Pastorek utworzono 26 sierpnia 2010 utworzono 26 sierpnia 2010 Witam, Mam poważny kłopot z moim Notebookiem, niestety nie orientuje się w sprzęcie na tyle żeby móc dokładnie określić kłopot jaki wystąpił. Jednak po naświetleniu Wam tego mojego wrzoda może uda się coś na całą tą sprawę poradzić. Połączenie z internetem za pomocą mobilnego internetu PLAY działa jak zawsze a przynajmniej działało do godziny 14/15 kiedy to wyskoczył krytyczny błąd i nie mogłem w żaden sposób połączyć się ze światem. Wracając jednak do sieci WiFi otóż problem wygląda następująco: wykrywa sieć, wpisuje hasło za każdym razem(coś nowego, bo jak do tej pory wystarczyło raz i później już sam się łączył z preferowaną siecią automatycznie), wszystko idzie pięknie, wspaniale aż do momentu pobierania klucza sieciowego... potrafię czekać godzinę i więcej a on nawet nie zbliża się do połączenia z czymkolwiek. Jedyną nadzieją jest PLAY ale jak 1mb/s ma mi zastąpić 8?? No i jak można funkcjonować na kompie, który podczas wykładów czy konwersatoriów potrafi zerwać połączenie z internetem?? Proszę o pomoc. Czy jest to usterka wymagająca oddania go do Serwisu?? Jest zawirusowany?? Trzeba go sformatować i postawić system jeszcze raz?? Zwykła aktualizacja sterownika?? A może macie na to jakieś inne teorie?? Jeśli to coś pomoże to karta sieciowa to Atheros AR5007EG Wireless Network Adapter sterownik 7.6.1.149 Za każdą pomoc będę wielce wdzięczny:) Pozdrawiam.
Tomek01 komentarz 26 sierpnia 2010 komentarz 26 sierpnia 2010 Ja mogę jedynie wykluczyć lub potwierdzić obecność wirusa. Tak więc skoro już tu trafiłeś wrzuć logi OTL i RSIT wstawiając je w tagi. Info w temacie przyklejonym: [u]Tworzenie logów OTL i RSIT.[/u]
Pastorek komentarz 26 sierpnia 2010 Autor komentarz 26 sierpnia 2010 OTL[log]OTL logfile created on: 2010-08-26 20:32:18 - Run 1 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 323,00 Mb Available Physical Memory | 32,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,15 Gb Total Space | 49,31 Gb Free Space | 63,09% Space Free | Partition Type: NTFS Drive D: | 70,87 Gb Total Space | 24,72 Gb Free Space | 34,89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZLOMTOTALNY Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: LanmanServer - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe File not found MsConfig - StartUpReg: [b]Alcmtr[/b] - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]MsnMsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Netlogon - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Browser - Service SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: LanmanServer - Service SafeBootNet: LanmanWorkstation - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOS - Service SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Netlogon - Service SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: NtLmSsp - Service SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%*.* >[/color] [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-25 23:29:14 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-08-26 08:22:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log] RSIT log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Ja at 2010-08-26 20:39:44 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 50 GB (63%) free of 80 GB Total RAM: 1015 MB (33% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:40:04, on 2010-08-26 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG9\avgscanx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Ja.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\Gadu-Gadu\SRSSSC.exe" /hideme O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe" O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: SuperHybridEngine.lnk = ? O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000337&p=ZUman000&si=&a=vbmNorVPkHu83HS2PmIzHA&n=2010032212 O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{33C6FAA2-AA56-4922-9FF4-3BE236816D9B}: NameServer = 89.108.195.20 89.108.195.21 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 8178 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-185965860-3410148182-2907495345-1006.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-185965860-3410148182-2907495345-1006.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-28 341600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-23 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-10-16 1119488] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-01-23 416768] "AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-12-04 114688] "AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-12-17 622592] "AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-11-12 98304] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-11-12 114688] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-11-12 94208] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-14 17508864] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-18 2065760] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-28 202256] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ares"=C:\Program Files\Ares\Ares.exe -h [] "ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2010-03-24 1432064] "SRS Audio Sandbox"=C:\Program Files\Gadu-Gadu\SRSSSC.exe /hideme [] "Mobile Partner"=C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe [2010-03-17 114688] "RegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2010-07-18 12536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-11-12 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-15 239616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Communicator" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath " [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ======List of files/folders created in the last 1 months====== 2010-08-26 20:39:46 ----D---- C:\Program Files\trend micro 2010-08-26 20:39:44 ----D---- C:\rsit 2010-08-23 16:12:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #4.txt 2010-08-21 11:25:45 ----D---- C:\Documents and Settings\Ja\Dane aplikacji\vlc 2010-08-20 19:29:20 ----D---- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue 2010-08-16 09:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$ 2010-08-16 09:56:55 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2010-08-16 09:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$ 2010-08-16 09:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$ 2010-08-16 09:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$ 2010-08-16 09:53:39 ----SHD---- C:\Config.Msi 2010-08-16 09:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$ 2010-08-16 09:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$ 2010-08-16 09:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-08-16 09:46:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2010-08-12 13:54:40 ----A---- C:\WINDOWS\ntbtlog.txt 2010-08-10 22:06:43 ----SHD---- C:\found.000 2010-08-08 20:03:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-08-02 13:53:21 ----D---- C:\Program Files\Strategy First 2010-07-31 16:44:15 ----AT---- C:\WINDOWS\system32\SIntfNT.dll 2010-07-31 16:44:15 ----AT---- C:\WINDOWS\system32\SIntf32.dll 2010-07-31 16:44:15 ----AT---- C:\WINDOWS\system32\SIntf16.dll 2010-07-31 16:34:40 ----D---- C:\Program Files\DAEMON Tools Lite 2010-07-28 07:44:00 ----D---- C:\Program Files\Konnekt 2010-07-27 18:01:05 ----A---- C:\WINDOWS\RtlUpd.exe ======List of files/folders modified in the last 1 months====== 2010-08-26 20:39:46 ----RD---- C:\Program Files 2010-08-26 20:27:11 ----D---- C:\WINDOWS\Prefetch 2010-08-26 20:05:28 ----D---- C:\WINDOWS\system32\CatRoot2 2010-08-26 17:20:57 ----D---- C:\WINDOWS\Temp 2010-08-26 17:20:46 ----D---- C:\WINDOWS\system32\drivers\Avg 2010-08-26 16:31:05 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2010-08-24 23:37:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-08-24 23:37:07 ----SD---- C:\WINDOWS\Tasks 2010-08-23 16:12:18 ----D---- C:\WINDOWS 2010-08-20 23:23:13 ----D---- C:\WINDOWS\security 2010-08-20 19:42:51 ----D---- C:\WINDOWS\system32 2010-08-20 19:42:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-08-20 19:07:35 ----HD---- C:\WINDOWS\inf 2010-08-20 10:26:56 ----SHD---- C:\WINDOWS\Installer 