1316.html [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-27 12:46:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDDK968.html [2010-08-27 12:46:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempylo968.html [2010-08-26 21:51:47 | 000,044,534 | ---- | C] () -- C:\Users\kamil\Documents\adda.jpeg [2010-08-26 21:48:10 | 000,077,674 | ---- | C] () -- C:\Users\kamil\Documents\aga.jpeg [2010-08-26 21:46:04 | 000,118,262 | ---- | C] () -- C:\Users\kamil\Documents\ada.jpeg [2010-08-26 21:44:12 | 000,038,114 | ---- | C] () -- C:\Users\kamil\Documents\asa.jpeg [2010-08-26 18:50:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEP3404.html [2010-08-25 15:16:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempIy5004.html [2010-08-24 13:22:54 | 000,000,808 | ---- | C] () -- C:\Users\kamil\Desktop\launcher — skrót.lnk [2010-08-23 16:53:16 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmT5472.html [2010-08-22 20:58:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdw4684.html [2010-08-22 20:58:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzM4684.html [2010-08-19 21:31:44 | 000,024,634 | ---- | C] () -- C:\Users\kamil\Documents\WoWtest.jpg [2010-08-19 21:31:44 | 000,008,350 | ---- | C] () -- C:\Users\kamil\.recently-used.xbel [2010-08-19 21:20:50 | 000,023,436 | ---- | C] () -- C:\Users\kamil\Documents\WoW.jpg [2010-08-19 21:01:49 | 000,408,587 | ---- | C] () -- C:\Users\kamil\Documents\WoW.xcf [2010-08-19 20:06:16 | 000,360,054 | ---- | C] () -- C:\Users\kamil\Documents\kopia.jpg.bmp [2010-08-19 19:55:20 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView Thumbnails.lnk [2010-08-19 19:55:20 | 000,000,807 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk [2010-08-19 19:40:35 | 000,000,914 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk [2010-08-19 14:01:51 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-18 09:45:34 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010-08-17 21:42:00 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010-08-17 21:40:30 | 000,002,379 | ---- | C] () -- C:\Users\kamil\Desktop\Skype.lnk [2010-08-17 21:38:33 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-08-17 21:38:30 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-08-17 13:20:29 | 000,000,619 | ---- | C] () -- C:\Users\Public\Desktop\Jade Empire.lnk [2010-08-15 10:57:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWX1360.html [2010-08-13 14:11:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplQ1032.html [2010-08-10 18:50:29 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPx3640.html [2010-08-10 18:50:29 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemplL3640.html [2010-08-08 12:39:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDx3124.html [2010-08-08 12:39:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempIh3124.html [2010-08-05 23:44:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempez1412.html [2010-08-05 23:44:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEs1412.html [2010-08-05 23:23:52 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXp4588.html [2010-08-05 23:23:52 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBW4588.html [2010-08-05 15:29:39 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempah3576.html [2010-08-05 15:29:38 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemprQ3576.html [2010-08-05 15:04:05 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempbZ3836.html [2010-08-05 15:04:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyt3836.html [2010-08-04 16:15:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoU4032.html [2010-08-04 16:15:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAi4032.html [2010-08-04 16:15:36 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAw4032.html [2010-08-04 15:26:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempzC3172.html [2010-08-04 15:26:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMl3172.html [2010-08-03 22:53:55 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFX1580.html [2010-08-03 22:53:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXI1580.html [2010-08-03 20:30:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUC1708.html [2010-08-03 20:30:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemphL1708.html [2010-08-03 20:30:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgn1708.html [2010-08-03 18:50:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempub2748.html [2010-08-03 18:50:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempzr2748.html [2010-08-03 16:20:29 | 000,000,680 | ---- | C] () -- C:\Users\kamil\AppData\Local\d3d9caps.dat [2010-08-03 15:42:29 | 000,000,585 | ---- | C] () -- C:\Users\kamil\Desktop\Critical Damage.lnk [2010-08-03 13:58:36 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCq1656.html [2010-08-03 13:58:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCC1656.html [2010-08-02 23:16:19 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempFV2268.html [2010-08-02 23:16:18 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkl2268.html [2010-08-01 17:52:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempNT2172.html [2010-08-01 11:39:48 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2010-08-01 11:32:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQN2172.html [2010-08-01 11:31:58 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvU2172.html [2010-08-01 10:39:13 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk [2010-08-01 09:34:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBo1592.html [2010-08-01 09:33:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppx1592.html [2010-07-31 21:24:00 | 000,000,725 | ---- | C] () -- C:\Users\Public\Desktop\BV2 ProClient.lnk [2010-07-31 21:14:04 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\MSN Messenger 7.0.lnk [2010-07-30 20:39:57 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQP4392.html [2010-07-30 20:39:57 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnR4392.html [2010-07-30 09:00:54 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010-07-28 20:00:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwl4792.html [2010-07-28 17:16:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxT2044.html [2010-07-28 17:16:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjX2044.html [2010-07-28 15:02:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templf4680.html [2010-07-28 15:02:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempew4680.html [2010-07-27 11:00:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWn1440.html [2010-07-27 11:00:51 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuO1440.html [2010-07-27 10:57:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSh2912.html [2010-07-27 10:57:27 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfg2912.html [2010-07-26 20:23:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempTN5868.html [2010-07-26 20:23:07 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPQ5868.html [2010-07-26 09:06:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCf1680.html [2010-07-26 09:06:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfL1680.html [2010-07-25 16:06:01 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempuZ5516.html [2010-07-25 16:06:01 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY5516.html [2010-07-24 23:00:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempjB5988.html [2010-07-24 23:00:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempVS5988.html [2010-07-24 17:24:27 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppO1912.html [2010-07-23 16:17:17 | 000,000,645 | ---- | C] () -- C:\Users\Public\Desktop\Evil Islands.lnk [2010-07-23 12:08:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempyu5472.html [2010-07-23 12:08:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxP5472.html [2010-07-22 17:58:24 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempog4168.html [2010-07-22 17:58:24 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfj4168.html [2010-07-22 14:15:25 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempCp2036.html [2010-07-22 14:15:25 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDw2036.html [2010-07-22 02:22:30 | 000,000,539 | ---- | C] () -- C:\Users\Public\Desktop\Launch ZhyperMU.EXE.lnk [2010-07-22 02:22:30 | 000,000,521 | ---- | C] () -- C:\Users\Public\Desktop\Launch mu.exe.lnk [2010-07-21 19:59:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempIw5672.html [2010-07-21 19:59:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC5672.html [2010-07-21 13:40:45 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgr2452.html [2010-07-20 21:14:18 | 001,336,832 | ---- | C] () -- C:\Windows\ventrilo-2.1.4-Windows-i386.exe [2010-07-20 21:14:18 | 000,100,516 | ---- | C] () -- C:\Windows\serwer.rar [2010-07-20 20:01:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLl4348.html [2010-07-20 20:01:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPI4348.html [2010-07-19 19:18:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXl1504.html [2010-07-19 19:18:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempsW1504.html [2010-07-15 18:24:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxs5152.html [2010-07-15 18:24:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempfD5152.html [2010-07-14 21:44:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDq5844.html [2010-07-14 21:44:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempiZ5844.html [2010-07-13 20:37:56 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLK5340.html [2010-07-13 20:37:56 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZu5340.html [2010-07-12 20:27:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempci5688.html [2010-07-12 20:27:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempOy5688.html [2010-07-12 18:35:16 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempdB1472.html [2010-07-12 18:35:16 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempBc1472.html [2010-07-12 13:49:39 | 000,000,649 | ---- | C] () -- C:\Users\Public\Desktop\Battle of the Immortals.lnk [2010-07-12 10:21:17 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLw5664.html [2010-07-11 16:36:39 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempww4668.html [2010-07-11 16:36:39 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDv4668.html [2010-07-11 12:54:47 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgt3568.html [2010-07-11 12:54:47 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPT3568.html [2010-07-10 22:24:49 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempmK2360.html [2010-07-10 22:24:49 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempki2360.html [2010-07-10 13:29:42 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempaO1444.html [2010-07-10 13:29:42 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeW1444.html [2010-07-10 08:58:46 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPq1360.html [2010-07-10 08:58:46 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMK1360.html [2010-07-09 23:09:55 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWd2240.html [2010-07-09 23:09:55 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZy2240.html [2010-07-09 22:55:47 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempza3228.html [2010-07-09 22:55:47 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemphE3228.html [2010-07-08 23:59:25 | 000,000,504 | ---- | C] () -- C:\Windows\tasks\Install.job [2010-07-08 20:51:42 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqhU600.html [2010-07-08 20:51:42 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temposg600.html [2010-07-08 11:00:11 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwK2196.html [2010-07-08 11:00:11 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempgq2196.html [2010-07-07 18:42:14 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempwj3452.html [2010-07-07 18:42:14 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempeR3452.html [2010-07-07 12:42:05 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [2010-07-06 14:28:33 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temprw5876.html [2010-07-06 14:28:33 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempRT5876.html [2010-07-05 23:56:17 | 000,000,676 | ---- | C] () -- C:\Users\kamil\Desktop\Zagraj.lnk [2010-07-05 22:49:41 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgP2016.html [2010-07-05 22:49:41 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temptu2016.html [2010-07-05 13:06:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxo4312.html [2010-07-05 13:06:50 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempkp4312.html [2010-07-05 12:03:59 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJl1692.html [2010-07-05 12:03:59 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempWo1692.html [2010-07-04 15:02:34 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempPi2236.html [2010-07-04 15:02:34 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnU2236.html [2010-07-02 13:22:06 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templa3964.html [2010-07-02 13:22:06 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempho3964.html [2010-07-01 13:18:40 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempDU2316.html [2010-07-01 13:18:40 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempUc2316.html [2010-06-30 13:13:44 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkXB696.html [2010-06-30 13:13:44 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempnTD696.html [2010-06-29 18:01:13 | 000,000,202 | ---- | C] () -- C:\Users\kamil\Desktop\Counter-Strike.url [2010-06-29 17:53:02 | 000,000,568 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010-06-29 17:45:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempMp4320.html [2010-06-29 17:45:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempQq4320.html [2010-06-29 14:40:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppH1316.html [2010-06-29 14:40:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempxH1316.html [2010-06-28 10:40:02 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempwV1564.html [2010-06-28 10:40:02 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempyC1564.html [2010-06-28 09:52:51 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TemppM3176.html [2010-05-31 17:47:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-05-31 17:47:42 | 000,022,328 | ---- | C] () -- C:\Users\kamil\AppData\Roaming\PnkBstrK.sys [2010-05-18 16:48:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-05-18 16:48:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-05-18 16:48:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-04-27 17:49:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-04-24 13:56:50 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempYg3044.html [2010-04-23 20:28:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Temppy1876.html [2010-04-23 20:28:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEY1876.html [2010-04-20 11:26:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempLW3776.html [2010-04-20 11:26:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templd3776.html [2010-04-18 20:08:03 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempqv2896.html [2010-04-18 20:08:03 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempkK2896.html [2010-04-18 11:26:35 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempdk2792.html [2010-04-18 11:26:35 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempZh2792.html [2010-04-17 17:35:08 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempJH3920.html [2010-04-17 17:35:08 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempuz3920.html [2010-04-17 09:52:07 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXK2252.html [2010-04-16 19:24:53 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempqgU376.html [2010-04-16 19:24:53 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempvBC376.html [2010-04-16 16:36:09 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempgR4068.html [2010-04-13 19:51:04 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempoR3468.html [2010-04-13 19:51:04 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempSP3468.html [2010-04-12 16:11:00 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempXQ2732.html [2010-04-12 16:11:00 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempxv2732.html [2010-04-11 19:42:23 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempEZ2156.html [2010-04-11 19:42:23 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Tempfu2156.html [2010-04-11 10:09:31 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempAZ2624.html [2010-04-11 10:09:31 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\Templn2624.html [2010-04-10 22:03:24 | 000,069,632 | ---- | C] () -- C:\Users\kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-10 18:49:16 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini [2010-04-10 18:49:16 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini [2010-04-10 18:48:14 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini [2010-04-10 18:48:10 | 000,046,892 | ---- | C] () -- C:\Windows\System32\ADADIX16.DLL [2010-04-10 18:07:10 | 000,002,432 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempHh2412.html [2010-04-10 18:07:10 | 000,002,089 | ---- | C] () -- C:\Users\kamil\AppData\Local\TempKy2412.html [2010-04-10 18:06:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-10 14:03:16 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-25 13:51:28 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008-07-25 13:38:07 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008-07-25 13:37:47 | 000,137,021 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008-07-25 13:19:47 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008-07-25 13:19:47 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008-07-25 11:38:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-02-15 09:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006-11-29 10:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006-11-02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-10-09 03:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001-11-14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010-05-10 19:42:40 | 000,000,000 | -HSD | M] -- C:\Users\kamil\AppData\Roaming\.# [2010-04-27 17:54:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\DAEMON Tools Lite [2010-04-24 11:07:41 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\fretsonfire [2010-08-01 09:34:23 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 [2010-07-12 13:24:19 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\GetRightToGo [2010-08-19 21:31:44 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\gtk-2.0 [2010-04-10 18:03:59 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\ipla [2010-07-13 21:07:15 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\OpenFM [2010-04-25 10:32:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\Sudeki [2010-08-24 11:42:57 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\uTorrent [2010-07-09 22:54:31 | 000,000,504 | ---- | M] () -- C:\Windows\Tasks\Install.job [2010-08-26 22:00:51 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010-08-27 19:12:30 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2008-01-21 04:34:29 | 000,333,203 | RHS- | M] () -- C:\bootmgr [2008-02-09 04:52:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-08-27 12:42:26 | 2141,831,168 | -HS- | M] () -- C:\hiberfil.sys [2009-03-30 08:32:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-30 08:32:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-08-27 12:42:25 | 2455,633,920 | -HS- | M] () -- C:\pagefile.sys [2008-07-25 13:03:42 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log [2009-06-05 16:20:18 | 000,000,086 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008-01-21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-01-21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008-01-21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys [2008-01-21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys [2008-01-21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008-01-21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008-01-21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < End of report >[/log] [log]OTL Extras logfile created on: 2010-08-27 21:38:56 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\kamil\Documents\download Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 28,18 Gb Free Space | 40,81% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 8,78 Gb Free Space | 12,54% Space Free | Partition Type: NTFS Drive E: | 416,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded Drive G: | 405,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAMIL-DOM Current User Name: kamil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E7CC823-67DF-4023-B491-C097C162A31C}" = rport=137 | protocol=17 | dir=out | app=system | "{3F63EFE9-1FBC-467C-AED3-9038D02A67B5}" = rport=139 | protocol=6 | dir=out | app=system | "{63770BFE-ED81-429B-96C5-F8DDA432119A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{7F8600B0-B9D7-4E8A-BDB3-8195D0CE0296}" = lport=138 | protocol=17 | dir=in | app=system | "{84A8ACDD-AC65-4FAF-A279-B029F0AFCF82}" = lport=445 | protocol=6 | dir=in | app=system | "{8B0BB7F6-80B9-4DF1-A238-D46C64D74188}" = rport=138 | protocol=17 | dir=out | app=system | "{90A14FA0-30DC-46B2-9722-427BDCAC6907}" = lport=139 | protocol=6 | dir=in | app=system | "{9CC21560-7B15-4D44-97CA-70C7E421B3FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B0CD9D42-A248-431B-9C54-39EACB788FB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BDCA7BEC-289B-4C6E-8019-5404B674D3ED}" = lport=137 | protocol=17 | dir=in | app=system | "{BF585DB2-F59B-40B8-87D4-6DAEA8EBDFA1}" = rport=445 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0181D501-0AB2-4A74-9B1A-9FF49BB44583}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{03279F81-5F12-4DB0-8E8F-0B8C20495C1D}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{0A5CCF83-E8E3-4E9C-BD3C-C2F33210947A}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{0CB4F52E-99EE-46E0-8F91-3083829FA1C7}" = protocol=6 | dir=in | app=d:\gry\bitwa o śródziemie\game.dat | "{21DBA5F2-D64B-4C9D-9B4F-60BCD9E28B90}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{2467551C-7C83-4DEF-85E9-CFD85238D7FB}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{24F2CAB8-9A99-4355-8A67-C50E39EF4E94}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{2C7AC75B-5BEA-4BC6-B993-6091C7F2757D}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2main.exe | "{2D4543C6-3D19-4103-BA08-CC609F74AB4C}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2editor.exe | "{2E074510-7277-448B-8EA6-C51A118A75CF}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2main_amdxp.exe | "{2F2A37EF-1038-448C-9CB4-E7DC634322B8}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2launcher.exe | "{371B1AE5-DB60-401F-B72E-50BCFAD6391F}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{3E3E907F-825E-44BA-9983-44DECD2B8DBA}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2server.exe | "{45263860-59F6-452D-88DA-42DE6B20E559}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{45E21BF7-A367-4185-9184-FCED477BE90D}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\farcry2.exe | "{48905CAF-416F-45DE-AE8C-D530120A7C97}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2server.exe | "{5B9407A0-28A5-40DD-AE59-A3682B8AA93C}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2main_amdxp.exe | "{5DBA5E8E-0A10-4D20-A790-6B13B49E9CF7}" = protocol=17 | dir=in | app=d:\gry\steam\steam.exe | "{6291B4E1-DC5B-44EB-94AE-02ABC7E2EE0B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{62C95CE5-A8A5-44CF-8D22-93507C352542}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{66236857-667E-44B5-876E-BF7B71B8492F}" = protocol=6 | dir=in | app=d:\gry\steam\steam.exe | "{6C7657B3-185F-4A92-B4DE-8B0CB24FB694}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{78737741-9D19-4BAE-A65D-E2358B39EA26}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8098A976-B884-4597-89DB-4259AD1B9967}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8260E1F9-1531-4AC4-96E0-50EFFDF6292D}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{908D642A-230B-4B33-9F55-DB89794C7AAA}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2main.exe | "{91C1A158-AD80-42FB-AD47-CE3DCA15F91D}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2editor.exe | "{93ECE2A4-A0EA-4466-8B47-29AE9E08CDAB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AEE12F3A-308C-4FE5-8125-82E3C35A1705}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwupdate.exe | "{B0C40A01-D221-4196-9149-45C0201C2B9E}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwupdate.exe | "{B1A58899-0ED4-4AC4-A95B-B1D84C63D937}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B2E905EE-FFDA-4D89-A34F-E2DA465A029B}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2launcher.exe | "{BE56C866-B359-470C-9694-ADBC2C873212}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{CA258FF5-ED95-4DF2-9455-480FFA0E1169}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{CC4D6F54-E850-49AA-8603-BC59E807481B}" = protocol=17 | dir=in | app=d:\gry\bitwa o śródziemie\game.dat | "{CCF1F04F-0E00-42FE-9BE8-ADDA7EC798F8}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | "{D3437876-83C3-4008-A7E0-587D0C187A35}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{E8FB2136-D53A-4463-938E-7DCFF2BA1E21}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EBA2273C-ED57-4D8C-B171-B02F5408B24D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{ED840BBA-2C36-4525-8108-669551CD368E}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\farcry2.exe | "{F41D6D52-2075-42F3-9A9C-A48A84B3B174}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "TCP Query User{15BAD523-BABE-482C-86E0-7FC354A0DCD4}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "TCP Query User{22A52C38-1EBD-4A34-83B4-897217788B32}D:\gry\puzzle quest\puzzle quest.exe" = protocol=6 | dir=in | app=d:\gry\puzzle quest\puzzle quest.exe | "TCP Query User{248EA3D1-E41F-4F89-BF3B-94A23D76A6F4}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "TCP Query User{3615DAC5-6A82-4855-B75B-BE477DC2604A}D:\gry\baboviolent 2\bv2.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "TCP Query User{5E4EB950-208A-4163-9DB1-501C64044FCD}D:\gry\metin priv\mcmetinpro.exe" = protocol=6 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "TCP Query User{B3E2C763-F1C7-4D5F-AE64-51813CE7FB4F}D:\gry\baboviolent 2\bv2.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "TCP Query User{C7DD2C2C-1507-4FC0-A4E9-242DA0AE3BFC}D:\gry\evil islands\game.exe" = protocol=6 | dir=in | app=d:\gry\evil islands\game.exe | "TCP Query User{C88AC836-914B-487D-BC83-B9C3870C51CD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{CB6257FE-7E86-4881-BC48-E56866F1AC4E}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "TCP Query User{CB9A6DBF-34B9-4C8C-9192-02E495980561}D:\gry\metin priv\mcmetinpro.exe" = protocol=6 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "TCP Query User{D12ED84E-A828-4F71-9257-00E39EC958C4}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "TCP Query User{D3D1329C-9AAB-4F9A-A754-A30374230087}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{EC02B774-4031-4F48-8E07-1AA930D12FBB}D:\gry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe | "TCP Query User{ECA9F7DF-FCFF-454B-8E0B-8D3F1BEDE6CD}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "TCP Query User{FB8C8DA7-7078-412B-9B99-66B547E859D2}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "TCP Query User{FCED68DF-798E-49FC-91A3-C03BD19E11E5}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{1E7BB258-9CF7-4BD1-B38C-A2B520434C57}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{3409B93B-A763-4459-86DF-1171A5BE4A6F}D:\gry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe | "UDP Query User{40A0D05A-539C-4F75-A0B2-D45F235E1AF5}D:\gry\baboviolent 2\bv2.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "UDP Query User{60176350-23D1-4897-AE53-E594053EE9B1}D:\gry\baboviolent 2\bv2.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "UDP Query User{6283023B-B287-498B-B539-7215D316C4F7}D:\gry\metin priv\mcmetinpro.exe" = protocol=17 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "UDP Query User{64A17349-B903-40CA-937B-7E4915F4CE70}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{74055167-4664-4A1A-AE27-881BBC91C4CC}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "UDP Query User{7F7D4B8B-3082-4D60-B5C2-D8FBFFD16DFA}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "UDP Query User{984DAE58-AAF6-4D29-AEB0-05A5A4428A42}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{A92A64BC-A28A-4DB0-B814-C009560DB30B}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "UDP Query User{AB0B3906-304A-4057-930A-9CCAA73BD308}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "UDP Query User{B58B9CD4-BF3B-4B40-B648-F65E452B7187}D:\gry\evil islands\game.exe" = protocol=17 | dir=in | app=d:\gry\evil islands\game.exe | "UDP Query User{C39B02C7-13D9-4FEE-A4D2-4AEC0B3B56D3}D:\gry\metin priv\mcmetinpro.exe" = protocol=17 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "UDP Query User{D096DDFD-B8DB-4FCB-B421-C08BC7CEC544}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "UDP Query User{E3B0EEDC-7D06-4805-803F-E906837B7CEA}D:\gry\puzzle quest\puzzle quest.exe" = protocol=17 | dir=in | app=d:\gry\puzzle quest\puzzle quest.exe | "UDP Query User{E660E2EE-B5EE-4DCC-BD53-2A718D4B7540}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1 "{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{1021878C-B14A-4A55-9D6E-E0603455C2F4}_is1" = BV2 ProClient 2.0 "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{385FB7F2-C398-4A91-93DE-188977864AB0}" = ZMU2010SMALL R3 "{3C2F83D3-3F75-4920-8E23-23A9FBADB35D}" = Microsoft Antimalware Service PL-PL Language Pack "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP2 dla programu Outlook 2007 "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7EE9145D-C430-44E6-B5ED-61FF9C332100}_is1" = Battle of the Immortals "{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{88C68165-3C92-11D5-B95D-00E07D97B508}" = Evil Islands "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0 "{AC76BA86-7AD7-1045-7B44-A80000000000}" = Adobe Reader 8 - Polish "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DD401D5B-35E2-4EA4-8585-4A44CB2DCC78}" = Jade Empire "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin Edycja Rozszerzona "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems HDA Modem "Agnitum Outpost Firewall_is1" = Outpost Firewall 2009 "A-Mind" = Absolute Mastermind v1.4 "AP Tuner 3.08" = AP Tuner 3.08 "Audacity 1.3 Beta_is1" = Audacity 1.3.0 "Business Contact Manager" = Business Contact Manager z dodatkiem SP2 dla programu Outlook 2007 "Critical Damage_is1" = Critical Damage "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Diablo II" = Diablo II "FarmingSimulator2009PL_is1" = Symulator-Farmy 2009 "FastStone Photo Resizer" = FastStone Photo Resizer 2.5 "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "ipla" = ipla 2.1.2 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Standard) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NeroShowTime!UninstallKey" = Nero ShowTime CE "Niezbędnik CD_is1" = Niezbędnik CD "NVIDIA Drivers" = NVIDIA Drivers "Odyssee" = Odyseja "OpenAL" = OpenAL "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "PunkBusterSvc" = PunkBuster Services "PuzzleQuest_is1" = Puzzle Quest "RealAlt_is1" = Real Alternative 2.0.2 "Septerra Core PL" = Septerra Core PL "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "Steam App 10" = Counter-Strike "SynTPDeinstKey" = Synaptics Pointing Device Driver "TmNationsForever_is1" = TmNationsForever "uTorrent" = µTorrent "WinGimp-2.0_is1" = GIMP 2.6.10 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-11 15:24:31 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-12 06:33:08 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-12 15:29:43 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-13 05:59:16 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-13 08:10:40 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 03:19:36 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 03:46:26 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 08:10:17 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 16:11:42 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-15 04:57:08 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2010-08-01 17:41:27 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:41:27 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:43:28 | Computer Name = Kamil-dom | Source = HTTP | ID = 15016 Description = Error - 2010-08-01 17:44:22 | Computer Name = Kamil-dom | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-08-01 17:45:04 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:45:04 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-02 05:00:59 | Computer Name = Kamil-dom | Source = HTTP | ID = 15016 Description = Error - 2010-08-02 05:01:51 | Computer Name = Kamil-dom | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-08-02 05:02:34 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-02 05:02:34 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = < End of report >[/log][log]Logfile of random's system information tool 1.08 (written by random/random) Run by kamil at 2010-08-27 21:57:38 Microsoft® Windows Vista™ Home Basic Service Pack 1 System drive C: has 29 GB (41%) free of 71 GB Total RAM: 2042 MB (47% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:58:17, on 2010-08-27 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18498) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Essentials\msseces.exe D:\Gry\Steam\Steam.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Users\kamil\Documents\download\OTL.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\kamil\Documents\download\RSIT.exe C:\Program Files\trend micro\kamil.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=CriticalDamage&utm_medium=start R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [nod32] C:\Users\kamil\AppData\Local\Temp\nodqq.exe O4 - HKCU\..\Run: [Steam] "D:\Gry\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 7032 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Install.job C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-09 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "nod32"=C:\Users\kamil\AppData\Local\Temp\nodqq.exe [] "Steam"=D:\Gry\Steam\Steam.exe [2010-08-24 1242448] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-07-22 12477024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-22 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-22 734872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-08-27 21:57:41 ----D---- C:\Program Files\trend micro 2010-08-27 21:57:38 ----D---- C:\rsit 2010-08-19 19:55:18 ----D---- C:\Program Files\IrfanView 2010-08-19 19:40:39 ----D---- C:\Users\kamil\AppData\Roaming\FastStone 2010-08-19 19:40:30 ----D---- C:\Program Files\FastStone Photo Resizer 2010-08-19 14:01:51 ----D---- C:\Program Files\Common Files\Skype 2010-08-18 10:54:00 ----D---- C:\Users\kamil\AppData\Roaming\gtk-2.0 2010-08-18 09:44:48 ----D---- C:\Program Files\GIMP-2.0 2010-08-17 21:55:00 ----RD---- C:\Program Files\Skype 2010-08-17 21:37:55 ----D---- C:\Program Files\Google 2010-08-17 13:20:28 ----A---- C:\Windows\Uninstall Jade Empire.exe 2010-08-11 13:16:18 ----A---- C:\Windows\system32\iccvid.dll 2010-08-11 13:16:11 ----A---- C:\Windows\system32\schannel.dll 2010-08-11 13:16:04 ----A---- C:\Windows\system32\mshtml.dll 2010-08-11 13:16:04 ----A---- C:\Windows\system32\ieapfltr.dll 2010-08-11 13:16:01 ----A---- C:\Windows\system32\urlmon.dll 2010-08-11 13:16:01 ----A---- C:\Windows\system32\ieframe.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\wininet.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\mstime.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\mshtmled.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\ieaksie.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\occache.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\msfeeds.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\jsproxy.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iertutil.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iepeers.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\ieencode.