majka07 utworzono 4 grudnia 2010 utworzono 4 grudnia 2010 witam, potrzebuje usunąć think pointa [log]OTL logfile created on: 2010-12-04 12:48:54 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = H:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 2,85 Gb Free Space | 3,83% Space Free | Partition Type: NTFS Drive D: | 1,46 Gb Total Space | 1,07 Gb Free Space | 72,76% Space Free | Partition Type: NTFS Drive E: | 73,06 Gb Total Space | 5,17 Gb Free Space | 7,08% Space Free | Partition Type: NTFS Drive H: | 3,73 Gb Total Space | 1,58 Gb Free Space | 42,31% Space Free | Partition Type: FAT32 Computer Name: KASIOWY | User Name: kkasiaka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-04 12:17:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\OTL.exe PRC - [2010-11-16 19:35:03 | 001,438,720 | ---- | M] () -- C:\WINDOWS\system32\qtplugin.exe PRC - [2010-07-06 18:12:46 | 000,073,728 | -HS- | M] (Mbgjhn) -- C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe PRC - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe PRC - [2010-04-16 12:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-03-23 17:44:21 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE PRC - [2009-02-09 11:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-11-18 18:54:00 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-09-08 16:02:18 | 000,186,200 | ---- | M] () -- C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZNLSvc.exe PRC - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2008-07-19 15:38:34 | 000,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-06-15 14:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2007-12-16 13:22:42 | 000,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe PRC - [2007-07-25 18:14:58 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-06 16:55:42 | 000,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2007-03-06 16:47:02 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2007-03-06 16:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2007-03-06 16:37:04 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2007-03-02 15:51:40 | 000,173,672 | R--- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe PRC - [2006-02-28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2006-02-16 18:34:00 | 000,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-11 00:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-04 12:17:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\OTL.exe MOD - [2009-12-08 10:01:26 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:03:38 | 008,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-02-16 18:34:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2006-02-16 18:34:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll MOD - [2006-02-16 18:34:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Disabled | Stopped] -- -- (Aspddhmudadn) SRV - File not found [On_Demand | Stopped] -- -- (Aetbccdercss) SRV - [2010-08-31 17:36:24 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2009-08-07 11:43:04 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009-03-23 17:44:21 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2009-02-15 23:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) [On_Demand | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2008-09-08 16:02:18 | 000,186,200 | ---- | M] () [Auto | Running] -- C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZNLSvc.exe -- (ZNLSvc) SRV - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2008-06-15 14:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008-06-05 23:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2007-12-16 13:22:42 | 000,085,096 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2007-07-25 18:14:58 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007-03-06 16:55:42 | 000,643,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2007-03-06 16:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2007-03-06 16:37:04 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-09-05 10:40:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-06-29 17:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk) DRV - [2009-03-23 17:44:22 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2009-02-15 23:10:26 | 000,353,672 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008-11-17 01:24:00 | 000,051,688 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan) DRV - [2008-07-19 15:37:42 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008-07-19 15:37:21 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2008-07-19 15:35:18 | 000,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2008-07-19 15:33:42 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2008-07-19 15:32:36 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2008-07-19 15:32:15 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2007-08-10 13:52:44 | 004,603,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-07-25 18:19:52 | 000,209,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2007-07-25 18:19:38 | 000,101,874 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007-07-25 18:17:26 | 000,090,880 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-07-25 18:14:58 | 001,161,888 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007-07-25 18:07:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2007-07-04 15:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2007-06-21 04:43:26 | 002,208,512 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Sterownik karty Intel(R) DRV - [2007-04-16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007-02-21 12:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006-06-22 16:27:12 | 000,011,264 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-18 08:00:00 | 000,067,584 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Wibukey.sys -- (WIBUKEY) DRV - [2004-06-10 00:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM) DRV - [1999-04-22 05:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [2010-10-09 12:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Mozilla\Firefox\extensions [2010-10-09 12:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2010-07-06 18:12:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-07-06 18:12:47 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} O1 HOSTS File: ([2010-02-07 18:53:39 | 001,891,268 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 005.free-counter.co.uk O1 - Hosts: 127.0.0.1 006.free-counter.co.uk O1 - Hosts: 127.0.0.1 007.free-counter.co.uk O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008.free-counter.co.uk O1 - Hosts: 127.0.0.1 00fun.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00inkjets.com O1 - Hosts: 127.0.0.1 00pro.com O1 - Hosts: 127.0.0.1 00web.com O1 - Hosts: 127.0.0.1 01.sharedsource.org O1 - Hosts: 127.0.0.1 0123hardcore.com O1 - Hosts: 127.0.0.1 0190-dialer.com O1 - Hosts: 127.0.0.1 0190-dialers.com O1 - Hosts: 127.0.0.1 01i.info O1 - Hosts: 127.0.0.1 01sexe.com O1 - Hosts: 127.0.0.1 01smith.com O1 - Hosts: 127.0.0.1 02.main.ru O1 - Hosts: 127.0.0.1 0-29.com O1 - Hosts: 127.0.0.1 02kmky1xgzbmsdfx.com O1 - Hosts: 127.0.0.1 02pmnzy5eo29bfk4.com O1 - Hosts: 127.0.0.1 03.sharedsource.org O1 - Hosts: 127.0.0.1 030.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 64151 more lines... O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\PlusIEContextMenu.dll (Zeon Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZeonIEFavClient.dll (Zeon Corporation) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZeonIEFavClient.dll (Zeon Corporation) O3 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [RegistryMonitor1] C:\WINDOWS\system32\qtplugin.exe () O4 - HKLM..