2010-08-16 10:11:02 ----RSD---- C:\WINDOWS\assembly 2010-08-16 10:03:05 ----D---- C:\WINDOWS\Microsoft.NET 2010-08-16 09:57:21 ----A---- C:\WINDOWS\imsins.BAK 2010-08-16 09:57:18 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-08-16 09:56:57 ----D---- C:\WINDOWS\system32\drivers 2010-08-16 09:56:54 ----HD---- C:\WINDOWS\$hf_mig$ 2010-08-16 09:56:36 ----D---- C:\Program Files\Microsoft Works 2010-08-16 09:54:46 ----D---- C:\WINDOWS\WinSxS 2010-08-16 09:46:44 ----D---- C:\Program Files\Movie Maker 2010-08-13 14:19:48 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt 2010-08-07 11:45:59 ----D---- C:\Documents and Settings\Ja\Dane aplikacji\Skype 2010-08-07 11:39:07 ----D---- C:\Documents and Settings\Ja\Dane aplikacji\skypePM 2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe 2010-08-03 19:22:30 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt 2010-08-03 17:38:26 ----D---- C:\Documents and Settings\Ja\Dane aplikacji\uTorrent 2010-07-28 07:42:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\stamina 2010-07-27 08:30:33 ----A---- C:\WINDOWS\system32\shell32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-17 691696] R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584] R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448] R1 Tcpip6;Sterownik protokołu IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-09-18 1326528] R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384] R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-11-12 1181824] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-14 5029376] R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-02-12 93696] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400] R3 tunmp;Sterownik karty Microsoft Tun Miniport; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-15 12288] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-15 32128] R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-15 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-06 1684736] S3 axig5h64;axig5h64; C:\WINDOWS\system32\drivers\axig5h64.sys [] S3 btaudio;Urządzenie dźwiękowe Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [] S3 BTDriver;Sterownik do komunikacji wirtualnej Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [] S3 BTWDNDIS;Serwer dostępu do sieci LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [] S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-05 1389056] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2009-12-15 268912] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbvideo;Urządzenie wideo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Usługa Pomocnik IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-23 921952] R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------[/log] RSIT info.txt [log]info.txt logfile of random's system information tool 1.08 2010-08-26 20:40:08 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin Adobe Reader 9.3.4 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2183461)-->"C:\WINDOWS\$NtUninstallKB2183461$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" ALLConverter to 3GP-->"C:\Program Files\ALLConverter\3GP\unins000.exe" ALLConverter to iPhone-->"C:\Program Files\ALLConverter\iPhone\unins000.exe" ALLConverter to PSP-->"C:\Program Files\ALLConverter\PSP\unins000.exe" ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe" Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Asus ACPI Driver-->MsiExec.exe /X{19F5658D-92E8-4A08-8657-D38ABB1574B2} ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9 Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2} Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL Bezpieczeństwo rodzinne usługi Windows Live-->MsiExec.exe /X{0240C3B0-AD14-4AB4-966A-484E8D14477F} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Codec 8.3h-->"C:\Program Files\Codec\Uninstall\unins000.exe" ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe" ECAP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}\setup.exe" -l0x15 -removeonly Eee Instant Key-->C:\Program Files\InstallShield Installation Information\{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}\setup.exe -runfromtemp -l0x0009 -removeonly Eee Storage 1.2.17.333-->C:\Program Files\Eee Storage\uninst.exe ETDWare PS/2-x86 7.0.4.3 WHQL-->C:\Program Files\Elantech\ETDUninst.exe Europa Universalis 2-->C:\PROGRA~1\STRATE~1\EUROPA~1\UNWISE.EXE C:\PROGRA~1\STRATE~1\EUROPA~1\INSTALL.LOG Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CF589477-3D27-4C6F-82A3-78547ACAC55D} GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe" Grand Prix 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4961DB6-A3F3-11D3-BE67-0000B4A81FC5}\setup.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Works-->MsiExec.exe /I{306B39C9-3AB1-4161-8567-9C7E50B41AE3} Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MP3 Cutter 1.6-->"C:\Program Files\MP3 Cutter\unins000.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Narzędzie do przekazywania usługi Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} OpenOffice.org 3.2-->MsiExec.exe /I{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4} Pakiet zgodności dla systemu Office 2007-->MsiExec.exe /X{90120000-0020-0415-0000-0000000FF1CE} PLAY ONLINE-->C:\Program Files\PLAY ONLINE\uninst.exe Poczta usługi Windows Live-->MsiExec.exe /I{DB4690C5-9015-401D-A96C-A49909B7C372} Podstawowe programy Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Podstawowe programy Windows Live-->MsiExec.exe /I{B6892A3F-51F5-4BA4-92E5-3F4A1A10720D} Poprawka dla programu Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SopCast 3.2.9-->C:\Documents and Settings\Ja\Moje dokumenty\Moje wideo\programy\SopCast\uninst.exe Super Hybrid Engine-->C:\Program Files\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe -runfromtemp -l0x0009 -removeonly Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VLC media player 1.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe WapSter AQQ-->C:\Program Files\WapSter\WapSter AQQ\uninstall.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8} Windows Live Sync-->MsiExec.exe /X{8FDC4F3F-1DD7-433E-841E-E20C294609B4} Windows Live Toolbar-->MsiExec.exe /X{A7388312-4FBB-48E5-8DC0-B63DA02658AE} Windows Live Writer-->MsiExec.exe /X{DD49053A-0140-44EF-AE75-C4BC1FDB8286} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" ======System event log====== Computer Name: CHORYPASTOR Event Code: 4201 Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{52235F88-A3B1-4B2A-BAFF-33A5A644A147} została podłączona do sieci i ma zainicjowane normalne działanie na karcie sieciowej. Record Number: 24582 Source Name: Tcpip Time Written: 20100817125528.000000+120 Event Type: informacje User: Computer Name: CHORYPASTOR Event Code: 4201 Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{52235F88-A3B1-4B2A-BAFF-33A5A644A147} została podłączona do sieci i ma zainicjowane normalne działanie na karcie sieciowej. Record Number: 24581 Source Name: Tcpip Time Written: 20100817125523.000000+120 Event Type: informacje User: Computer Name: CHORYPASTOR Event Code: 4201 Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{52235F88-A3B1-4B2A-BAFF-33A5A644A147} została podłączona do sieci i ma zainicjowane normalne działanie na karcie sieciowej. Record Number: 24580 Source Name: Tcpip Time Written: 20100817125518.000000+120 Event Type: informacje User: Computer Name: CHORYPASTOR Event Code: 4201 Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{52235F88-A3B1-4B2A-BAFF-33A5A644A147} została podłączona do sieci i ma zainicjowane normalne działanie na karcie sieciowej. Record Number: 24579 Source Name: Tcpip Time Written: 20100817125513.000000+120 Event Type: informacje User: Computer Name: CHORYPASTOR Event Code: 4201 Message: System wykrył, że karta sieciowa \DEVICE\TCPIP_{52235F88-A3B1-4B2A-BAFF-33A5A644A147} została podłączona do sieci i ma zainicjowane normalne działanie na karcie sieciowej. Record Number: 24578 Source Name: Tcpip Time Written: 20100817125508.000000+120 Event Type: informacje User: =====Application event log===== Computer Name: CHORPASTOR Event Code: 0 Message: The ServiceModelReg tool will take the following actions: Reinstalling configuration section