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iedkcs32.dll 2010-08-11 13:15:53 ----A---- C:\Windows\system32\win32k.sys 2010-08-11 13:15:51 ----A---- C:\Windows\system32\rtutils.dll 2010-08-11 13:15:47 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-08-11 13:15:47 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-08-11 13:15:43 ----A---- C:\Windows\system32\msxml3.dll 2010-08-11 13:15:40 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-08-11 13:15:40 ----A---- C:\Windows\system32\drivers\srv.sys 2010-08-11 13:15:37 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-08-04 14:10:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-08-04 14:10:05 ----A---- C:\Windows\system32\PresentationHost.exe 2010-08-04 14:10:05 ----A---- C:\Windows\system32\netfxperf.dll 2010-08-04 14:10:05 ----A---- C:\Windows\system32\mscoree.dll 2010-08-04 14:10:04 ----A---- C:\Windows\system32\dfshim.dll 2010-08-04 14:06:27 ----D---- C:\Windows\SQL9_KB970892_ENU 2010-08-03 14:25:29 ----A---- C:\Windows\system32\winhttp.dll 2010-08-03 14:25:19 ----A---- C:\Windows\system32\drivers\http.sys 2010-08-03 14:25:18 ----A---- C:\Windows\system32\nshhttp.dll 2010-08-03 14:25:18 ----A---- C:\Windows\system32\httpapi.dll 2010-08-03 14:24:52 ----A---- C:\Windows\system32\shell32.dll 2010-08-02 11:47:12 ----A---- C:\Windows\system32\browserchoice.exe 2010-08-02 11:20:49 ----A---- C:\Windows\system32\infocardapi.dll 2010-08-02 11:20:48 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-08-02 11:20:46 ----A---- C:\Windows\system32\icardagt.exe 2010-08-02 11:20:45 ----A---- C:\Windows\system32\icardres.dll 2010-08-02 11:20:42 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-08-02 11:11:08 ----A---- C:\Windows\system32\mscorier.dll 2010-08-02 11:10:44 ----A---- C:\Windows\system32\mscories.dll 2010-08-01 12:29:05 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-08-01 12:29:00 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-08-01 12:28:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-08-01 11:40:03 ----A---- C:\Windows\system32\t2embed.dll 2010-08-01 11:39:59 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-08-01 11:39:56 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-08-01 11:39:51 ----A---- C:\Windows\system32\msxml6.dll 2010-08-01 11:39:46 ----A---- C:\Windows\system32\wlanmsm.dll 2010-08-01 11:39:46 ----A---- C:\Windows\system32\L2SecHC.dll 2010-08-01 11:39:45 ----A---- C:\Windows\system32\wlansvc.dll 2010-08-01 11:39:45 ----A---- C:\Windows\system32\wlansec.dll 2010-08-01 11:39:30 ----A---- C:\Windows\system32\netiohlp.dll 2010-08-01 11:39:29 ----A---- C:\Windows\system32\NETSTAT.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\TCPSVCS.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\MRINFO.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\HOSTNAME.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\finger.exe 2010-08-01 11:39:28 ----A---- C:\Windows\system32\ARP.EXE 2010-08-01 11:39:27 ----A---- C:\Windows\system32\ROUTE.EXE 2010-08-01 11:39:26 ----A---- C:\Windows\system32\netevent.dll 2010-08-01 11:38:44 ----A---- C:\Windows\system32\msv1_0.dll 2010-08-01 11:38:37 ----A---- C:\Windows\system32\inetcomm.dll 2010-08-01 11:38:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2010-08-01 11:38:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2010-08-01 11:38:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2010-08-01 11:38:26 ----A---- C:\Windows\system32\pacerprf.dll 2010-08-01 11:38:26 ----A---- C:\Windows\system32\drivers\pacer.sys 2010-08-01 11:38:21 ----A---- C:\Windows\system32\WMVCORE.DLL 2010-08-01 11:38:19 ----A---- C:\Windows\system32\mf.dll 2010-08-01 11:37:54 ----A---- C:\Windows\system32\asycfilt.dll 2010-08-01 11:37:52 ----A---- C:\Windows\system32\vbscript.dll 2010-08-01 11:37:50 ----A---- C:\Windows\system32\atl.dll 2010-08-01 11:37:48 ----A---- C:\Windows\system32\gdi32.dll 2010-08-01 11:37:39 ----A---- C:\Windows\system32\tzres.dll 2010-08-01 11:37:18 ----A---- C:\Windows\system32\xolehlp.dll 2010-08-01 11:37:18 ----A---- C:\Windows\system32\msdtcprx.dll 2010-08-01 11:37:16 ----A---- C:\Windows\system32\es.dll 2010-08-01 11:37:12 ----A---- C:\Windows\system32\mstscax.dll 2010-08-01 11:37:09 ----A---- C:\Windows\system32\wkssvc.dll 2010-08-01 11:37:07 ----A---- C:\Windows\system32\wmpeffects.dll 2010-08-01 11:37:03 ----A---- C:\Windows\system32\netapi32.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\fontsub.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\dciman32.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\atmlib.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\atmfd.dll 2010-08-01 11:36:30 ----A---- C:\Windows\system32\localspl.dll 2010-08-01 11:36:27 ----A---- C:\Windows\explorer.exe 2010-08-01 11:36:23 ----A---- C:\Windows\system32\kerberos.dll 2010-08-01 11:36:22 ----A---- C:\Windows\system32\wdigest.dll 2010-08-01 11:36:21 ----A---- C:\Windows\system32\lsasrv.dll 2010-08-01 11:36:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2010-08-01 11:36:20 ----A---- C:\Windows\system32\secur32.dll 2010-08-01 11:36:20 ----A---- C:\Windows\system32\lsass.exe 2010-08-01 11:36:05 ----A---- C:\Windows\system32\rpcss.dll 2010-08-01 11:36:03 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-08-01 11:36:01 ----A---- C:\Windows\system32\sdohlp.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\iasrecst.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\iasdatastore.dll 2010-08-01 11:36:00 ----A---- C:\Windows\system32\iashost.exe 2010-08-01 11:36:00 ----A---- C:\Windows\system32\iasads.dll 2010-08-01 11:35:51 ----A---- C:\Windows\system32\jscript.dll 2010-08-01 11:35:45 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-08-01 11:35:45 ----A---- C:\Windows\system32\drivers\tunnel.sys 2010-08-01 11:35:28 ----A---- C:\Windows\system32\ieUnatt.exe 2010-08-01 11:35:20 ----A---- C:\Windows\system32\quartz.dll 2010-08-01 11:35:12 ----A---- C:\Windows\system32\kernel32.dll 2010-08-01 11:35:11 ----A---- C:\Windows\system32\apilogen.dll 2010-08-01 11:35:11 ----A---- C:\Windows\system32\amxread.dll 2010-08-01 11:35:07 ----A---- C:\Windows\system32\win32spl.dll 2010-08-01 11:35:05 ----A---- C:\Windows\system32\emdmgmt.dll 2010-08-01 11:35:05 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-08-01 11:35:04 ----A---- C:\Windows\system32\dataclen.dll 2010-08-01 11:35:04 ----A---- C:\Windows\system32\cdd.dll 2010-08-01 11:35:01 ----A---- C:\Windows\system32\drivers\rmcast.sys 2010-08-01 11:34:53 ----A---- C:\Windows\system32\wmp.dll 2010-08-01 11:34:51 ----A---- C:\Windows\system32\wmpdxm.dll 2010-08-01 11:34:49 ----A---- C:\Windows\system32\spwmp.dll 2010-08-01 11:34:48 ----A---- C:\Windows\system32\dxmasf.dll 2010-08-01 11:34:47 ----A---- C:\Windows\system32\wmploc.DLL 2010-08-01 11:34:37 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-08-01 11:34:36 ----A---- C:\Windows\system32\logagent.exe 2010-08-01 11:34:33 ----A---- C:\Windows\system32\wshext.dll 2010-08-01 11:34:33 ----A---- C:\Windows\system32\wscript.exe 2010-08-01 11:34:32 ----A---- C:\Windows\system32\scrrun.dll 2010-08-01 11:34:32 ----A---- C:\Windows\system32\scrobj.dll 2010-08-01 11:34:32 ----A---- C:\Windows\system32\cscript.exe 2010-08-01 11:34:29 ----A---- C:\Windows\system32\msasn1.dll 2010-08-01 11:34:17 ----A---- C:\Windows\system32\rpcrt4.dll 2010-08-01 11:34:13 ----A---- C:\Windows\system32\rastls.dll 2010-08-01 11:34:13 ----A---- C:\Windows\system32\raschap.dll 2010-08-01 11:34:09 ----A---- C:\Windows\system32\WSDApi.dll 2010-08-01 11:34:00 ----A---- C:\Windows\system32\msvidc32.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\tsbyuv.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\msyuv.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\msrle32.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\iyuv_32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\mciavi32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\avifil32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\avicap32.dll 2010-08-01 11:33:57 ----A---- C:\Windows\system32\msvfw32.dll 2010-08-01 11:29:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2010-08-01 10:57:06 ----A---- C:\Windows\system32\wintrust.dll 2010-08-01 10:57:00 ----A---- C:\Windows\system32\cabview.dll 2010-08-01 10:52:31 ----N---- C:\Windows\system32\MpSigStub.exe 2010-08-01 10:40:25 ----A---- C:\Windows\system32\wups2.dll 2010-08-01 10:40:25 ----A---- C:\Windows\system32\wuauclt.exe 2010-08-01 10:40:24 ----A---- C:\Windows\system32\wucltux.dll 2010-08-01 10:40:24 ----A---- C:\Windows\system32\wuaueng.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wups.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wudriver.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wuapi.dll 2010-08-01 10:40:00 ----A---- C:\Windows\system32\wuwebv.dll 2010-08-01 10:40:00 ----A---- C:\Windows\system32\wuapp.exe 2010-08-01 10:39:11 ----D---- C:\Program Files\Microsoft Security Essentials 2010-07-31 21:14:02 ----D---- C:\Program Files\MSN Messenger 2010-07-30 13:30:43 ----D---- C:\Program Files\Microsoft Silverlight 2010-07-30 09:01:42 ----D---- C:\Program Files\Ask.com 2010-07-30 09:00:54 ----D---- C:\Program Files\uTorrent 2010-07-30 08:59:55 ----D---- C:\Users\kamil\AppData\Roaming\uTorrent ======List of files/folders modified in the last 1 months====== 2010-08-27 21:57:41 ----RD---- C:\Program Files 2010-08-27 21:57:35 ----D---- C:\Windows\Temp 2010-08-27 21:46:42 ----D---- C:\Users\kamil\AppData\Roaming\Skype 2010-08-27 16:05:57 ----D---- C:\Users\kamil\AppData\Roaming\skypePM 2010-08-26 15:01:49 ----SHD---- C:\System Volume Information 2010-08-25 13:37:04 ----D---- C:\Program Files\Common Files\Steam 2010-08-24 13:15:05 ----SHD---- C:\Windows\Installer 2010-08-24 13:14:28 ----RSD---- C:\Windows\assembly 2010-08-24 12:41:31 ----HD---- C:\Program Files\InstallShield Installation Information 2010-08-19 14:02:01 ----D---- C:\Windows\system32\Tasks 2010-08-19 14:01:51 ----D---- C:\Program Files\Common Files 2010-08-19 14:01:44 ----D---- C:\ProgramData\Skype 2010-08-19 12:04:23 ----D---- C:\Windows\Prefetch 2010-08-18 00:46:05 ----SD---- C:\Users\kamil\AppData\Roaming\Microsoft 2010-08-17 23:37:25 ----D---- C:\Windows\System32 2010-08-17 23:37:25 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-17 23:37:24 ----D---- C:\Windows\inf 2010-08-17 21:38:33 ----D---- C:\Windows\Tasks 2010-08-17 13:20:28 ----D---- C:\Windows 2010-08-16 09:09:34 ----D---- C:\Windows\system32\catroot2 2010-08-12 21:34:49 ----D---- C:\Windows\Microsoft.NET 2010-08-12 12:52:57 ----D---- C:\Program Files\Internet Explorer 2010-08-12 12:52:54 ----D---- C:\Program Files\Movie Maker 2010-08-12 12:52:52 ----D---- C:\Windows\system32\drivers 2010-08-12 12:47:10 ----D---- C:\Windows\winsxs 2010-08-12 12:42:25 ----D---- C:\ProgramData\Microsoft Help 2010-08-12 12:40:00 ----D---- C:\Windows\system32\catroot 2010-08-08 23:35:13 ----D---- C:\Windows\system32\WDI 2010-08-04 15:00:32 ----D---- C:\Windows\rescache 2010-08-04 14:36:46 ----D---- C:\Windows\system32\wbem 2010-08-04 14:36:45 ----D---- C:\Windows\system32\pl-PL 2010-08-04 14:36:45 ----D---- C:\Windows\system32\drivers\pl-PL 2010-08-04 14:07:14 ----D---- C:\Program Files\Microsoft SQL Server 2010-08-02 12:44:47 ----D---- C:\Program Files\Windows Mail 2010-08-02 12:44:40 ----D---- C:\Windows\system32\manifeststore 2010-08-02 12:44:40 ----D---- C:\Windows\AppPatch 2010-08-02 12:44:39 ----D---- C:\Program Files\Windows Media Player 2010-08-02 12:44:35 ----D---- C:\Windows\system32\XPSViewer 2010-08-02 12:44:35 ----D---- C:\Windows\system32\en-US 2010-08-02 11:44:00 ----RSD---- C:\Windows\Fonts 2010-08-02 11:43:51 ----D---- C:\Program Files\Common Files\microsoft shared 2010-08-02 11:43:26 ----D---- C:\Program Files\Microsoft Works 2010-08-02 11:41:45 ----A---- C:\Windows\win.ini 2010-08-02 11:36:21 ----D---- C:\Windows\Registration 2010-08-02 11:07:10 ----D---- C:\Windows\SoftwareDistribution 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntfNT.dll 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntf32.dll 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntf16.dll 2010-08-01 10:39:26 ----SD---- C:\ProgramData\Microsoft 2010-08-01 10:33:44 ----HD---- C:\ProgramData 2010-08-01 09:34:23 ----D---- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-16 318488] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-27 691696] R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 7522624] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456] R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 awv0817p;awv0817p; C:\Windows\system32\drivers\awv0817p.sys [] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 LLRING0;LLRING0; \??\D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys [2010-07-22 5120] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-25 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-31 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-05-31 107832] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-24 407336] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-17 136176] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-02 3594440] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- [/log]