\Run: [sniffer] C:\WINDOWS\Temp\_ex-08.exe () O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe (r2 studios) O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\Run: [download] C:\Documents and Settings\kkasiaka\Dane aplikacji\download2\svcnost.exe File not found O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\RunOnce: [16031505] C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\16031505.exe (Корпорация Майкрософт) O4 - Startup: C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: RTHDBPL = C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe (Mbgjhn) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: E&ksport do programu Microsoft Excel - E:\Program files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Open PDF in DocuCom PDF Plus - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Append to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert link target to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert link target to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert selected links to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert selected links to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O15 - HKLM\..Trusted Domains: se-2011-download.com ([]http in Trusted sites) O15 - HKLM\..Trusted Domains: se-2011-payment.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..Trusted Domains: se-2011-download.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..Trusted Domains: se-2011-payment.com ([]http in Trusted sites) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab (CKAVWebScan Object) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/66.35/uploader2.cab (UploadListView Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_04) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-842925246-706699826-839522115-1003 Winlogon: Shell - (C:\Documents and Settings\kkasiaka\Dane aplikacji\hotfix.exe) - C:\Documents and Settings\kkasiaka\Dane aplikacji\hotfix.exe File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O29 - HKLM SecurityProviders - (digiwet.dll) - C:\WINDOWS\System32\digiwet.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-12-31 11:03:59 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:46 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:47 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:48 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{1e8079ea-55f3-11de-a57c-001b3846fc38}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{1e8079ea-55f3-11de-a57c-001b3846fc38}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{3fa491cc-31dd-11df-a785-001b3846fc38}\Shell - "" = AutoRun O33 - MountPoints2\{4113e362-7ef6-11df-a80d-001b3846fc38}\Shell - "" = Autorun O33 - MountPoints2\{4113e362-7ef6-11df-a80d-001b3846fc38}\Shell\AutoRun\command - "" = H:\Install_Nokia_Ovi_Suite.exe -- File not found O33 - MountPoints2\{548e4450-7ab2-11df-a805-001b3846fc38}\Shell - "" = Autorun O33 - MountPoints2\{548e4450-7ab2-11df-a805-001b3846fc38}\Shell\AutoRun\command - "" = H:\Install_Nokia_Ovi_Suite.exe -- File not found O33 - MountPoints2\{5980a2a2-ade9-11de-a661-001b3846fc38}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{5980a2a2-ade9-11de-a661-001b3846fc38}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{774f429a-2227-11df-a767-001b3846fc38}\Shell - "" = AutoRun O33 - MountPoints2\{774f429a-2227-11df-a767-001b3846fc38}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{847be673-beef-11dd-a3a5-001cea78e71c}\Shell\PRM\command - "" = Thumbs.exe -start O33 - MountPoints2\{e437e7f6-a182-11df-a84c-001b3846fc38}\Shell\AutoRun\command - "" = RECYCLER\autorun.exe O33 - MountPoints2\{e437e7f6-a182-11df-a84c-001b3846fc38}\Shell\open\command - "" = RECYCLER\autorun.exe O33 - MountPoints2\{fb89345f-795c-11de-a5c3-001b3846fc38}\Shell\AutoRun\command - "" = G:\cv8j.exe -- File not found O33 - MountPoints2\{fb89345f-795c-11de-a5c3-001b3846fc38}\Shell\open\Command - "" = G:\cv8j.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "gusvc" MsConfig - Services: "Adobe LM Service" MsConfig - Services: "LightScribeService" MsConfig - Services: "WinPPPoverEthernet" MsConfig - Services: "PnkBstrA" MsConfig - StartUpReg: [b]a-winpoet-service[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]Camera Assistant Software[/b] - hkey= - key= - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) MsConfig - StartUpReg: [b]Odkurzacz-MCD[/b] - hkey= - key= - C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software) MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-30 21:32:25 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll [2010-11-30 21:32:25 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll [2010-11-30 21:32:25 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys [2010-11-30 21:32:05 | 000,842,240 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\16031505.exe [2010-11-19 21:14:44 | 112,188,440 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\kkasiaka\Pulpit\kav11.0.1.400pl.exe [2010-11-16 20:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010-11-14 19:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Pulpit\bg [2010-10-11 19:40:30 | 000,065,776 | ---- | C] (JGsoft - Just Great Software) -- C:\WINDOWS\UnDeploy.exe [2010-10-11 19:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\001Micron Memory Card Recovery(Demo) [2010-10-11 18:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\OpenOffice.org [2010-10-11 18:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2010-10-11 18:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\open office [2010-10-11 17:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Pulpit\dmde-2.0.1-win32-gui [2010-10-09 18:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Pulpit\recovers [2010-10-09 18:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\iolo [2010-10-09 18:28:47 | 000,009,341 | ---- | C] (iolo technologies, LLC (based on original work by Bo Brantén)) -- C:\WINDOWS\System32\drivers\filedisk.sys [2010-10-09 18:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\iolo [2010-10-09 18:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\iolo [2010-10-09 18:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2010-10-09 18:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\testdisk-6.11.3.win [2010-10-09 12:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-10-09 12:49:39 | 002,286,904 | ---- | C] (Smart PC Solutions ) -- C:\Documents and Settings\kkasiaka\Pulpit\flashrecovery.exe [2010-10-09 12:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Mozilla [2010-10-09 12:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\AskBarDis [2010-02-13 16:04:36 | 106,855,968 | ---- | C] (Sony Creative Software Inc.) -- C:\Program Files\moviestudio90b.exe [2008-11-30 15:55:04 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys [2008-11-30 00:02:23 | 022,285,608 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe [2006-12-12 11:13:20 | 000,032,768 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll [2006-07-28 16:25:26 | 000,019,456 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-04 12:40:44 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-12-04 12:40:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-04 12:30:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-12-04 12:30:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-04 12:28:54 | 014,680,064 | ---- | M] () -- C:\Documents and Settings\kkasiaka\NTUSER.DAT [2010-12-04 12:28:54 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\kkasiaka\ntuser.ini [2010-12-04 11:57:20 | 000,245,248 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-30 21:32:25 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll [2010-11-30 21:32:25 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll [2010-11-30 21:32:25 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys [2010-11-30 21:32:05 | 000,842,240 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\16031505.exe [2010-11-28 22:16:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-11-19 21:14:49 | 112,188,440 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\kkasiaka\Pulpit\kav11.0.1.400pl.exe [2010-11-16 19:35:03 | 001,438,720 | ---- | M] () -- C:\WINDOWS\System32\qtplugin.exe [2010-10-31 08:50:07 | 001,124,142 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-10-31 08:50:07 | 000,503,756 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-10-31 08:50:07 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-10-31 08:50:07 | 000,090,292 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-10-31 08:50:07 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-17 12:55:32 | 000,000,784 | ---- | M] () -- C:\WINDOWS\win.ini [2010-10-12 07:40:07 | 001,581,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-10-11 22:39:33 | 000,080,744 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-10-11 20:25:25 | 000,000,082 | ---- | M] () -- C:\WINDOWS\System32\RPRID.KEY [2010-10-11 19:40:30 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\001Micron Memory Card Recovery(Demo).lnk [2010-10-11 18:57:26 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Moje dokumenty\TempWmicBatchFile.bat [2010-10-11 18:57:13 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-10-11 18:55:53 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-10-10 21:52:43 | 000,031,462 | ---- | M] () -- C:\WINDOWS\bestplayer.bbt [2010-10-10 21:52:43 | 000,001,911 | ---- | M] () -- C:\WINDOWS\bestplayer.ini [2010-10-10 21:52:43 | 000,000,063 | ---- | M] () -- C:\WINDOWS\bestplayer.bpp [2010-10-09 18:28:48 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Pulpit\Search and Recover.lnk [2010-10-09 18:28:22 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll [2010-10-09 18:26:25 | 000,491,120 | ---- | M] () -- C:\Program Files\sr_dm.exe [2010-10-09 18:04:42 | 001,561,733 | ---- | M] () -- C:\Program Files\testdisk-6.11.3.win.zip [2010-10-09 12:45:42 | 002,286,904 | ---- | M] (Smart PC Solutions ) -- C:\Documents and Settings\kkasiaka\Pulpit\flashrecovery.exe [2010-10-09 12:22:57 | 003,267,488 | ---- | M] () -- C:\Program Files\PandoraRecovery2.1.1Setup.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-16 19:35:04 | 001,438,720 | ---- | C] () -- C:\WINDOWS\System32\qtplugin.exe [2010-10-11 20:25:25 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\RPRID.KEY [2010-10-11 19:40:30 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\001Micron Memory Card Recovery(Demo).lnk [2010-10-11 18:57:24 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Moje dokumenty\TempWmicBatchFile.bat [2010-10-11 18:57:13 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-10-11 18:55:53 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-10-09 18:28:48 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Pulpit\Search and Recover.lnk [2010-10-09 18:28:22 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2010-10-09 18:26:21 | 000,491,120 | ---- | C] () -- C:\Program Files\sr_dm.exe [2010-10-09 18:04:30 | 001,561,733 | ---- | C] () -- C:\Program Files\testdisk-6.11.3.win.zip [2010-10-09 12:22:57 | 003,267,488 | ---- | C] () -- C:\Program Files\PandoraRecovery2.1.1Setup.exe [2010-09-08 19:46:35 | 000,587,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-04-08 21:28:07 | 000,000,093 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-04-07 18:41:00 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\digiwet.dll [2009-01-29 12:23:30 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-01-07 19:12:25 | 000,002,136 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-11-30 15:55:04 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys [2008-11-06 22:18:18 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-11-05 19:42:45 | 000,062,400 | ---- | C] () -- C:\WINDOWS\System32\IFC.dll [2008-11-05 19:41:56 | 000,422,848 | ---- | C] () -- C:\WINDOWS\System32\PPL.dll [2008-10-10 17:35:50 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys [2008-10-10 17:35:50 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys [2008-09-20 18:16:24 | 004,286,240 | -H-- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\IconCache.db [2008-09-14 20:06:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI [2008-09-12 22:35:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-09-03 18:04:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Dane aplikacji\AVSDVDPlayer.m3u [2008-07-06 15:31:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2008-03-15 20:21:44 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-03-15 20:21:43 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-03-15 20:21:43 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-02-27 20:48:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2007-12-03 09:28:07 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007-11-22 10:59:34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2007-11-21 12:46:00 | 000,001,911 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2007-11-17 16:52:21 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS [2007-11-17 16:52:21 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL [2007-11-17 16:52:21 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL [2007-11-13 20:09:24 | 000,245,248 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-11-12 22:37:20 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll [2007-11-12 21:38:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL [2007-11-12 21:09:13 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2007-11-12 21:09:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2007-11-12 21:09:13 | 000,010,132 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2007-11-12 21:09:13 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2007-11-12 20:33:24 | 000,080,744 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2007-11-12 19:54:42 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2007-11-12 19:54:40 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2007-11-11 16:01:55 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\kkasiaka\Dane aplikacji\desktop.ini [2007-11-11 15:55:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2007-11-11 15:52:15 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2007-11-11 15:52:15 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2007-11-11 15:51:26 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2007-11-11 15:51:23 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2007-11-11 15:42:21 | 001,124,142 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2007-11-11 15:42:20 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-11-11 15:41:51 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2007-07-01 12:12:14 | 003,145,728 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2007-07-01 11:59:22 | 000,517,632 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2007-06-17 12:43:56 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2007-06-12 15:45:56 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2007-06-12 