system.serviceModel to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Reinstalling configuration section system.runtime.serialization to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Reinstalling configuration section system.serviceModel.activation to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config. Adding configuration entry for BuildProvider: System.ServiceModel.Activation.ServiceBuildProvider, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Reinstalling compilation assembly node to System.Web section group: System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL Reinstalling compilation assembly node to System.Web section group: System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL Reinstalling compilation assembly node to System.Web section group: System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Reinstalling HttpHandlers node to System.Web section group: *.svc Reinstalling HttpModules node to System.Web section group: ServiceModel Reinstalling WMI classes. Reinstalling Windows CardSpace (idsvc). Reinstalling Net.Tcp Port Sharing Service (NetTcpPortSharing). Reinstalling HTTP namespace reservations. Record Number: 313 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20100701065848.000000+120 Event Type: informacje User: Computer Name: CHORPASTOR Event Code: 0 Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly. If you believe this message is an error, check your IIS installation to make sure it is installed properly. Record Number: 312 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20100701065848.000000+120 Event Type: ostrzeżenie User: Computer Name: CHORPASTOR Event Code: 4354 Message: System zdarzeń modelu COM+ nie mógł zwolnić metody ConnectionLost dla subskrypcji {45233130-B6C3-44FB-A6AF-487C47CEE611}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Subskrybent zwrócił HRESULT 80004001. Record Number: 311 Source Name: EventSystem Time Written: 20100701065802.000000+120 Event Type: ostrzeżenie User: Computer Name: CHORPASTOR Event Code: 4354 Message: System zdarzeń modelu COM+ nie mógł zwolnić metody ConnectionMadeNoQOCInfo dla subskrypcji {A82F0E80-1305-400C-BA56-375AE04264A1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Subskrybent zwrócił HRESULT 80004001. Record Number: 310 Source Name: EventSystem Time Written: 20100701065625.000000+120 Event Type: ostrzeżenie User: Computer Name: CHORPASTOR Event Code: 4354 Message: System zdarzeń modelu COM+ nie mógł zwolnić metody ConnectionLost dla subskrypcji {45233130-B6C3-44FB-A6AF-487C47CEE611}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Subskrybent zwrócił HRESULT 80004001. Record Number: 309 Source Name: EventSystem Time Written: 20100701065325.000000+120 Event Type: ostrzeżenie User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------[/log]
Pastorek komentarz 26 sierpnia 2010 Autor komentarz 26 sierpnia 2010 (edytowane) Przepraszam nie wiem dlaczego to tak nagle się skończyło... [log]OTL logfile created on: 2010-08-26 21:12:36 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 257,00 Mb Available Physical Memory | 25,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,15 Gb Total Space | 49,31 Gb Free Space | 63,10% Space Free | Partition Type: NTFS Drive D: | 70,87 Gb Total Space | 24,72 Gb Free Space | 34,89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZLOMTOTALNY Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-26 20:24:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-07-26 13:20:29 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-07-26 13:20:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-23 19:56:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe PRC - [2010-07-18 22:28:34 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010-07-18 22:28:16 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010-07-18 22:28:15 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010-07-18 22:27:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010-07-18 22:27:40 | 000,755,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgscanx.exe PRC - [2010-07-18 22:27:22 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010-07-18 22:27:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010-06-20 04:06:46 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe PRC - [2010-05-11 17:38:20 | 006,644,736 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-03-28 17:24:34 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010-03-17 18:34:00 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2010-02-18 12:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009-02-14 02:59:24 | 017,508,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-01-23 09:49:53 | 000,416,768 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2008-12-17 20:59:50 | 000,622,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe PRC - [2008-12-04 14:38:06 | 000,114,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe PRC - [2008-11-14 15:55:56 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe PRC - [2008-11-12 03:32:09 | 000,192,512 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe PRC - [2008-11-12 03:32:04 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe PRC - [2008-11-12 03:32:02 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe PRC - [2008-05-21 02:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 14:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-26 20:24:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-07 17:26:08 | 000,268,800 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDApix.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-15 14:00:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 14:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 14:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-07-23 19:56:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010-07-18 22:27:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009-02-06 19:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwhid.sys -- (btwhid) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio) DRV - [2010-07-18 22:28:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-07-18 22:27:22 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-06-02 16:53:57 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-04-17 19:13:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-12-15 15:41:30 | 000,268,912 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV - [2009-02-14 02:49:30 | 005,029,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-02-12 16:59:44 | 000,093,696 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp) DRV - [2009-02-06 19:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008-11-12 03:32:11 | 001,181,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2008-09-26 19:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-09-23 19:15:00 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008-09-18 20:44:38 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2008-08-06 06:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-04-08 16:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI) DRV - [2006-01-05 01:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {ce951a80-a291-11df-981c-0800200c9a66}:0.820 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-07-23 22:12:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010-03-17 03:07:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-03-28 17:25:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-26 13:20:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-20 10:26:33 | 000,000,000 | ---D | M] [2010-03-17 00:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions [2010-01-31 01:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-08-26 08:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions [2010-05-11 17:09:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-21 14:24:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66} [2010-07-27 21:05:42 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-03-27 14:23:44 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2010-08-21 14:17:40 | 000,000,000 | ---D | M] (SmallringFX DARKMagenta) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{ce951a80-a291-11df-981c-0800200c9a66} [2010-08-19 21:39:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-05-05 14:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\DTToolbar@toolbarnet.com-trash [2010-08-21 14:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\personas@christopher.beard [2010-08-21 14:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{ce951a80-a291-11df-981c-0800200c9a66}\chrome\mozapps\extensions [2010-08-26 09:51:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-10 18:51:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-07-26 13:20:32 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-26 13:20:32 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-26 13:20:32 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-26 13:20:32 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-26 13:20:32 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-26 13:20:32 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe () O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [SRS Audio Sandbox] C:\Program Files\Gadu-Gadu\SRSSSC.