Tomek01 komentarz 27 sierpnia 2010 komentarz 27 sierpnia 2010 Odinstaluj: Ask toolbar, DAEMON Tools Toolbar Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185[2010-04-27 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\DTToolbar@toolbarnet.com [2010-07-30 13:26:47 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\toolbar@ask.com [2010-04-27 17:49:40 | 000,002,055 | ---- | M] () -- C:\Users\kamil\AppData\Roaming\Mozilla\FireFox\Profiles\gmr2j1a9.default\searchplugins\daemon-search.xml O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKU\S-1-5-21-23042342-2651542211-2932212354-1003..\Run: [nod32] C:\Users\kamil\AppData\Local\Temp\nodqq.exe File not found O33 - MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\Shell\AutoRun\command - "" = F:\22yj2fy1.exe -- File not found O33 - MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\Shell\open\Command - "" = F:\22yj2fy1.exe -- File not found :Files C:\Users\kamil\AppData\Local\AskToolbar C:\Users\kamil\AppData\Local\TempDDK968.html C:\Users\kamil\AppData\Local\Tempylo968.html C:\Users\kamil\AppData\Local\TempEP3404.html C:\Users\kamil\AppData\Local\TempIy5004.html C:\Users\kamil\AppData\Local\TempmT5472.html C:\Users\kamil\AppData\Local\Tempdw4684.html C:\Users\kamil\AppData\Local\TempzM4684.html C:\Users\kamil\AppData\Local\TempWX1360.html C:\Users\kamil\AppData\Local\TemplQ1032.html C:\Users\kamil\AppData\Local\TempPx3640.html C:\Users\kamil\AppData\Local\TemplL3640.html C:\Users\kamil\AppData\Local\TempDx3124.html C:\Users\kamil\AppData\Local\TempIh3124.html C:\Users\kamil\AppData\Local\Tempez1412.html C:\Users\kamil\AppData\Local\TempEs1412.html C:\Users\kamil\AppData\Local\TempBW4588.html C:\Users\kamil\AppData\Local\TempXp4588.html C:\Users\kamil\AppData\Local\Tempah3576.html C:\Users\kamil\AppData\Local\TemprQ3576.html C:\Users\kamil\AppData\Local\TempbZ3836.html C:\Users\kamil\AppData\Local\Tempyt3836.html C:\Users\kamil\AppData\Local\TempoU4032.html C:\Users\kamil\AppData\Local\TempAw4032.html C:\Users\kamil\AppData\Local\TempAi4032.html C:\Users\kamil\AppData\Local\TempzC3172.html C:\Users\kamil\AppData\Local\TempMl3172.html C:\Users\kamil\AppData\Local\TempFX1580.html C:\Users\kamil\AppData\Local\TempXI1580.html C:\Users\kamil\AppData\Local\TempUC1708.html C:\Users\kamil\AppData\Local\Tempgn1708.html C:\Users\kamil\AppData\Local\TemphL1708.html C:\Users\kamil\AppData\Local\Tempzr2748.html C:\Users\kamil\AppData\Local\Tempub2748.html C:\Users\kamil\AppData\Local\TempCC1656.html C:\Users\kamil\AppData\Local\TempCq1656.html C:\Users\kamil\AppData\Local\Tempkl2268.html C:\Users\kamil\AppData\Local\TempFV2268.html C:\Users\kamil\AppData\Local\TempQN2172.html C:\Users\kamil\AppData\Local\TempNT2172.html C:\Users\kamil\AppData\Local\TempvU2172.html C:\Users\kamil\AppData\Local\TempBo1592.html C:\Users\kamil\AppData\Local\Temppx1592.html C:\Users\kamil\AppData\Local\TempQP4392.html C:\Users\kamil\AppData\Local\TempnR4392.html C:\Users\kamil\AppData\Local\Tempwl4792.html C:\Users\kamil\AppData\Local\TempxT2044.html C:\Users\kamil\AppData\Local\TempjX2044.html C:\Users\kamil\AppData\Local\Templf4680.html C:\Users\kamil\AppData\Local\Tempew4680.html C:\Users\kamil\AppData\Local\TempWn1440.html C:\Users\kamil\AppData\Local\TempuO1440.html C:\Users\kamil\AppData\Local\TempSh2912.html C:\Users\kamil\AppData\Local\Tempfg2912.html C:\Users\kamil\AppData\Local\TempTN5868.html C:\Users\kamil\AppData\Local\TempPQ5868.html C:\Users\kamil\AppData\Local\TempCf1680.html C:\Users\kamil\AppData\Local\TempfL1680.html C:\Users\kamil\AppData\Local\TempuZ5516.html C:\Users\kamil\AppData\Local\TempEY5516.html C:\Users\kamil\AppData\Local\TempjB5988.html C:\Users\kamil\AppData\Local\TempVS5988.html C:\Users\kamil\AppData\Local\TemppO1912.html C:\Users\kamil\AppData\Local\Tempyu5472.html C:\Users\kamil\AppData\Local\TempxP5472.html C:\Users\kamil\AppData\Local\Tempog4168.html C:\Users\kamil\AppData\Local\Tempfj4168.html C:\Users\kamil\AppData\Local\TempCp2036.html C:\Users\kamil\AppData\Local\TempDw2036.html C:\Users\kamil\AppData\Local\TempIw5672.html C:\Users\kamil\AppData\Local\TempyC5672.html C:\Users\kamil\AppData\Local\Tempgr2452.html C:\Users\kamil\AppData\Local\TempLl4348.html C:\Users\kamil\AppData\Local\TempPI4348.html C:\Users\kamil\AppData\Local\TempXl1504.html C:\Users\kamil\AppData\Local\TempsW1504.html C:\Users\kamil\AppData\Local\Tempxs5152.html C:\Users\kamil\AppData\Local\TempfD5152.html C:\Users\kamil\AppData\Local\TempDq5844.html C:\Users\kamil\AppData\Local\TempiZ5844.html C:\Users\kamil\AppData\Local\TempLK5340.html C:\Users\kamil\AppData\Local\TempZu5340.html C:\Users\kamil\AppData\Local\Tempci5688.html C:\Users\kamil\AppData\Local\TempOy5688.html C:\Users\kamil\AppData\Local\TempdB1472.html C:\Users\kamil\AppData\Local\TempBc1472.html C:\Users\kamil\AppData\Local\TempLw5664.html C:\Users\kamil\AppData\Local\Tempww4668.html C:\Users\kamil\AppData\Local\TempDv4668.html C:\Users\kamil\AppData\Local\Tempgt3568.html C:\Users\kamil\AppData\Local\TempPT3568.html C:\Users\kamil\AppData\Local\TempmK2360.html C:\Users\kamil\AppData\Local\Tempki2360.html C:\Users\kamil\AppData\Local\TempaO1444.html C:\Users\kamil\AppData\Local\TempeW1444.html C:\Users\kamil\AppData\Local\TempPq1360.html C:\Users\kamil\AppData\Local\TempMK1360.html C:\Users\kamil\AppData\Local\TempWd2240.html C:\Users\kamil\AppData\Local\TempZy2240.html C:\Users\kamil\AppData\Local\Tempza3228.html C:\Users\kamil\AppData\Local\TemphE3228.html C:\Users\kamil\AppData\Local\TempqhU600.html C:\Users\kamil\AppData\Local\Temposg600.html C:\Users\kamil\AppData\Local\TempwK2196.html C:\Users\kamil\AppData\Local\Tempgq2196.html C:\Users\kamil\AppData\Local\Tempwj3452.html C:\Users\kamil\AppData\Local\TempeR3452.html C:\Users\kamil\AppData\Local\Temprw5876.html C:\Users\kamil\AppData\Local\TempRT5876.html C:\Users\kamil\AppData\Local\TempgP2016.html C:\Users\kamil\AppData\Local\Temptu2016.html C:\Users\kamil\AppData\Local\Tempxo4312.html C:\Users\kamil\AppData\Local\Tempkp4312.html C:\Users\kamil\AppData\Local\TempJl1692.html C:\Users\kamil\AppData\Local\TempWo1692.html C:\Users\kamil\AppData\Local\TempPi2236.html C:\Users\kamil\AppData\Local\TempnU2236.html C:\Users\kamil\AppData\Local\Templa3964.html C:\Users\kamil\AppData\Local\Tempho3964.html C:\Users\kamil\AppData\Local\TempDU2316.html C:\Users\kamil\AppData\Local\TempUc2316.html C:\Users\kamil\AppData\Local\TempkXB696.html C:\Users\kamil\AppData\Local\TempnTD696.html C:\Users\kamil\AppData\Local\TempMp4320.html C:\Users\kamil\AppData\Local\TempQq4320.html C:\Users\kamil\AppData\Local\TemppH1316.html C:\Users\kamil\AppData\Local\TempxH1316.html C:\Windows\tasks\Install.job C:\Users\kamil\AppData\Roaming\.# C:\Users\kamil\AppData\Local\Temp\nodqq.exe :Commands [emptytemp] [start explorer] [Reboot] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzucasz log z usuwania oraz nowe logi OTL i RSIT. 1
hyper1pl komentarz 28 sierpnia 2010 Autor komentarz 28 sierpnia 2010 [quote name='Tomek01' date='27 sierpień 2010 - 21:18' timestamp='1282940400' post='1078314'] Zastosuj Flash Disinfector, najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. [/quote] Teraz już z ciekawości. Dlaczego?log z usuwania [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185[2010-04-27 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\DTToolbar@toolbarnet.com removed from extensions.enabledItems Folder C:\Users\kamil\AppData\Roaming\mozilla\Firefox\Profiles\gmr2j1a9.default\extensions\toolbar@ask.com\ not found. C:\Users\kamil\AppData\Roaming\Mozilla\FireFox\Profiles\gmr2j1a9.default\searchplugins\daemon-search.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-23042342-2651542211-2932212354-1003\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3134885-9ae5-11df-9e14-001377f510d9}\ not found. File F:\22yj2fy1.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3134885-9ae5-11df-9e14-001377f510d9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3134885-9ae5-11df-9e14-001377f510d9}\ not found. File F:\22yj2fy1.exe not found. ========== FILES ========== File\Folder C:\Users\kamil\AppData\Local\AskToolbar not found. C:\Users\kamil\AppData\Local\TempDDK968.html moved successfully. File\Folder C:\Users\kamil\AppData\Local\Tempylo968.html not found. C:\Users\kamil\AppData\Local\TempEP3404.html moved successfully. C:\Users\kamil\AppData\Local\TempIy5004.html moved successfully. C:\Users\kamil\AppData\Local\TempmT5472.html moved successfully. C:\Users\kamil\AppData\Local\Tempdw4684.html moved successfully. C:\Users\kamil\AppData\Local\TempzM4684.html moved successfully. C:\Users\kamil\AppData\Local\TempWX1360.html moved successfully. C:\Users\kamil\AppData\Local\TemplQ1032.html moved successfully. C:\Users\kamil\AppData\Local\TempPx3640.html moved successfully. C:\Users\kamil\AppData\Local\TemplL3640.html moved successfully. C:\Users\kamil\AppData\Local\TempDx3124.html moved successfully. C:\Users\kamil\AppData\Local\TempIh3124.html moved successfully. C:\Users\kamil\AppData\Local\Tempez1412.html moved successfully. C:\Users\kamil\AppData\Local\TempEs1412.html moved successfully. C:\Users\kamil\AppData\Local\TempBW4588.html moved successfully. C:\Users\kamil\AppData\Local\TempXp4588.html moved successfully. C:\Users\kamil\AppData\Local\Tempah3576.html moved successfully. C:\Users\kamil\AppData\Local\TemprQ3576.html moved successfully. C:\Users\kamil\AppData\Local\TempbZ3836.html moved successfully. C:\Users\kamil\AppData\Local\Tempyt3836.html moved successfully. C:\Users\kamil\AppData\Local\TempoU4032.html moved successfully. C:\Users\kamil\AppData\Local\TempAw4032.html moved successfully. C:\Users\kamil\AppData\Local\TempAi4032.html moved successfully. C:\Users\kamil\AppData\Local\TempzC3172.html moved successfully. C:\Users\kamil\AppData\Local\TempMl3172.html moved successfully. C:\Users\kamil\AppData\Local\TempFX1580.html moved successfully. C:\Users\kamil\AppData\Local\TempXI1580.html moved successfully. C:\Users\kamil\AppData\Local\TempUC1708.html moved successfully. C:\Users\kamil\AppData\Local\Tempgn1708.html moved successfully. C:\Users\kamil\AppData\Local\TemphL1708.html moved successfully. C:\Users\kamil\AppData\Local\Tempzr2748.html moved successfully. C:\Users\kamil\AppData\Local\Tempub2748.html moved successfully. C:\Users\kamil\AppData\Local\TempCC1656.html moved successfully. C:\Users\kamil\AppData\Local\TempCq1656.html moved successfully. C:\Users\kamil\AppData\Local\Tempkl2268.html moved successfully. C:\Users\kamil\AppData\Local\TempFV2268.html moved successfully. C:\Users\kamil\AppData\Local\TempQN2172.html moved successfully. C:\Users\kamil\AppData\Local\TempNT2172.html moved successfully. C:\Users\kamil\AppData\Local\TempvU2172.html moved successfully. C:\Users\kamil\AppData\Local\TempBo1592.html moved successfully. C:\Users\kamil\AppData\Local\Temppx1592.html moved successfully. C:\Users\kamil\AppData\Local\TempQP4392.html moved successfully. C:\Users\kamil\AppData\Local\TempnR4392.html moved successfully. C:\Users\kamil\AppData\Local\Tempwl4792.html moved successfully. C:\Users\kamil\AppData\Local\TempxT2044.html moved successfully. C:\Users\kamil\AppData\Local\TempjX2044.html moved successfully. C:\Users\kamil\AppData\Local\Templf4680.html moved successfully. C:\Users\kamil\AppData\Local\Tempew4680.html moved successfully. C:\Users\kamil\AppData\Local\TempWn1440.html moved successfully. C:\Users\kamil\AppData\Local\TempuO1440.html moved successfully. C:\Users\kamil\AppData\Local\TempSh2912.html moved successfully. C:\Users\kamil\AppData\Local\Tempfg2912.html moved