12:21:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2007-01-09 18:05:50 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2006-02-16 18:34:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-02-16 18:34:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-02-16 18:34:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-02-16 18:34:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-02-16 18:34:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-02-16 18:34:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-01-05 18:49:34 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll [2006-01-05 17:36:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll [2006-01-04 10:59:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005-11-23 13:55:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-10-30 13:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-10-30 13:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2001-10-30 13:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2001-10-30 13:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2001-10-30 13:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-30 13:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-30 13:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2001-10-30 13:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2001-10-30 13:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-10-30 13:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2001-10-30 13:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2001-10-30 13:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2001-10-30 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2001-10-30 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2001-10-30 13:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2001-10-30 13:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-10-30 13:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-10-30 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-10-30 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-10-30 13:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-30 13:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-10-30 13:00:00 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-30 13:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-30 13:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-30 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2001-10-30 13:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-30 13:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2001-10-30 13:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-30 13:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-30 13:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-30 13:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-30 13:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-30 13:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-30 13:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-10-30 13:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-10-30 13:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-10-30 13:00:00 | 000,000,784 | ---- | C] () -- C:\WINDOWS\win.ini [2001-10-30 13:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-30 13:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [color=#E56717]========== LOP Check ==========[/color] [2010-09-15 15:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2010-09-05 10:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-10 01:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2007-12-09 00:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2008-06-01 20:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier [2009-03-16 03:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\r2 Studios [2010-10-10 01:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2007-11-12 22:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64 [2010-07-06 19:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\zeon [2008-05-29 23:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Auslogics [2010-09-15 15:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Autodesk [2010-10-10 21:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\BESTplayer [2008-09-21 11:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Canneverbe_Limited [2009-01-29 12:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\DAEMON Tools [2010-09-05 10:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\DAEMON Tools Lite [2007-12-09 01:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Gadu-Gadu [2010-10-09 18:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\iolo [2010-10-11 18:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\OpenOffice.org [2008-05-18 22:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Opera [2009-01-30 03:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Poser Pro [2008-01-21 01:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\QPrinter [2009-03-16 03:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\r2 Studios [2010-08-04 22:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\runic games [2010-07-06 18:12:48 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc [2007-11-12 21:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\toshiba [2008-01-30 01:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Uniblue [2010-09-19 20:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\uTorrent [2010-07-06 19:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Zeon [2010-10-09 18:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\iolo [2010-07-06 19:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Zeon [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2008-12-13 17:34:27 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-10-30 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2007-11-11 15:55:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007-11-11 15:55:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2007-11-12 19:52:25 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2007-11-12 19:52:25 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-12-04 12:30:06 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2008-06-16 04:29:11 | 000,002,861 | ---- | M] () -- C:\rollback.ini [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys [2001-10-30 13:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-10-30 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-10-30 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7311BB85 < End of report > [/log] [log]OTL Extras logfile created on: 2010-12-04 12:48:54 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = H:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 2,85 Gb Free Space | 3,83% Space Free | Partition Type: NTFS Drive D: | 1,46 Gb Total Space | 1,07 Gb Free Space | 72,76% Space Free | Partition Type: NTFS Drive E: | 73,06 Gb Total Space | 5,17 Gb Free Space | 7,08% Space Free | Partition Type: NTFS Drive H: | 3,73 Gb Total Space | 1,58 Gb Free Space | 42,31% Space Free | Partition Type: FAT32 Computer Name: KASIOWY | User Name: kkasiaka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Odkurz tutaj] -- C:\Program Files\Odkurzacz\odkurzacz.exe %1 (Franmo Software) Directory [Winamp.Bookmark] -- "E:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "E:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "E:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "37728:TCP" = 37728:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "12934:TCP" = 12934:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "2766:TCP" = 2766:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "24518:TCP" = 