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{2529f162-32b8-11df-9ddc-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{2529f162-32b8-11df-9ddc-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{692af602-aec0-11df-9f2e-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{692af602-aec0-11df-9f2e-0025d3768a84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{7104bf2c-3210-11df-9dd6-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{7104bf2c-3210-11df-9dd6-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{7104bf2d-3210-11df-9dd6-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{7104bf2d-3210-11df-9dd6-0025d3768a84}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{e106bf2d-31df-11df-9dd5-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{e106bf2d-31df-11df-9dd5-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: LanmanServer - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe File not found MsConfig - StartUpReg: [b]Alcmtr[/b] - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]MsnMsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Netlogon - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Browser - Service SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: LanmanServer - Service SafeBootNet: LanmanWorkstation - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOS - Service SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Netlogon - Service SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: NtLmSsp - Service SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-26 20:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-08-26 20:39:44 | 000,000,000 | ---D | C] -- C:\rsit [2010-08-23 13:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Piekara [2010-08-21 11:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\vlc [2010-08-20 19:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue [2010-08-17 13:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\GomPlayer [2010-08-16 09:53:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-08-10 22:06:43 | 000,000,000 | -HSD | C] -- C:\found.000 [2010-08-02 13:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Strategy First [2010-07-31 16:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-07-28 07:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Konnekt [2010-07-18 22:28:16 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-26 20:39:30 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Ja\NTUSER.DAT [2010-08-26 20:27:54 | 000,291,826 | ---- | M] () -- C:\Documents and Settings\Ja\Pulpit\błąd z PLAY.bmp [2010-08-26 17:20:09 | 063,903,826 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-08-26 08:23:20 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-26 08:23:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-26 08:22:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-24 23:37:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2010-08-24 23:37:08 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-24 23:37:06 | 002,102,104 | -H-- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-20 19:42:51 | 000,500,872 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-08-20 19:42:51 | 000,441,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-08-20 19:42:51 | 000,089,384 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-08-20 19:42:51 | 000,071,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-08-20 19:42:50 | 001,115,414 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-08-19 17:11:22 | 000,009,586 | ---- | M] () -- C:\Documents and Settings\Ja\Dane aplikacji\wklnhst.dat [2010-08-18 21:21:29 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 10:13:32 | 000,201,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-08-16 09:57:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-08-16 09:43:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-31 16:48:38 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-07-31 16:48:38 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll [2010-07-31 16:48:38 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll [2010-07-18 22:28:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-07-18 22:28:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-07-18 22:27:22 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-26 20:27:53 | 000,291,826 | ---- | C] () -- C:\Documents and Settings\Ja\Pulpit\błąd z PLAY.bmp [2010-07-31 16:44:15 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-07-31 16:44:15 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010-07-31 16:44:15 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010-05-16 20:51:42 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2010-04-17 19:13:34 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-03-19 19:12:54 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-03-19 19:12:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-03-16 23:39:22 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-01-05 21:59:51 | 000,268,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys [2009-11-26 02:32:18 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-26 00:45:11 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2009-11-26 00:26:35 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\FASTWiz.log [2009-11-25 23:36:55 | 000,009,586 | ---- | C] () -- C:\Documents and Settings\Ja\Dane aplikacji\wklnhst.dat [2009-11-25 23:31:16 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-03-23 12:47:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009-03-23 11:51:54 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll [2009-03-20 17:09:44 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2008-11-14 19:12:56 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini [2008-07-30 20:31:52 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini [color=#E56717]========== LOP Check ==========[/color] [2010-03-22 18:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-03-17 03:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-04-17 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-11-25 23:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ECAP [2010-03-28 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-11-27 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-05 22:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SRS Labs [2010-07-28 07:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-03-19 19:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ArcaVirMicroScan [2010-03-19 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\AVG9 [2010-04-17 19:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools Lite [2010-03-18 19:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\EurekaLog [2009-11-27 17:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu [2009-11-26 01:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2010-04-25 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ipla [2010-04-14 12:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Leadertech [2010-02-12 13:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\MfcEmbed [2010-03-20 19:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu [2009-11-27 18:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenFM [2009-11-26 18:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenOffice.org [2010-02-08 00:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\SpeedSim [2009-11-25 23:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Template [2010-01-31 01:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Thunderbird [2010-08-20 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue [2010-08-03 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-25 23:29:14 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-08-26 08:22:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2010-08-26 21:12:36 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 257,00 Mb Available Physical Memory | 25,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,15 Gb Total Space | 49,31 Gb Free Space | 63,10% Space Free | Partition Type: NTFS Drive D: | 70,87 Gb Total Space | 24,72 Gb Free Space | 34,89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZLOMTOTALNY Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień -- (Microsoft Corporation) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- File not found "C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0240C3B0-AD14-4AB4-966A-484E8D14477F}" = Bezpieczeństwo rodzinne usługi Windows Live "{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3514C22B-C3A9-41C6-A818-FAEF474CA879}_is1" = ALLConverter to iPhone "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC "{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}" = ECAP "{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8FDC4F3F-1DD7-433E-841E-E20C294609B4}" = Windows Live Sync "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7388312-4FBB-48E5-8DC0-B63DA02658AE}" = Windows Live Toolbar "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{B6892A3F-51F5-4BA4-92E5-3F4A1A10720D}" = Podstawowe programy Windows Live "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF589477-3D27-4C6F-82A3-78547ACAC55D}" = Galeria fotografii usługi Windows Live "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{E4961DB6-A3F3-11D3-BE67-0000B4A81FC5}" = Grand Prix 3 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "ALLConverter to 3GP_is1" = ALLConverter to 3GP "ALLConverter to PSP_is1" = ALLConverter to PSP "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "AVG9Uninstall" = AVG Free 9.0 "Codec_is1" = Codec 8.3h "Eee Storage" = Eee Storage 1.2.17.333 "Elantech" = ETDWare PS/2-x86 7.0.4.3 WHQL "Europa Universalis 2" = Europa Universalis 2 "GOM Player" = GOM Player "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MP3 Cutter_is1" = MP3 Cutter 1.6 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PLAY ONLINE" = PLAY ONLINE "RealPlayer 12.0" = RealPlayer "SopCast" = SopCast 3.2.9 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.3 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-02 07:45:03 | Computer Name = CHORPASTOR | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd eu2.exe, wersja 1.0.0.1, moduł powodujący błąd eu2.exe, wersja 1.0.0.1, adres błędu 0x00038a8a. Error - 2010-08-02 07:59:20 | Computer Name = CHORPASTOR | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd eu2.exe, wersja 1.0.0.1, moduł powodujący błąd eu2.exe, wersja 1.0.0.1, adres błędu 0x00038a8a. Error - 2010-08-03 05:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 06:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 07:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 08:50:06 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 09:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 10:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4124 Description = Indeks zawartości na c:\system volume information\catalog.wci jest uszkodzony. Zamknij i ponownie uruchom Usługę indeksowania (cisvc). Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. [ System Events ] Error - 2010-08-23 07:15:01 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 07:51:03 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 07:51:13 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 07:51:14 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 07:51:15 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 07:51:54 | Computer Name = ZLOMTOTALNY | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D. Error - 2010-08-23 10:05:38 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-24 02:22:41 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-25 03:29:12 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-26 02:23:34 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 < End of report > [/log]
Sohei komentarz 27 sierpnia 2010 komentarz 27 sierpnia 2010 [code]:Processes Explorer.exe :OTL O33 - MountPoints2\{2529f162-32b8-11df-9ddc-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{2529f162-32b8-11df-9ddc-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{692af602-aec0-11df-9f2e-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{692af602-aec0-11df-9f2e-0025d3768a84}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{7104bf2c-3210-11df-9dd6-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{7104bf2c-3210-11df-9dd6-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{7104bf2d-3210-11df-9dd6-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{7104bf2d-3210-11df-9dd6-0025d3768a84}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{e106bf2d-31df-11df-9dd5-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{e106bf2d-31df-11df-9dd5-0025d3768a84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe -- File not found :files C:\found.000 C:\Documents and Settings\Ja\Dane aplikacji\wklnhst.dat :Commands [emptytemp] [start explorer] [reboot][/code] Wklejasz to do OTL w białe okienko i klikasz run fix. Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url] Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url] Co znajda usun po czym daj logi z usuwania + nowy log OTL
Pastorek komentarz 29 sierpnia 2010 Autor komentarz 29 sierpnia 2010 MBAM [log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4052 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 6.0.2900.5512 2010-08-28 11:28:32 mbam-log-2010-08-28 (11-28-32).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowano obiektów: 189599 Upłynęło: 1 godzin(y), 40 minut(y), 5 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 23 Zainfekowanych wartości rejestru: 1 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 8 Zainfekowanych plików: 7 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowanych folderów: C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowanych plików: C:\System Volume Information\_restore{B38F9E95-59B2-4E17-B3F0-A01D5B56C964}\RP87\A0035087.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{B38F9E95-59B2-4E17-B3F0-A01D5B56C964}\RP87\A0035088.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{B38F9E95-59B2-4E17-B3F0-A01D5B56C964}\RP87\A0035089.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{B38F9E95-59B2-4E17-B3F0-A01D5B56C964}\RP87\A0035090.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{B38F9E95-59B2-4E17-B3F0-A01D5B56C964}\RP88\A0035348.