successfully. C:\Users\kamil\AppData\Local\TempTN5868.html moved successfully. C:\Users\kamil\AppData\Local\TempPQ5868.html moved successfully. C:\Users\kamil\AppData\Local\TempCf1680.html moved successfully. C:\Users\kamil\AppData\Local\TempfL1680.html moved successfully. C:\Users\kamil\AppData\Local\TempuZ5516.html moved successfully. C:\Users\kamil\AppData\Local\TempEY5516.html moved successfully. C:\Users\kamil\AppData\Local\TempjB5988.html moved successfully. C:\Users\kamil\AppData\Local\TempVS5988.html moved successfully. C:\Users\kamil\AppData\Local\TemppO1912.html moved successfully. C:\Users\kamil\AppData\Local\Tempyu5472.html moved successfully. C:\Users\kamil\AppData\Local\TempxP5472.html moved successfully. C:\Users\kamil\AppData\Local\Tempog4168.html moved successfully. C:\Users\kamil\AppData\Local\Tempfj4168.html moved successfully. C:\Users\kamil\AppData\Local\TempCp2036.html moved successfully. C:\Users\kamil\AppData\Local\TempDw2036.html moved successfully. C:\Users\kamil\AppData\Local\TempIw5672.html moved successfully. C:\Users\kamil\AppData\Local\TempyC5672.html moved successfully. C:\Users\kamil\AppData\Local\Tempgr2452.html moved successfully. C:\Users\kamil\AppData\Local\TempLl4348.html moved successfully. C:\Users\kamil\AppData\Local\TempPI4348.html moved successfully. C:\Users\kamil\AppData\Local\TempXl1504.html moved successfully. C:\Users\kamil\AppData\Local\TempsW1504.html moved successfully. C:\Users\kamil\AppData\Local\Tempxs5152.html moved successfully. C:\Users\kamil\AppData\Local\TempfD5152.html moved successfully. C:\Users\kamil\AppData\Local\TempDq5844.html moved successfully. C:\Users\kamil\AppData\Local\TempiZ5844.html moved successfully. C:\Users\kamil\AppData\Local\TempLK5340.html moved successfully. C:\Users\kamil\AppData\Local\TempZu5340.html moved successfully. C:\Users\kamil\AppData\Local\Tempci5688.html moved successfully. C:\Users\kamil\AppData\Local\TempOy5688.html moved successfully. C:\Users\kamil\AppData\Local\TempdB1472.html moved successfully. C:\Users\kamil\AppData\Local\TempBc1472.html moved successfully. C:\Users\kamil\AppData\Local\TempLw5664.html moved successfully. C:\Users\kamil\AppData\Local\Tempww4668.html moved successfully. C:\Users\kamil\AppData\Local\TempDv4668.html moved successfully. C:\Users\kamil\AppData\Local\Tempgt3568.html moved successfully. C:\Users\kamil\AppData\Local\TempPT3568.html moved successfully. C:\Users\kamil\AppData\Local\TempmK2360.html moved successfully. C:\Users\kamil\AppData\Local\Tempki2360.html moved successfully. C:\Users\kamil\AppData\Local\TempaO1444.html moved successfully. C:\Users\kamil\AppData\Local\TempeW1444.html moved successfully. C:\Users\kamil\AppData\Local\TempPq1360.html moved successfully. C:\Users\kamil\AppData\Local\TempMK1360.html moved successfully. C:\Users\kamil\AppData\Local\TempWd2240.html moved successfully. C:\Users\kamil\AppData\Local\TempZy2240.html moved successfully. C:\Users\kamil\AppData\Local\Tempza3228.html moved successfully. C:\Users\kamil\AppData\Local\TemphE3228.html moved successfully. C:\Users\kamil\AppData\Local\TempqhU600.html moved successfully. C:\Users\kamil\AppData\Local\Temposg600.html moved successfully. C:\Users\kamil\AppData\Local\TempwK2196.html moved successfully. C:\Users\kamil\AppData\Local\Tempgq2196.html moved successfully. C:\Users\kamil\AppData\Local\Tempwj3452.html moved successfully. C:\Users\kamil\AppData\Local\TempeR3452.html moved successfully. C:\Users\kamil\AppData\Local\Temprw5876.html moved successfully. C:\Users\kamil\AppData\Local\TempRT5876.html moved successfully. C:\Users\kamil\AppData\Local\TempgP2016.html moved successfully. C:\Users\kamil\AppData\Local\Temptu2016.html moved successfully. C:\Users\kamil\AppData\Local\Tempxo4312.html moved successfully. C:\Users\kamil\AppData\Local\Tempkp4312.html moved successfully. C:\Users\kamil\AppData\Local\TempJl1692.html moved successfully. C:\Users\kamil\AppData\Local\TempWo1692.html moved successfully. C:\Users\kamil\AppData\Local\TempPi2236.html moved successfully. C:\Users\kamil\AppData\Local\TempnU2236.html moved successfully. C:\Users\kamil\AppData\Local\Templa3964.html moved successfully. C:\Users\kamil\AppData\Local\Tempho3964.html moved successfully. C:\Users\kamil\AppData\Local\TempDU2316.html moved successfully. C:\Users\kamil\AppData\Local\TempUc2316.html moved successfully. C:\Users\kamil\AppData\Local\TempkXB696.html moved successfully. C:\Users\kamil\AppData\Local\TempnTD696.html moved successfully. C:\Users\kamil\AppData\Local\TempMp4320.html moved successfully. C:\Users\kamil\AppData\Local\TempQq4320.html moved successfully. C:\Users\kamil\AppData\Local\TemppH1316.html moved successfully. C:\Users\kamil\AppData\Local\TempxH1316.html moved successfully. C:\Windows\tasks\Install.job moved successfully. C:\Users\kamil\AppData\Roaming\.# folder moved successfully. File\Folder C:\Users\kamil\AppData\Local\Temp\nodqq.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: kamil ->Temp folder emptied: 247439083 bytes ->Temporary Internet Files folder emptied: 57976787 bytes ->Java cache emptied: 687615 bytes ->FireFox cache emptied: 85847995 bytes ->Google Chrome cache emptied: 6341013 bytes ->Flash cache emptied: 70824 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 792402892 bytes RecycleBin emptied: 737 bytes Total Files Cleaned = 1 136,00 mb OTL by OldTimer - Version 3.2.10.0 log created on 08282010_014823 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] OTL [log]netsvcs msconfig safebootminimal safebootnetwork %systemdrive%\*.* /md5start agp440.sys atapi.sys beep.sys cdrom.sys ndis.sys winlogon.exe eventlog.dll /md5stop[/log] [log]OTL Extras logfile created on: 2010-08-28 01:57:25 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\kamil\Documents\download Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,05 Gb Total Space | 27,96 Gb Free Space | 40,50% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 8,78 Gb Free Space | 12,54% Space Free | Partition Type: NTFS Drive E: | 416,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KAMIL-DOM Current User Name: kamil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-23042342-2651542211-2932212354-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1E7CC823-67DF-4023-B491-C097C162A31C}" = rport=137 | protocol=17 | dir=out | app=system | "{3F63EFE9-1FBC-467C-AED3-9038D02A67B5}" = rport=139 | protocol=6 | dir=out | app=system | "{63770BFE-ED81-429B-96C5-F8DDA432119A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{7F8600B0-B9D7-4E8A-BDB3-8195D0CE0296}" = lport=138 | protocol=17 | dir=in | app=system | "{84A8ACDD-AC65-4FAF-A279-B029F0AFCF82}" = lport=445 | protocol=6 | dir=in | app=system | "{8B0BB7F6-80B9-4DF1-A238-D46C64D74188}" = rport=138 | protocol=17 | dir=out | app=system | "{90A14FA0-30DC-46B2-9722-427BDCAC6907}" = lport=139 | protocol=6 | dir=in | app=system | "{9CC21560-7B15-4D44-97CA-70C7E421B3FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B0CD9D42-A248-431B-9C54-39EACB788FB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BDCA7BEC-289B-4C6E-8019-5404B674D3ED}" = lport=137 | protocol=17 | dir=in | app=system | "{BF585DB2-F59B-40B8-87D4-6DAEA8EBDFA1}" = rport=445 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0181D501-0AB2-4A74-9B1A-9FF49BB44583}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{03279F81-5F12-4DB0-8E8F-0B8C20495C1D}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{0A5CCF83-E8E3-4E9C-BD3C-C2F33210947A}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{0CB4F52E-99EE-46E0-8F91-3083829FA1C7}" = protocol=6 | dir=in | app=d:\gry\bitwa o śródziemie\game.dat | "{21DBA5F2-D64B-4C9D-9B4F-60BCD9E28B90}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{2467551C-7C83-4DEF-85E9-CFD85238D7FB}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{24F2CAB8-9A99-4355-8A67-C50E39EF4E94}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{2C7AC75B-5BEA-4BC6-B993-6091C7F2757D}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2main.exe | "{2D4543C6-3D19-4103-BA08-CC609F74AB4C}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2editor.exe | "{2E074510-7277-448B-8EA6-C51A118A75CF}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2main_amdxp.exe | "{2F2A37EF-1038-448C-9CB4-E7DC634322B8}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2launcher.exe | "{371B1AE5-DB60-401F-B72E-50BCFAD6391F}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{3E3E907F-825E-44BA-9983-44DECD2B8DBA}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2server.exe | "{45263860-59F6-452D-88DA-42DE6B20E559}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{45E21BF7-A367-4185-9184-FCED477BE90D}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\farcry2.exe | "{48905CAF-416F-45DE-AE8C-D530120A7C97}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2server.exe | "{5B9407A0-28A5-40DD-AE59-A3682B8AA93C}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwn2main_amdxp.exe | "{5DBA5E8E-0A10-4D20-A790-6B13B49E9CF7}" = protocol=17 | dir=in | app=d:\gry\steam\steam.exe | "{6291B4E1-DC5B-44EB-94AE-02ABC7E2EE0B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{62C95CE5-A8A5-44CF-8D22-93507C352542}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{66236857-667E-44B5-876E-BF7B71B8492F}" = protocol=6 | dir=in | app=d:\gry\steam\steam.exe | "{6C7657B3-185F-4A92-B4DE-8B0CB24FB694}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{78737741-9D19-4BAE-A65D-E2358B39EA26}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8098A976-B884-4597-89DB-4259AD1B9967}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8260E1F9-1531-4AC4-96E0-50EFFDF6292D}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "{908D642A-230B-4B33-9F55-DB89794C7AAA}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwn2main.exe | "{91C1A158-AD80-42FB-AD47-CE3DCA15F91D}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2editor.exe | "{93ECE2A4-A0EA-4466-8B47-29AE9E08CDAB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AEE12F3A-308C-4FE5-8125-82E3C35A1705}" = protocol=17 | dir=in | app=d:\gry\nvn2\nwupdate.exe | "{B0C40A01-D221-4196-9149-45C0201C2B9E}" = protocol=6 | dir=in | app=d:\gry\nvn2\nwupdate.exe | "{B1A58899-0ED4-4AC4-A95B-B1D84C63D937}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{B2E905EE-FFDA-4D89-A34F-E2DA465A029B}" = protocol=6 | dir=in | app=d:\gry\far cry2\far cry 2\bin\fc2launcher.exe | "{BE56C866-B359-470C-9694-ADBC2C873212}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{CA258FF5-ED95-4DF2-9455-480FFA0E1169}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{CC4D6F54-E850-49AA-8603-BC59E807481B}" = protocol=17 | dir=in | app=d:\gry\bitwa o śródziemie\game.dat | "{CCF1F04F-0E00-42FE-9BE8-ADDA7EC798F8}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | "{D3437876-83C3-4008-A7E0-587D0C187A35}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{E8FB2136-D53A-4463-938E-7DCFF2BA1E21}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EBA2273C-ED57-4D8C-B171-B02F5408B24D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{ED840BBA-2C36-4525-8108-669551CD368E}" = protocol=17 | dir=in | app=d:\gry\far cry2\far cry 2\bin\farcry2.exe | "{F41D6D52-2075-42F3-9A9C-A48A84B3B174}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\hyper1pl\counter-strike\hl.exe | "TCP Query User{15BAD523-BABE-482C-86E0-7FC354A0DCD4}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "TCP Query User{22A52C38-1EBD-4A34-83B4-897217788B32}D:\gry\puzzle quest\puzzle quest.exe" = protocol=6 | dir=in | app=d:\gry\puzzle quest\puzzle quest.exe | "TCP Query User{248EA3D1-E41F-4F89-BF3B-94A23D76A6F4}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "TCP Query User{3615DAC5-6A82-4855-B75B-BE477DC2604A}D:\gry\baboviolent 2\bv2.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "TCP Query User{5E4EB950-208A-4163-9DB1-501C64044FCD}D:\gry\metin priv\mcmetinpro.exe" = protocol=6 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "TCP Query User{791A6F76-2C7A-4DDC-9E37-48933972DEB0}D:\gry\evil islands\game.exe" = protocol=6 | dir=in | app=d:\gry\evil islands\game.exe | "TCP Query User{B3E2C763-F1C7-4D5F-AE64-51813CE7FB4F}D:\gry\baboviolent 2\bv2.