24518:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "46229:TCP" = 46229:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "18766:TCP" = 18766:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "14137:TCP" = 14137:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "19163:TCP" = 19163:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "3839:TCP" = 3839:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "28428:TCP" = 28428:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "32440:TCP" = 32440:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "5284:TCP" = 5284:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "23664:TCP" = 23664:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\DOCUME~1\kkasiaka\USTAWI~1\Temp\0.685406087870099.exe" = C:\DOCUME~1\kkasiaka\USTAWI~1\Temp\0.685406087870099.exe:*:Enabled:ldrsoft -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10 "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{3191ADFC-5BA3-474D-BCBA-1B5615ABFFC1}" = character studio 4.2 "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing "{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23}" = Autodesk Revit Architecture 2011 "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 "{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{572FBF5D-3BAA-42FF-A468-A54C2C0A17C3}" = Autodesk Revit Architecture 2010 "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{5783F2D7-9004-0409-0002-0060B0CE6BBA}" = AutoCAD Architecture 2011 - English "{5783F2D7-9004-0409-1002-0060B0CE6BBA}" = AutoCAD Architecture 2011 Language Pack - English "{58B785A2-D2CA-40AA-AE89-FCC49326CDC4}" = OpenOffice.org 3.2 "{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver "{5AF71003-1797-4D93-9F37-4F2125CBF539}" = Microsoft .NET Framework 2.0 Language Pack - PLK "{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{69E6A869-8B59-4619-A9E9-58DDFA7C05B8}" = 3ds max 6 "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0 "{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3 "{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011 "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A3A37DA6-70C0-497C-BCB1-148E9EC1D32E}" = Revit Architecture 2009 (AutoCAD Suite) "{A3FD0CA9-884F-4525-97B8-0AE6179302E6}" = F2100 "{A9765BD7-9A75-43BA-ACC8-AA91199A88C1}" = DocuCom PDF Gold 9.51 "{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AB2C9753-33AD-4F09-AA16-27C7F39BAF1F}" = Settlers III - Złota Edycja "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7646-A70000000000}" = Adobe Reader 7.0 "{AC76BA86-7AD7-EF45-47A7-7E8A45000002}" = Adobe Reader Multimedia Package "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 "{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BC14A1F6-0511-4360-8351-FB7964979317}" = 3ds max 6 Reference Files "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library "{CDC7BEC8-D631-4e36-81D7-FC3689209AA6}" = F2100_Help "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D56C7EAB-BEE6-4D51-86CF-419FFC07FF11}_is1" = iolo technologies' Search and Recover "{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1" = AusLogics Registry Defrag "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{DD8C1183-6548-4A43-B9E5-CD0E970751E4}" = 3ds max 6 Architectural Materials "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag "{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64 "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd "{EC63CD9C-676B-4384-A280-378842B99DCA}" = 3ds max 6 Sample Files "{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0 "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "001Micron Memory Card Recovery(Demo)" = 001Micron Memory Card Recovery(Demo) 5.8.4.1 "7-Zip" = 7-Zip 3.13 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "Ask Toolbar_is1" = Ask Toolbar "AutoCAD 2008 - English" = AutoCAD 2008 - English "AutoCAD Architecture 2011 - English" = AutoCAD Architecture 2011 - English "Autodesk Design Review 2011" = Autodesk Design Review 2011 "Autodesk Revit Architecture 2010" = Autodesk Revit Architecture 2010 "Autodesk Revit Architecture 2011" = Autodesk Revit Architecture 2011 "avast!" = avast! Antivirus "AVS DVD Player_is1" = AVS DVD Player version 2.4 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2 "CdaC13Ba" = SafeCast Shared Components "Codec_is1" = Codec 8.2 build 4 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Gadu-Gadu" = Gadu-Gadu 7.7 "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Participation Program 9.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Hasło administratora "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Sprzęt instalacyjny TOSHIBA "InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = Program TOSHIBA Hotkey Utility "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "jv16 PowerTools_is1" = jv16 PowerTools 1.3 "Kaspersky Online Scanner" = Kaspersky Online Scanner "LastFM_is1" = Last.fm 1.5.4.24567 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - PLK" = Microsoft .NET Framework 2.0 — pakiet języka polskiego "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Odkurzacz 11.3_is1" = Odkurzacz 11.3 "Picasa2" = Picasa 2 "ProInst" = Oprogramowanie Intel(R) PROSet/Wireless "Rainbow Sentinel Driver" = Sentinel System Driver "RealAlt_is1" = Real Alternative 1.60 "Shop for HP Supplies" = Shop for HP Supplies "Startup Delayer" = Startup Delayer v2.3 (build 130) "SynTPDeinstKey" = Synaptics Pointing Device Driver "System Tool2011" = System Tool2011 "Testy B 2007_is1" = Testy B 2007 "TOSHIBA Software Modem" = TOSHIBA Software Modem "Uninstall_is1" = Uninstall 1.0.0.1 "WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 2 "WinRAR archiver" = Archiwizator WinRAR "XP Codec Pack" = XP Codec Pack "ZoneAlarm" = ZoneAlarm "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2008-06-01 18:45:31 | Computer Name = KASIAKA | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe failed, 00000005. [ Application Events ] Error - 2010-12-01 18:47:07 | Computer Name = KASIOWY | Source = nview_info | ID = 11141121 Description = Error - 2010-12-01 18:47:07 | Computer Name = KASIOWY | Source = nview_info | ID = 11141121 Description = Error - 2010-12-01 18:47:07 | Computer Name = KASIOWY | Source = nview_info | ID = 11141121 Description = Error - 2010-12-03 17:12:18 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-03 17:45:55 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-04 06:31:15 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-04 07:03:15 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-04 07:24:20 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-04 07:27:04 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-04 07:30:18 | Computer Name = KASIOWY | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2010-12-03 17:12:18 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-03 17:22:59 | Computer Name = KASIOWY | Source = DCOM | ID = 10010 Description = Serwer {C6DA6324-D5EE-4DCB-9D07-789669BB0A11} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error - 2010-12-03 17:45:55 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 06:31:15 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 07:03:15 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 07:24:20 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 07:24:35 | Computer Name = KASIOWY | Source = NetBT | ID = 4307 Description = Zainicjowanie nie powiodło się, ponieważ transport odmówił otwarcia adresów początkowych. Error - 2010-12-04 07:27:04 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 07:30:18 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7001 Description = Usługa Sentinel zależy od usługi Parport, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2010-12-04 07:45:59 | Computer Name = KASIOWY | Source = Service Control Manager | ID = 7034 Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by kkasiaka at 2010-12-04 13:10:39 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 3 GB (4%) free of 76 GB Total RAM: 2046 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:10:51, on 2010-12-04 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17055) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\WINDOWS\system32\qtplugin.exe C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe H:\RSIT.exe C:\Program Files\trend micro\kkasiaka.