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. [/log] OTL [log]OTL logfile created on: 2010-08-29 12:00:18 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 482,00 Mb Available Physical Memory | 47,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,15 Gb Total Space | 51,42 Gb Free Space | 65,80% Space Free | Partition Type: NTFS Drive D: | 70,87 Gb Total Space | 34,85 Gb Free Space | 49,17% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZLOMTOTALNY Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-29 11:55:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-07-26 13:20:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-23 19:56:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe PRC - [2010-07-18 22:28:34 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010-07-18 22:28:16 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010-07-18 22:28:15 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010-07-18 22:27:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010-07-18 22:27:22 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010-07-18 22:27:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-03-17 18:34:00 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe PRC - [2010-02-18 12:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009-02-14 02:59:24 | 017,508,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009-01-23 09:49:53 | 000,416,768 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2008-12-17 20:59:50 | 000,622,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe PRC - [2008-12-04 14:38:06 | 000,114,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe PRC - [2008-11-14 15:55:56 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe PRC - [2008-11-12 03:32:09 | 000,192,512 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe PRC - [2008-11-12 03:32:04 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe PRC - [2008-11-12 03:32:02 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe PRC - [2008-05-21 02:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 14:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-29 11:55:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-06-24 14:12:35 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-06-24 14:12:34 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-09-04 23:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-07 17:26:08 | 000,268,800 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDApix.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-06-20 19:48:53 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2008-04-15 14:00:00 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-15 14:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 14:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 14:00:00 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 14:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 14:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 14:00:00 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll MOD - [2008-04-15 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-15 14:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-15 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 14:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-15 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-07-23 19:56:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010-07-18 22:27:52 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009-02-06 19:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwhid.sys -- (btwhid) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio) DRV - [2010-07-18 22:28:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-07-18 22:27:22 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-06-02 16:53:57 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-04-17 19:13:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-12-15 15:41:30 | 000,268,912 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV - [2009-02-14 02:49:30 | 005,029,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-02-12 16:59:44 | 000,093,696 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp) DRV - [2009-02-06 19:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008-11-12 03:32:11 | 001,181,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm) DRV - [2008-09-26 19:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008-09-23 19:15:00 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008-09-18 20:44:38 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2008-08-06 06:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-04-08 16:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI) DRV - [2006-01-05 01:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {ce951a80-a291-11df-981c-0800200c9a66}:0.820 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-07-23 22:12:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010-03-17 03:07:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-28 01:10:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-28 01:10:46 | 000,000,000 | ---D | M] [2010-03-17 00:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions [2010-01-31 01:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-08-29 11:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions [2010-05-11 17:09:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-21 14:24:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66} [2010-07-27 21:05:42 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-03-27 14:23:44 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2010-08-21 14:17:40 | 000,000,000 | ---D | M] (SmallringFX DARKMagenta) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{ce951a80-a291-11df-981c-0800200c9a66} [2010-08-19 21:39:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-05-05 14:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\DTToolbar@toolbarnet.com-trash [2010-08-21 14:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\personas@christopher.beard [2010-08-21 14:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\o8ytytso.default\extensions\{ce951a80-a291-11df-981c-0800200c9a66}\chrome\mozapps\extensions [2010-08-29 11:45:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-10 18:51:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-07-26 13:20:32 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-26 13:20:32 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-26 13:20:32 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-26 13:20:32 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-26 13:20:32 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-26 13:20:32 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.) O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe File not found O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [Mobile Partner] C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe () O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found O4 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006..\Run: [SRS Audio Sandbox] C:\Program Files\Gadu-Gadu\SRSSSC.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell - "" = AutoRun O33 - MountPoints2\{e106bf65-31df-11df-9dd5-0025d3768a84}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-29 11:49:18 | 000,000,000 | ---D | C] -- C:\_OTL [2010-08-28 09:45:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Malwarebytes [2010-08-28 09:45:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-08-28 09:45:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-08-28 09:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-08-28 09:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-08-27 23:58:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\DoctorWeb [2010-08-26 20:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-08-23 13:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Pulpit\Piekara [2010-08-21 11:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\vlc [2010-08-20 19:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue [2010-08-17 13:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ja\Moje dokumenty\GomPlayer [2010-07-27 18:01:05 | 001,206,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2010-07-18 22:28:16 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-29 11:51:36 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-29 11:51:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-29 11:51:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-29 11:51:01 | 000,201,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-08-29 11:50:11 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Ja\NTUSER.DAT [2010-08-29 11:50:11 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2010-08-28 13:50:57 | 064,032,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-08-28 11:29:55 | 004,297,298 | -H-- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-28 09:45:50 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-08-27 23:40:05 | 000,040,272 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-08-27 01:33:09 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-20 19:42:51 | 000,500,872 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-08-20 19:42:51 | 000,441,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-08-20 19:42:51 | 000,089,384 