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "TCP Query User{C7DD2C2C-1507-4FC0-A4E9-242DA0AE3BFC}D:\gry\evil islands\game.exe" = protocol=6 | dir=in | app=d:\gry\evil islands\game.exe | "TCP Query User{C88AC836-914B-487D-BC83-B9C3870C51CD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{CB6257FE-7E86-4881-BC48-E56866F1AC4E}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "TCP Query User{CB9A6DBF-34B9-4C8C-9192-02E495980561}D:\gry\metin priv\mcmetinpro.exe" = protocol=6 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "TCP Query User{D12ED84E-A828-4F71-9257-00E39EC958C4}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "TCP Query User{D3D1329C-9AAB-4F9A-A754-A30374230087}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{EC02B774-4031-4F48-8E07-1AA930D12FBB}D:\gry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe | "TCP Query User{ECA9F7DF-FCFF-454B-8E0B-8D3F1BEDE6CD}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "TCP Query User{FB8C8DA7-7078-412B-9B99-66B547E859D2}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=6 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "TCP Query User{FCED68DF-798E-49FC-91A3-C03BD19E11E5}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{108A7D64-FA61-4015-852D-FA6ACCCF1507}D:\gry\evil islands\game.exe" = protocol=17 | dir=in | app=d:\gry\evil islands\game.exe | "UDP Query User{1E7BB258-9CF7-4BD1-B38C-A2B520434C57}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{3409B93B-A763-4459-86DF-1171A5BE4A6F}D:\gry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe | "UDP Query User{40A0D05A-539C-4F75-A0B2-D45F235E1AF5}D:\gry\baboviolent 2\bv2.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "UDP Query User{60176350-23D1-4897-AE53-E594053EE9B1}D:\gry\baboviolent 2\bv2.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2.exe | "UDP Query User{6283023B-B287-498B-B539-7215D316C4F7}D:\gry\metin priv\mcmetinpro.exe" = protocol=17 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "UDP Query User{64A17349-B903-40CA-937B-7E4915F4CE70}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{74055167-4664-4A1A-AE27-881BBC91C4CC}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | "UDP Query User{7F7D4B8B-3082-4D60-B5C2-D8FBFFD16DFA}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "UDP Query User{984DAE58-AAF6-4D29-AEB0-05A5A4428A42}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{A92A64BC-A28A-4DB0-B814-C009560DB30B}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "UDP Query User{AB0B3906-304A-4057-930A-9CCAA73BD308}C:\users\kamil\desktop\metin 2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2client.bin | "UDP Query User{B58B9CD4-BF3B-4B40-B648-F65E452B7187}D:\gry\evil islands\game.exe" = protocol=17 | dir=in | app=d:\gry\evil islands\game.exe | "UDP Query User{C39B02C7-13D9-4FEE-A4D2-4AEC0B3B56D3}D:\gry\metin priv\mcmetinpro.exe" = protocol=17 | dir=in | app=d:\gry\metin priv\mcmetinpro.exe | "UDP Query User{D096DDFD-B8DB-4FCB-B421-C08BC7CEC544}D:\gry\baboviolent 2\bv2 proclient\bv2p.exe" = protocol=17 | dir=in | app=d:\gry\baboviolent 2\bv2 proclient\bv2p.exe | "UDP Query User{E3B0EEDC-7D06-4805-803F-E906837B7CEA}D:\gry\puzzle quest\puzzle quest.exe" = protocol=17 | dir=in | app=d:\gry\puzzle quest\puzzle quest.exe | "UDP Query User{E660E2EE-B5EE-4DCC-BD53-2A718D4B7540}C:\users\kamil\desktop\metin 2\metin2.bin" = protocol=17 | dir=in | app=c:\users\kamil\desktop\metin 2\metin2.bin | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1 "{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{1021878C-B14A-4A55-9D6E-E0603455C2F4}_is1" = BV2 ProClient 2.0 "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{385FB7F2-C398-4A91-93DE-188977864AB0}" = ZMU2010SMALL R3 "{3C2F83D3-3F75-4920-8E23-23A9FBADB35D}" = Microsoft Antimalware Service PL-PL Language Pack "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager z dodatkiem SP2 dla programu Outlook 2007 "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7EE9145D-C430-44E6-B5ED-61FF9C332100}_is1" = Battle of the Immortals "{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{88C68165-3C92-11D5-B95D-00E07D97B508}" = Evil Islands "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81 "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}" = MSN Messenger 7.0 "{AC76BA86-7AD7-1045-7B44-A80000000000}" = Adobe Reader 8 - Polish "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DD401D5B-35E2-4EA4-8585-4A44CB2DCC78}" = Jade Empire "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin Edycja Rozszerzona "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems HDA Modem "Agnitum Outpost Firewall_is1" = Outpost Firewall 2009 "A-Mind" = Absolute Mastermind v1.4 "AP Tuner 3.08" = AP Tuner 3.08 "Audacity 1.3 Beta_is1" = Audacity 1.3.0 "Business Contact Manager" = Business Contact Manager z dodatkiem SP2 dla programu Outlook 2007 "Critical Damage_is1" = Critical Damage "Diablo II" = Diablo II "FarmingSimulator2009PL_is1" = Symulator-Farmy 2009 "FastStone Photo Resizer" = FastStone Photo Resizer 2.5 "Gadu-Gadu 10" = Gadu-Gadu 10 "Google Chrome" = Google Chrome "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "ipla" = ipla 2.1.2 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Standard) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NeroShowTime!UninstallKey" = Nero ShowTime CE "Niezbędnik CD_is1" = Niezbędnik CD "NVIDIA Drivers" = NVIDIA Drivers "Odyssee" = Odyseja "OpenAL" = OpenAL "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "PunkBusterSvc" = PunkBuster Services "PuzzleQuest_is1" = Puzzle Quest "RealAlt_is1" = Real Alternative 2.0.2 "Septerra Core PL" = Septerra Core PL "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "Steam App 10" = Counter-Strike "SynTPDeinstKey" = Synaptics Pointing Device Driver "TmNationsForever_is1" = TmNationsForever "uTorrent" = µTorrent "WinGimp-2.0_is1" = GIMP 2.6.10 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-12 06:33:08 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-12 15:29:43 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-13 05:59:16 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-13 08:10:40 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 03:19:36 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 03:46:26 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 08:10:17 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-14 16:11:42 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-15 04:57:08 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = Error - 2010-08-15 09:59:11 | Computer Name = Kamil-dom | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2010-08-01 17:41:27 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:41:27 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:43:28 | Computer Name = Kamil-dom | Source = HTTP | ID = 15016 Description = Error - 2010-08-01 17:44:22 | Computer Name = Kamil-dom | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-08-01 17:45:04 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-01 17:45:04 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-02 05:00:59 | Computer Name = Kamil-dom | Source = HTTP | ID = 15016 Description = Error - 2010-08-02 05:01:51 | Computer Name = Kamil-dom | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-08-02 05:02:34 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = Error - 2010-08-02 05:02:34 | Computer Name = Kamil-dom | Source = Service Control Manager | ID = 7000 Description = < End of report > [/log]RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by kamil at 2010-08-28 02:08:54 Microsoft® Windows Vista™ Home Basic Service Pack 1 System drive C: has 29 GB (41%) free of 71 GB Total RAM: 2042 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 02:09:10, on 2010-08-28 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18498) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Windows\notepad.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\kamil\Documents\download\OTL.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Windows\notepad.exe C:\Windows\notepad.exe C:\Users\kamil\Documents\download\RSIT.exe C:\Program Files\trend micro\kamil.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=CriticalDamage&utm_medium=start R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [Steam] "D:\Gry\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6281 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{3982A897-C764-48B3-90D3-5CE2FC2D8A19}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-09 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"=D:\Gry\Steam\Steam.exe [2010-08-24 1242448] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-07-22 12477024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-02-02 14252952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-22 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-22 734872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0xFFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-08-28 01:48:23 ----D---- C:\_OTL 2010-08-28 01:44:42 ----RASHD---- C:\autorun.inf 2010-08-27 21:57:41 ----D---- C:\Program Files\trend micro 2010-08-27 21:57:38 ----D---- C:\rsit 2010-08-19 19:55:18 ----D---- C:\Program Files\IrfanView 2010-08-19 19:40:39 ----D---- C:\Users\kamil\AppData\Roaming\FastStone 2010-08-19 19:40:30 ----D---- C:\Program Files\FastStone Photo Resizer 2010-08-19 14:01:51 ----D---- C:\Program Files\Common Files\Skype 2010-08-18 10:54:00 ----D---- C:\Users\kamil\AppData\Roaming\gtk-2.0 2010-08-18 09:44:48 ----D---- C:\Program Files\GIMP-2.0 2010-08-17 21:55:00 ----RD---- C:\Program Files\Skype 2010-08-17 21:37:55 ----D---- C:\Program Files\Google 2010-08-17 13:20:28 ----A---- C:\Windows\Uninstall Jade Empire.exe 2010-08-11 13:16:18 ----A---- C:\Windows\system32\iccvid.dll 2010-08-11 13:16:11 ----A---- C:\Windows\system32\schannel.dll 2010-08-11 13:16:04 ----A---- C:\Windows\system32\mshtml.dll 2010-08-11 13:16:04 ----A---- C:\Windows\system32\ieapfltr.dll 2010-08-11 13:16:01 ----A---- C:\Windows\system32\urlmon.dll 2010-08-11 13:16:01 ----A---- C:\Windows\system32\ieframe.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\wininet.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\mstime.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\mshtmled.dll 2010-08-11 13:15:59 ----A---- C:\Windows\system32\ieaksie.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\occache.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\msfeeds.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\jsproxy.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iertutil.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iepeers.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\ieencode.dll 2010-08-11 13:15:58 ----A---- C:\Windows\system32\iedkcs32.dll 2010-08-11 13:15:53 ----A---- C:\Windows\system32\win32k.sys 2010-08-11 13:15:51 ----A---- C:\Windows\system32\rtutils.dll 2010-08-11 13:15:47 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-08-11 13:15:47 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-08-11 13:15:43 ----A---- C:\Windows\system32\msxml3.dll 2010-08-11 13:15:40 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-08-11 13:15:40 ----A---- C:\Windows\system32\drivers\srv.sys 2010-08-11 13:15:37 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-08-04 14:10:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-08-04 14:10:05 ----A---- C:\Windows\system32\PresentationHost.exe 2010-08-04 14:10:05 ----A---- C:\Windows\system32\netfxperf.dll 2010-08-04 14:10:05 ----A---- C:\Windows\system32\mscoree.dll 2010-08-04 14:10:04 ----A---- C:\Windows\system32\dfshim.dll 2010-08-04 14:06:27 ----D---- C:\Windows\SQL9_KB970892_ENU 2010-08-03 14:25:29 ----A---- C:\Windows\system32\winhttp.dll 2010-08-03 14:25:19 ----A---- C:\Windows\system32\drivers\http.sys 2010-08-03 14:25:18 ----A---- C:\Windows\system32\nshhttp.dll 2010-08-03 14:25:18 ----A---- C:\Windows\system32\httpapi.dll 2010-08-03 14:24:52 ----A---- C:\Windows\system32\shell32.dll 2010-08-02 11:47:12 ----A---- C:\Windows\system32\browserchoice.exe 2010-08-02 11:20:49 ----A---- C:\Windows\system32\infocardapi.dll 2010-08-02 11:20:48 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-08-02 11:20:46 ----A---- C:\Windows\system32\icardagt.exe 2010-08-02 11:20:45 ----A---- C:\Windows\system32\icardres.dll 2010-08-02 11:20:42 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-08-02 11:11:08 ----A---- C:\Windows\system32\mscorier.dll 2010-08-02 11:10:44 ----A---- C:\Windows\system32\mscories.dll 2010-08-01 12:29:05 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-08-01 12:29:00 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-08-01 12:28:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-08-01 11:40:03 ----A---- C:\Windows\system32\t2embed.dll 2010-08-01 11:39:59 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-08-01 11:39:56 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-08-01 11:39:51 ----A---- C:\Windows\system32\msxml6.dll 2010-08-01 11:39:46 ----A---- C:\Windows\system32\wlanmsm.dll 2010-08-01 11:39:46 ----A---- C:\Windows\system32\L2SecHC.dll 2010-08-01 11:39:45 ----A---- C:\Windows\system32\wlansvc.dll 2010-08-01 11:39:45 ----A---- C:\Windows\system32\wlansec.dll 2010-08-01 11:39:30 ----A---- C:\Windows\system32\netiohlp.dll 2010-08-01 11:39:29 ----A---- C:\Windows\system32\NETSTAT.