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe" O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RegistryMonitor1] C:\WINDOWS\system32\qtplugin.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sniffer] C:\WINDOWS\Temp\_ex-08.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [download] "C:\Documents and Settings\kkasiaka\Dane aplikacji\download2\svcnost.exe" O4 - HKCU\..\RunOnce: [16031505] "C:\DOCUME~1\kkasiaka\USTAWI~1\DANEAP~1\16031505.exe" 17 48 O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open PDF in DocuCom PDF Plus - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O8 - Extra context menu item: Zeon Append to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Zeon Convert link target to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Zeon Convert link target to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Zeon Convert selected links to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Zeon Convert selected links to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Zeon Convert to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.se-2011-download.com O15 - Trusted Zone: http://*.se-2011-payment.com O15 - Trusted Zone: http://*.se-2011-download.com (HKLM) O15 - Trusted Zone: http://*.se-2011-payment.com (HKLM) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/66.35/uploader2.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F6435A7C-DC49-484A-AC12-682FA4076FF6}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O19 - User stylesheet: (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Aetbccdercss - Meetinghouse Data Communications - (no file) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Zeon License Service (ZNLSvc) - Unknown owner - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe -- End of file - 12457 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-15 333192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll [2008-10-15 253952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-18 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}] ZeonIEEventHelper Class - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll [2008-11-18 479232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-18 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-18 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll [2008-11-18 479232] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-15 333192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe [2007-12-14 44032] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-03-06 819200] "nwiz"=nwiz.exe /install [] "RegistryMonitor1"=C:\WINDOWS\system32\qtplugin.exe [2010-11-16 1438720] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "sniffer"=C:\WINDOWS\Temp\_ex-08.exe [2010-11-30 350720] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "RTHDBPL"=C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe [2010-07-06 73728] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] "download"=C:\Documents and Settings\kkasiaka\Dane aplikacji\download2\svcnost.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "16031505"=C:\DOCUME~1\kkasiaka\USTAWI~1\DANEAP~1\16031505.exe [2010-11-30 842240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-winpoet-service] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-05-22 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe [2007-11-14 2131392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe [2008-08-16 264704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe [2004-02-22 32881] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 "Adobe LM Service"=3 "LightScribeService"=2 "WinPPPoverEthernet"=2 "PnkBstrA"=2 C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\DOCUME~1\kkasiaka\USTAWI~1\Temp\0.685406087870099.exe"="C:\DOCUME~1\kkasiaka\USTAWI~1\Temp\0.685406087870099.exe:*:Enabled:ldrsoft" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======File associations====== .scr - open - "C:\WINDOWS\system32\notepad.exe" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-12-04 13:10:39 ----D---- C:\rsit 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\wpcap.dll 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\Packet.dll 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\drivers\npf.sys 2010-11-16 20:11:09 ----D---- C:\WINDOWS\Minidump 2010-11-16 19:35:04 ----A---- C:\WINDOWS\system32\qtplugin.exe ======List of files/folders modified in the last 1 months====== 2010-12-04 13:10:51 ----D---- C:\WINDOWS\Prefetch 2010-12-04 13:10:51 ----D---- C:\Program Files\Trend Micro 2010-12-04 12:40:50 ----D---- C:\WINDOWS\Temp 2010-12-04 12:28:57 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-04 12:21:59 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-04 11:57:19 ----D---- C:\movies 2010-11-30 21:32:25 ----D---- C:\WINDOWS\system32\drivers 2010-11-30 21:32:25 ----D---- C:\WINDOWS\system32 2010-11-19 21:19:34 ----D---- C:\WINDOWS 2010-11-16 17:21:45 ----D---- C:\Program Files 2010-11-08 21:12:56 ----SHD---- C:\WINDOWS\Installer 2010-11-08 21:12:56 ----HD---- C:\Config.Msi ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-05 691696] R0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys [2008-11-17 51688] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2010-06-29 9341] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys [] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-15 353672] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-12 21425] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS [] R2 s24trans;Transport WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\Wibukey.sys [2004-08-18 67584] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-07-25 1161888] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 NETw4x32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-07-25 90880] R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2004-08-03 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-07-25 209312] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-07-25 290304] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 usbvideo;Chicony USB 2.0 Camera; C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] R3 UVCFTR;UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776] S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [1999-04-22 73216] S3 a1s7detq;a1s7detq; C:\WINDOWS\system32\drivers\a1s7detq.sys [] S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-07-25 101874] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 sffdisk;Sterownik SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-03 11136] S3 sffp_sd;Sterownik SFF Storage Protocol Driver dla SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-03 10240] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944] S3 WRSWanDD;WinPoET PPPoE