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-08-20 19:42:51 | 000,071,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-08-20 19:42:50 | 001,115,414 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-08-18 21:21:29 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 09:57:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-08-16 09:43:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-31 16:48:38 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-07-31 16:48:38 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll [2010-07-31 16:48:38 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll [2010-07-27 18:01:05 | 001,206,816 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010-07-18 22:28:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-07-18 22:28:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-07-18 22:27:22 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-06-30 14:33:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-28 09:45:50 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-07-31 16:44:15 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-07-31 16:44:15 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010-07-31 16:44:15 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010-04-17 19:13:34 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-01-05 21:59:51 | 000,268,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys [2009-11-26 02:32:18 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-26 00:45:11 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2009-11-26 00:26:35 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\FASTWiz.log [2009-11-25 23:31:16 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-03-23 12:47:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009-03-23 11:51:54 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll [2009-03-20 17:09:44 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2008-11-14 19:12:56 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini [2008-07-30 20:31:52 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini [color=#E56717]========== LOP Check ==========[/color] [2010-03-22 18:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-03-17 03:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-04-17 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-11-25 23:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ECAP [2010-03-28 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-11-27 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-05 22:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SRS Labs [2010-07-28 07:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-03-19 19:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ArcaVirMicroScan [2010-03-19 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\AVG9 [2010-04-17 19:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools Lite [2010-03-18 19:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\EurekaLog [2009-11-27 17:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu [2009-11-26 01:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2010-04-25 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ipla [2010-04-14 12:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Leadertech [2010-02-12 13:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\MfcEmbed [2010-03-20 19:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu [2009-11-27 18:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenFM [2009-11-26 18:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenOffice.org [2010-02-08 00:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\SpeedSim [2009-11-25 23:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Template [2010-01-31 01:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Thunderbird [2010-08-20 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue [2010-08-03 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-25 23:29:14 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-08-29 11:51:00 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [2010-08-29 11:51:36 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-29 11:51:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-29 11:51:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-29 11:51:01 | 000,201,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-08-29 11:50:11 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Ja\NTUSER.DAT [2010-08-29 11:50:11 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Ja\ntuser.ini [2010-08-28 13:50:57 | 064,032,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-08-28 11:29:55 | 004,297,298 | -H-- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-08-28 09:45:50 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-08-27 23:40:05 | 000,040,272 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-08-27 01:33:09 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-185965860-3410148182-2907495345-1006.job [2010-08-20 19:42:51 | 000,500,872 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-08-20 19:42:51 | 000,441,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-08-20 19:42:51 | 000,089,384 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-08-20 19:42:51 | 000,071,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-08-20 19:42:50 | 001,115,414 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-08-18 21:21:29 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-16 09:57:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-08-16 09:43:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-07-31 16:48:38 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-07-31 16:48:38 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll [2010-07-31 16:48:38 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll [2010-07-27 18:01:05 | 001,206,816 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2010-07-27 08:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010-07-18 22:28:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-07-18 22:28:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-07-18 22:27:22 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-06-30 14:33:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [color=#E56717]========== LOP Check ==========[/color] [2010-03-22 18:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Security Toolbar [2010-03-17 03:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-04-17 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-11-25 23:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ECAP [2010-03-28 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-11-27 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-01-05 22:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SRS Labs [2010-07-28 07:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-03-19 19:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ArcaVirMicroScan [2010-03-19 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\AVG9 [2010-04-17 19:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\DAEMON Tools Lite [2010-03-18 19:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\EurekaLog [2009-11-27 17:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu [2009-11-26 01:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Gadu-Gadu 10 [2010-04-25 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\ipla [2010-04-14 12:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Leadertech [2010-02-12 13:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\MfcEmbed [2010-03-20 19:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Nowe Gadu-Gadu [2009-11-27 18:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenFM [2009-11-26 18:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\OpenOffice.org [2010-02-08 00:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\SpeedSim [2009-11-25 23:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Template [2010-01-31 01:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Thunderbird [2010-08-20 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\Uniblue [2010-08-03 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ja\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-11-25 23:29:14 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-03-20 