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\TCPSVCS.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\MRINFO.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\HOSTNAME.EXE 2010-08-01 11:39:28 ----A---- C:\Windows\system32\finger.exe 2010-08-01 11:39:28 ----A---- C:\Windows\system32\ARP.EXE 2010-08-01 11:39:27 ----A---- C:\Windows\system32\ROUTE.EXE 2010-08-01 11:39:26 ----A---- C:\Windows\system32\netevent.dll 2010-08-01 11:38:44 ----A---- C:\Windows\system32\msv1_0.dll 2010-08-01 11:38:37 ----A---- C:\Windows\system32\inetcomm.dll 2010-08-01 11:38:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2010-08-01 11:38:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2010-08-01 11:38:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2010-08-01 11:38:26 ----A---- C:\Windows\system32\pacerprf.dll 2010-08-01 11:38:26 ----A---- C:\Windows\system32\drivers\pacer.sys 2010-08-01 11:38:21 ----A---- C:\Windows\system32\WMVCORE.DLL 2010-08-01 11:38:19 ----A---- C:\Windows\system32\mf.dll 2010-08-01 11:37:54 ----A---- C:\Windows\system32\asycfilt.dll 2010-08-01 11:37:52 ----A---- C:\Windows\system32\vbscript.dll 2010-08-01 11:37:50 ----A---- C:\Windows\system32\atl.dll 2010-08-01 11:37:48 ----A---- C:\Windows\system32\gdi32.dll 2010-08-01 11:37:39 ----A---- C:\Windows\system32\tzres.dll 2010-08-01 11:37:18 ----A---- C:\Windows\system32\xolehlp.dll 2010-08-01 11:37:18 ----A---- C:\Windows\system32\msdtcprx.dll 2010-08-01 11:37:16 ----A---- C:\Windows\system32\es.dll 2010-08-01 11:37:12 ----A---- C:\Windows\system32\mstscax.dll 2010-08-01 11:37:09 ----A---- C:\Windows\system32\wkssvc.dll 2010-08-01 11:37:07 ----A---- C:\Windows\system32\wmpeffects.dll 2010-08-01 11:37:03 ----A---- C:\Windows\system32\netapi32.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\fontsub.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\dciman32.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\atmlib.dll 2010-08-01 11:37:01 ----A---- C:\Windows\system32\atmfd.dll 2010-08-01 11:36:30 ----A---- C:\Windows\system32\localspl.dll 2010-08-01 11:36:27 ----A---- C:\Windows\explorer.exe 2010-08-01 11:36:23 ----A---- C:\Windows\system32\kerberos.dll 2010-08-01 11:36:22 ----A---- C:\Windows\system32\wdigest.dll 2010-08-01 11:36:21 ----A---- C:\Windows\system32\lsasrv.dll 2010-08-01 11:36:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2010-08-01 11:36:20 ----A---- C:\Windows\system32\secur32.dll 2010-08-01 11:36:20 ----A---- C:\Windows\system32\lsass.exe 2010-08-01 11:36:05 ----A---- C:\Windows\system32\rpcss.dll 2010-08-01 11:36:03 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-08-01 11:36:01 ----A---- C:\Windows\system32\sdohlp.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\iasrecst.dll 2010-08-01 11:36:01 ----A---- C:\Windows\system32\iasdatastore.dll 2010-08-01 11:36:00 ----A---- C:\Windows\system32\iashost.exe 2010-08-01 11:36:00 ----A---- C:\Windows\system32\iasads.dll 2010-08-01 11:35:51 ----A---- C:\Windows\system32\jscript.dll 2010-08-01 11:35:45 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-08-01 11:35:45 ----A---- C:\Windows\system32\drivers\tunnel.sys 2010-08-01 11:35:28 ----A---- C:\Windows\system32\ieUnatt.exe 2010-08-01 11:35:20 ----A---- C:\Windows\system32\quartz.dll 2010-08-01 11:35:12 ----A---- C:\Windows\system32\kernel32.dll 2010-08-01 11:35:11 ----A---- C:\Windows\system32\apilogen.dll 2010-08-01 11:35:11 ----A---- C:\Windows\system32\amxread.dll 2010-08-01 11:35:07 ----A---- C:\Windows\system32\win32spl.dll 2010-08-01 11:35:05 ----A---- C:\Windows\system32\emdmgmt.dll 2010-08-01 11:35:05 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-08-01 11:35:04 ----A---- C:\Windows\system32\dataclen.dll 2010-08-01 11:35:04 ----A---- C:\Windows\system32\cdd.dll 2010-08-01 11:35:01 ----A---- C:\Windows\system32\drivers\rmcast.sys 2010-08-01 11:34:53 ----A---- C:\Windows\system32\wmp.dll 2010-08-01 11:34:51 ----A---- C:\Windows\system32\wmpdxm.dll 2010-08-01 11:34:49 ----A---- C:\Windows\system32\spwmp.dll 2010-08-01 11:34:48 ----A---- C:\Windows\system32\dxmasf.dll 2010-08-01 11:34:47 ----A---- C:\Windows\system32\wmploc.DLL 2010-08-01 11:34:37 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-08-01 11:34:36 ----A---- C:\Windows\system32\logagent.exe 2010-08-01 11:34:33 ----A---- C:\Windows\system32\wshext.dll 2010-08-01 11:34:33 ----A---- C:\Windows\system32\wscript.exe 2010-08-01 11:34:32 ----A---- C:\Windows\system32\scrrun.dll 2010-08-01 11:34:32 ----A---- C:\Windows\system32\scrobj.dll 2010-08-01 11:34:32 ----A---- C:\Windows\system32\cscript.exe 2010-08-01 11:34:29 ----A---- C:\Windows\system32\msasn1.dll 2010-08-01 11:34:17 ----A---- C:\Windows\system32\rpcrt4.dll 2010-08-01 11:34:13 ----A---- C:\Windows\system32\rastls.dll 2010-08-01 11:34:13 ----A---- C:\Windows\system32\raschap.dll 2010-08-01 11:34:09 ----A---- C:\Windows\system32\WSDApi.dll 2010-08-01 11:34:00 ----A---- C:\Windows\system32\msvidc32.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\tsbyuv.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\msyuv.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\msrle32.dll 2010-08-01 11:33:59 ----A---- C:\Windows\system32\iyuv_32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\mciavi32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\avifil32.dll 2010-08-01 11:33:58 ----A---- C:\Windows\system32\avicap32.dll 2010-08-01 11:33:57 ----A---- C:\Windows\system32\msvfw32.dll 2010-08-01 11:29:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2010-08-01 10:57:06 ----A---- C:\Windows\system32\wintrust.dll 2010-08-01 10:57:00 ----A---- C:\Windows\system32\cabview.dll 2010-08-01 10:52:31 ----N---- C:\Windows\system32\MpSigStub.exe 2010-08-01 10:40:25 ----A---- C:\Windows\system32\wups2.dll 2010-08-01 10:40:25 ----A---- C:\Windows\system32\wuauclt.exe 2010-08-01 10:40:24 ----A---- C:\Windows\system32\wucltux.dll 2010-08-01 10:40:24 ----A---- C:\Windows\system32\wuaueng.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wups.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wudriver.dll 2010-08-01 10:40:09 ----A---- C:\Windows\system32\wuapi.dll 2010-08-01 10:40:00 ----A---- C:\Windows\system32\wuwebv.dll 2010-08-01 10:40:00 ----A---- C:\Windows\system32\wuapp.exe 2010-08-01 10:39:11 ----D---- C:\Program Files\Microsoft Security Essentials 2010-07-31 21:14:02 ----D---- C:\Program Files\MSN Messenger 2010-07-30 13:30:43 ----D---- C:\Program Files\Microsoft Silverlight 2010-07-30 09:00:54 ----D---- C:\Program Files\uTorrent 2010-07-30 08:59:55 ----D---- C:\Users\kamil\AppData\Roaming\uTorrent ======List of files/folders modified in the last 1 months====== 2010-08-28 02:08:49 ----D---- C:\Windows\Temp 2010-08-28 02:05:38 ----SHD---- C:\System Volume Information 2010-08-28 01:49:41 ----D---- C:\Windows 2010-08-28 01:48:36 ----D---- C:\Windows\Tasks 2010-08-28 01:48:25 ----D---- C:\Users\kamil\AppData\Roaming\Skype 2010-08-28 01:40:43 ----RD---- C:\Program Files 2010-08-28 01:39:26 ----SHD---- C:\Windows\Installer 2010-08-28 00:03:05 ----D---- C:\Users\kamil\AppData\Roaming\skypePM 2010-08-25 13:37:04 ----D---- C:\Program Files\Common Files\Steam 2010-08-24 13:14:28 ----RSD---- C:\Windows\assembly 2010-08-24 12:41:31 ----HD---- C:\Program Files\InstallShield Installation Information 2010-08-19 14:02:01 ----D---- C:\Windows\system32\Tasks 2010-08-19 14:01:51 ----D---- C:\Program Files\Common Files 2010-08-19 14:01:44 ----D---- C:\ProgramData\Skype 2010-08-19 12:04:23 ----D---- C:\Windows\Prefetch 2010-08-18 00:46:05 ----SD---- C:\Users\kamil\AppData\Roaming\Microsoft 2010-08-17 23:37:25 ----D---- C:\Windows\System32 2010-08-17 23:37:25 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-17 23:37:24 ----D---- C:\Windows\inf 2010-08-16 09:09:34 ----D---- C:\Windows\system32\catroot2 2010-08-12 21:34:49 ----D---- C:\Windows\Microsoft.NET 2010-08-12 12:52:57 ----D---- C:\Program Files\Internet Explorer 2010-08-12 12:52:54 ----D---- C:\Program Files\Movie Maker 2010-08-12 12:52:52 ----D---- C:\Windows\system32\drivers 2010-08-12 12:47:10 ----D---- C:\Windows\winsxs 2010-08-12 12:42:25 ----D---- C:\ProgramData\Microsoft Help 2010-08-12 12:40:00 ----D---- C:\Windows\system32\catroot 2010-08-08 23:35:13 ----D---- C:\Windows\system32\WDI 2010-08-04 15:00:32 ----D---- C:\Windows\rescache 2010-08-04 14:36:46 ----D---- C:\Windows\system32\wbem 2010-08-04 14:36:45 ----D---- C:\Windows\system32\pl-PL 2010-08-04 14:36:45 ----D---- C:\Windows\system32\drivers\pl-PL 2010-08-04 14:07:14 ----D---- C:\Program Files\Microsoft SQL Server 2010-08-02 12:44:47 ----D---- C:\Program Files\Windows Mail 2010-08-02 12:44:40 ----D---- C:\Windows\system32\manifeststore 2010-08-02 12:44:40 ----D---- C:\Windows\AppPatch 2010-08-02 12:44:39 ----D---- C:\Program Files\Windows Media Player 2010-08-02 12:44:35 ----D---- C:\Windows\system32\XPSViewer 2010-08-02 12:44:35 ----D---- C:\Windows\system32\en-US 2010-08-02 11:44:00 ----RSD---- C:\Windows\Fonts 2010-08-02 11:43:51 ----D---- C:\Program Files\Common Files\microsoft shared 2010-08-02 11:43:26 ----D---- C:\Program Files\Microsoft Works 2010-08-02 11:41:45 ----A---- C:\Windows\win.ini 2010-08-02 11:36:21 ----D---- C:\Windows\Registration 2010-08-02 11:07:10 ----D---- C:\Windows\SoftwareDistribution 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntfNT.dll 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntf32.dll 2010-08-01 11:55:12 ----AT---- C:\Windows\system32\SIntf16.dll 2010-08-01 10:39:26 ----SD---- C:\ProgramData\Microsoft 2010-08-01 10:33:44 ----HD---- C:\ProgramData 2010-08-01 09:34:23 ----D---- C:\Users\kamil\AppData\Roaming\Gadu-Gadu 10 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-16 318488] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-27 691696] R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216] R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 7522624] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456] R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\Windows\System32\Drivers\e4ldr.sys [2007-01-04 69656] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Urz1dzenie dYwiekowe Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\Windows\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 LLRING0;LLRING0; \??\D:\Gry\Zypher\zhypermu small r3\MuGuard\llck2.sys [2010-07-22 5120] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-25 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-05-31 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-05-31 107832] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-17 136176] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-02 3594440] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-24 407336] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] -----------------EOF----------------- [/log]Chcę dodać też, od razu po wykasowaniu DT i przeprowadzeniu operacji, które poleciłeś komputer zrestartował się błyskawicznie. Zawsze wyłączał się w przeciągu 30 min, teraz jest to jakieś 20 sekund. Dziękuje serdecznie za pomoc, mam nadzieję, że teraz jest wszystko w porządku
Tomek01 komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 Dlatego, że jest infekcja z mediów przenośnych. Teraz jest ok. W OTL zastosuj opcję Clean Up.
hyper1pl komentarz 30 sierpnia 2010 Autor komentarz 30 sierpnia 2010 Dziękuję bardzo za pomoc Już myślałem, że będę musiał znów zrobić format. Dzięki wielkie jeszcze raz
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.