Adapter; C:\WINDOWS\system32\DRIVERS\WrKPoETNic2000.sys [2007-07-04 65604] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-07-25 9216] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-12-16 85096] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2009-03-23 54784] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-06 643072] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2010-07-06 711352] R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2010-07-06 711352] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-18 152984] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-02-16 143426] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-06 327680] R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-03-06 983040] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 ZNLSvc;Zeon License Service; C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe [2008-09-08 186200] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-17 72704] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-31 1045256] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-15 2402184] S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-06 66872] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.08 2010-12-04 13:10:52 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 001Micron Memory Card Recovery(Demo) 5.8.4.1-->C:\WINDOWS\UnDeploy.exe "C:\Program Files\001Micron Memory Card Recovery(Demo)\Deploy.log" 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} 3ds max 6 Architectural Materials-->MsiExec.exe /I{DD8C1183-6548-4A43-B9E5-CD0E970751E4} 3ds max 6 Reference Files-->MsiExec.exe /I{BC14A1F6-0511-4360-8351-FB7964979317} 3ds max 6 Sample Files-->MsiExec.exe /I{EC63CD9C-676B-4384-A280-378842B99DCA} 3ds max 6-->MsiExec.exe /I{69E6A869-8B59-4619-A9E9-58DDFA7C05B8} 7-Zip 3.13-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\7-zip.inf,SevenZip.Uninstall Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2} Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C} Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE} Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1 Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\678cd98c8365a5647f9a2e539d120a8\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{78EFD06D-7583-42F1-9E77-671D8782EB70} Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7646-A70000000000} Adobe Reader Multimedia Package-->MsiExec.exe /I{AC76BA86-7AD7-EF45-47A7-7E8A45000002} Adobe Setup-->MsiExec.exe /I{CBF4DADD-974D-49C8-BC83-C6F31554001E} Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Aktualizacja dla systemu Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Aktualizacja dla systemu Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe" -l0x15 AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" AusLogics Registry Defrag-->"C:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe" AutoCAD 2008 - English-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-0409-0002-0060B0CE6BBA} /M ACAD AutoCAD Architecture 2011 - English-->C:\Program Files\Autodesk\AutoCAD Architecture 2011\Setup\Setup.exe /P {5783F2D7-9004-0409-0002-0060B0CE6BBA} /M ACAD /language en-US AutoCAD Architecture 2011 - English-->C:\Program Files\Autodesk\AutoCAD Architecture 2011\Setup\Setup.exe /P {5783F2D7-9004-0409-0002-0060B0CE6BBA} /M ACAD /language en-US Autodesk Design Review 2011-->C:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {8D20B4D7-3422-4099-9332-39F27E617A6F} /M ADR Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832} Autodesk Material Library 2011 Medium Image library-->MsiExec.exe /I{975951E7-14D0-49AF-A630-89680D12D7F6} Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40} Autodesk Revit Architecture 2010-->Msiexec.exe /uninstall {572FBF5D-3BAA-42FF-A468-A54C2C0A17C3} /qb Autodesk Revit Architecture 2010-->MsiExec.exe /X{572FBF5D-3BAA-42FF-A468-A54C2C0A17C3} Autodesk Revit Architecture 2011-->C:\Program Files\Autodesk\Revit Architecture 2011\Program\Setup\Setup.exe /P {4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} /M REVIT /language en-US Autodesk Revit Architecture 2011-->MsiExec.exe /X{4AF99FCA-1D0C-4D5A-9BFE-0D4376A52B23} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe" AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0015 CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" character studio 4.2-->MsiExec.exe /I{3191ADFC-5BA3-474D-BCBA-1B5615ABFFC1} Codec 8.2 build 4-->"C:\Program Files\Codec\Uninstall\unins000.exe" DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe DocuCom PDF Gold 9.51-->MsiExec.exe /I{A9765BD7-9A75-43BA-ACC8-AA91199A88C1} FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe" Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe" Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\WINDOWS\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\WINDOWS\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\WINDOWS\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\WINDOWS\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\WINDOWS\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT="" HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{706BB40A-4102-4c89-8107-DC68C4EBD19B}\setup\hpzscr01.exe -datfile hposcr14.dat HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7} HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} iolo technologies' Search and Recover-->"C:\Program Files\iolo\Search and Recover\unins000.exe" Java 2 Runtime Environment, SE v1.4.2_04-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142040} Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} jv16 PowerTools 1.3-->"C:\Program Files\jv16 PowerTools\unins000.exe" Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe Last.fm 1.5.4.24567-->"C:\Program Files\Last.fm\unins000.exe" mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49} mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 — pakiet języka polskiego-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PLK\install.exe Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729-->MsiExec.exe /X{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64} Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729-->MsiExec.exe /X{14866AAD-1F23-39AC-A62B-7091ED1ADE64} Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729-->MsiExec.exe /X{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D} Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729-->MsiExec.exe /X{4B90093A-5D9C-3956-8ABB-95848BE6EFAD} Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} Microsoft Visual Studio Tools for Applications 2.0 Runtime-->MsiExec.exe /X{299C0434-4F4E-341F-A916-4E07AEB35E79} mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} NapiProjekt 1.0.6.9-->"C:\Program Files\NAPI-PROJEKT\unins000.exe" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI Odkurzacz 11.3-->"C:\Program Files\Odkurzacz\unins001.exe" OpenOffice.org 3.2-->MsiExec.exe /I{58B785A2-D2CA-40AA-AE89-FCC49326CDC4} Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620} Oprogramowanie Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Poprawka dla systemu Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Poprawka systemu Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Poprawka systemu Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Program TOSHIBA Hotkey Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1045 Real Alternative 1.60-->"E:\Program Files\Real Alternative\unins000.exe" REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x0015 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15 -removeonly Revit Architecture 2009 (AutoCAD