16:26:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-03-20 16:26:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-08-29 11:51:00 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2009-12-22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] Extras [log]OTL Extras logfile created on: 2010-08-29 12:00:18 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 482,00 Mb Available Physical Memory | 47,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,15 Gb Total Space | 51,42 Gb Free Space | 65,80% Space Free | Partition Type: NTFS Drive D: | 70,87 Gb Total Space | 34,85 Gb Free Space | 49,17% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ZLOMTOTALNY Current User Name: Ja Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień -- (Microsoft Corporation) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- File not found "C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0240C3B0-AD14-4AB4-966A-484E8D14477F}" = Bezpieczeństwo rodzinne usługi Windows Live "{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20 "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC "{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}" = ECAP "{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8FDC4F3F-1DD7-433E-841E-E20C294609B4}" = Windows Live Sync "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7388312-4FBB-48E5-8DC0-B63DA02658AE}" = Windows Live Toolbar "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{B6892A3F-51F5-4BA4-92E5-3F4A1A10720D}" = Podstawowe programy Windows Live "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF589477-3D27-4C6F-82A3-78547ACAC55D}" = Galeria fotografii usługi Windows Live "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AQQ" = WapSter AQQ "AVG9Uninstall" = AVG Free 9.0 "Eee Storage" = Eee Storage 1.2.17.333 "Elantech" = ETDWare PS/2-x86 7.0.4.3 WHQL "GOM Player" = GOM Player "HDMI" = Intel(R) Graphics Media Accelerator Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PLAY ONLINE" = PLAY ONLINE "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.3 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-03 06:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 07:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 08:50:06 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 09:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 10:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4124 Description = Indeks zawartości na c:\system volume information\catalog.wci jest uszkodzony. Zamknij i ponownie uruchom Usługę indeksowania (cisvc). Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-04 09:45:38 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-05 13:09:13 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-05 15:29:01 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. [ System Events ] Error - 2010-08-27 17:53:18 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 03:44:19 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 05:31:44 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 05:31:52 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: PCIIde Error - 2010-08-29 05:03:07 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-29 05:49:20 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7031 Description = Usługa AVG Free WatchDog niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-08-29 05:49:20 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:49:21 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa SeaPort niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:49:22 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa AVG Free E-mail Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:51:42 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-185965860-3410148182-2907495345-1006\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Kreator transferu plików i ustawień -- (Microsoft Corporation) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- File not found "C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0240C3B0-AD14-4AB4-966A-484E8D14477F}" = Bezpieczeństwo rodzinne usługi Windows Live "{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20 "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC "{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}" = ECAP "{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8FDC4F3F-1DD7-433E-841E-E20C294609B4}" = Windows Live Sync "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7388312-4FBB-48E5-8DC0-B63DA02658AE}" = Windows Live Toolbar "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{B6892A3F-51F5-4BA4-92E5-3F4A1A10720D}" = Podstawowe programy Windows Live "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF589477-3D27-4C6F-82A3-78547ACAC55D}" = Galeria fotografii usługi Windows Live "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2 "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AQQ" = WapSter AQQ "AVG9Uninstall" = AVG Free 9.0 "Eee Storage" = Eee Storage 1.2.17.333 "Elantech" = ETDWare PS/2-x86 7.0.4.3 WHQL "GOM Player" = GOM Player "HDMI" = Intel(R) Graphics Media Accelerator Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PLAY ONLINE" = PLAY ONLINE "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.3 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-08-03 06:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 07:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 08:50:06 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 09:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 10:50:05 | Computer Name = CHORPASTOR | Source = Google Update | ID = 20 Description = Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4124 Description = Indeks zawartości na c:\system volume information\catalog.wci jest uszkodzony. Zamknij i ponownie uruchom Usługę indeksowania (cisvc). Error - 2010-08-03 13:53:30 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-04 09:45:38 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-05 13:09:13 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. Error - 2010-08-05 15:29:01 | Computer Name = CHORPASTOR | Source = Ci | ID = 4126 Description = Czyszczenie uszkodzonych metadanych indeksu zawartości na c:\system volume information\catalog.wci. Indeks zostanie automatycznie przywrócony przez ponowne przefiltrowanie wszystkich dokumentów. [ System Events ] Error - 2010-08-27 17:53:18 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 03:44:19 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 05:31:44 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-28 05:31:52 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: PCIIde Error - 2010-08-29 05:03:07 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 Error - 2010-08-29 05:49:20 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7031 Description = Usługa AVG Free WatchDog niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-08-29 05:49:20 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:49:21 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa SeaPort niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:49:22 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7034 Description = Usługa AVG Free E-mail Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-08-29 05:51:42 | Computer Name = ZLOMTOTALNY | Source = Service Control Manager | ID = 7023 Description = Usługa Usługi IPSEC zakończyła działanie; wystąpił następujący błąd: %%1747 < End of report > [/log] po usunięciu plików zainfekowanych, które wykazał mi MBAM nie otrzymałem żadnych powiadomień o plikach zainfekowanych przez program Dr WEB tzn nie było nic do usunięcia. Czy to dobrze że nie dostałem takiego raportu z log'iem jak w wypadku skanowania przez Malwarebytes?
Forumowiec komentarz 29 sierpnia 2010 komentarz 29 sierpnia 2010 daj logi z hijackthis [color="#FF0000"]//Hijackthis nic w tych czasach nie pokazuje i log z niego w tym przypadku jest zbędny //Sohei[/color]
Pastorek komentarz 29 sierpnia 2010 Autor komentarz 29 sierpnia 2010 Dzięki. Wielka to nadzieja na lepsze jutro;) czyli to musi być natura oprogramowania czyli daje na 'kanał' coś się na to poradzi. Jeszcze raz wielkie dzięki:)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.