Suite)-->MsiExec.exe /X{A3A37DA6-70C0-497C-BCB1-148E9EC1D32E} SafeCast Shared Components-->C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall Scientific-Atlanta WebSTAR 2000 series Cable Modem-->UNDPX2A.EXE Sentinel System Driver-->C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q Settlers III - Złota Edycja-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB2C9753-33AD-4F09-AA16-27C7F39BAF1F}\Setup.exe" -l0x15 Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Sprzęt instalacyjny TOSHIBA-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1045 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Startup Delayer v2.3 (build 130)-->C:\Program Files\r2 Studios\Startup Delayer\Uninstall.exe Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall System Tool2011-->C:\Documents and Settings\kkasiaka\Menu Start\Programy\System Tool\System Tool 2011.lnk Testy B 2007-->"C:\Program Files\Grupa IMAGE\Testy B 2007\unins000.exe" Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409 Torchlight-->MsiExec.exe /I{4F64A46D-67F7-4497-AEA2-313D4305A5F6} TOSHIBA Hasło administratora-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1045 TOSHIBA PC Diagnostic Tool-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{2C38F661-26B7-445D-B87D-B53FE2D3BD42} TOSHIBA Software Modem-->Tosmreg -U Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE} VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6} Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\WINDOWS\system32\msiexec.exe /x {04B34E21-5BEE-3D2B-8D3D-E3E80D253F64} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\WINDOWS\system32\msiexec.exe /x {14866AAD-1F23-39AC-A62B-7091ED1ADE64} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\WINDOWS\system32\msiexec.exe /x {4B90093A-5D9C-3956-8ABB-95848BE6EFAD} /qb+ REBOOTPROMPT="" Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177-->C:\WINDOWS\system32\msiexec.exe /x {B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D} /qb+ REBOOTPROMPT="" WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161} Winamp-->"E:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe XP Codec Pack-->E:\Program Files\XP Codec Pack\Uninstall.exe ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Hosts File====== 127.0.0.1 localhost 127.0.0.1 005.free-counter.co.uk 127.0.0.1 006.free-counter.co.uk 127.0.0.1 007.free-counter.co.uk 127.0.0.1 007guard.com 127.0.0.1 008.free-counter.co.uk 127.0.0.1 00fun.com 127.0.0.1 00hq.com 127.0.0.1 00inkjets.com 127.0.0.1 00pro.com ======System event log====== Computer Name: KASIOWY Event Code: 7035 Message: Do usługi Karta wydajności WMI został pomyślnie wysłany kod sterowania uruchom. Record Number: 82209 Source Name: Service Control Manager Time Written: 20101007105121.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KASIOWY Event Code: 7036 Message: Usługa hpqcxs08 weszła w stan uruchomienia. Record Number: 82208 Source Name: Service Control Manager Time Written: 20101007105121.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 7036 Message: Usługa avast! Web Scanner weszła w stan uruchomienia. Record Number: 82207 Source Name: Service Control Manager Time Written: 20101007105121.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 7036 Message: Usługa Rozpoznawanie lokalizacji w sieci (NLA) weszła w stan uruchomienia. Record Number: 82206 Source Name: Service Control Manager Time Written: 20101007105121.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 7035 Message: Do usługi Rozpoznawanie lokalizacji w sieci (NLA) został pomyślnie wysłany kod sterowania uruchom. Record Number: 82205 Source Name: Service Control Manager Time Written: 20101007105121.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM =====Application event log===== Computer Name: KASIOWY Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 12876 Source Name: SecurityCenter Time Written: 20100429224627.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 0 Message: Record Number: 12875 Source Name: RegSrvc Time Written: 20100429224627.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 0 Message: Record Number: 12874 Source Name: hpqddsvc Time Written: 20100429224627.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 0 Message: Record Number: 12873 Source Name: EvtEng Time Written: 20100429224627.000000+120 Event Type: informacje User: Computer Name: KASIOWY Event Code: 0 Message: Record Number: 12872 Source Name: hpqcxs08 Time Written: 20100428222541.000000+120 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\backburner 2\;C:\Program Files\Common Files\Adobe\AGL "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel "PROCESSOR_REVISION"=0e0c "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "tvdumpflags"=8 -----------------EOF----------------- [/log]
Tomek01 komentarz 4 grudnia 2010 komentarz 4 grudnia 2010 Olbrzymie rozrośnięty plik Hosts z pewnością spowalnia Twój system. Otwierasz notatnik, wklepujesz C:\windows\System32\drivers\etc\Hosts - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem ! Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL PRC - [2010-11-16 19:35:03 | 001,438,720 | ---- | M] () -- C:\WINDOWS\system32\qtplugin.exe PRC - [2010-07-06 18:12:46 | 000,073,728 | -HS- | M] (Mbgjhn) -- C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe SRV - File not found [Disabled | Stopped] -- -- (Aspddhmudadn) SRV - File not found [On_Demand | Stopped] -- -- (Aetbccdercss) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [RegistryMonitor1] C:\WINDOWS\system32\qtplugin.exe () O4 - HKLM..\Run: [sniffer] C:\WINDOWS\Temp\_ex-08.exe () O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\Run: [download] C:\Documents and Settings\kkasiaka\Dane aplikacji\download2\svcnost.exe File not found O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\RunOnce: [16031505] C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\16031505.exe (Корпорация Майкрософт) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: RTHDBPL = C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc\lsass.exe (Mbgjhn) O20 - HKU\S-1-5-21-842925246-706699826-839522115-1003 Winlogon: Shell - (C:\Documents and Settings\kkasiaka\Dane aplikacji\hotfix.exe) - C:\Documents and Settings\kkasiaka\Dane aplikacji\hotfix.exe File not found O29 - HKLM SecurityProviders - (digiwet.dll) - C:\WINDOWS\System32\digiwet.dll () O32 - AutoRun File - [2008-09-20 19:20:46 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:47 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:48 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{1e8079ea-55f3-11de-a57c-001b3846fc38}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{1e8079ea-55f3-11de-a57c-001b3846fc38}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{3fa491cc-31dd-11df-a785-001b3846fc38}\Shell - "" = AutoRun O33 - MountPoints2\{4113e362-7ef6-11df-a80d-001b3846fc38}\Shell - "" = Autorun O33 - MountPoints2\{4113e362-7ef6-11df-a80d-001b3846fc38}\Shell\AutoRun\command - "" = H:\Install_Nokia_Ovi_Suite.exe -- File not found O33 - MountPoints2\{548e4450-7ab2-11df-a805-001b3846fc38}\Shell - "" = Autorun O33 - MountPoints2\{548e4450-7ab2-11df-a805-001b3846fc38}\Shell\AutoRun\command - "" = H:\Install_Nokia_Ovi_Suite.exe -- File not found O33 - MountPoints2\{5980a2a2-ade9-11de-a661-001b3846fc38}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{5980a2a2-ade9-11de-a661-001b3846fc38}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe -- File not found O33 - MountPoints2\{774f429a-2227-11df-a767-001b3846fc38}\Shell - "" = AutoRun O33 - MountPoints2\{774f429a-2227-11df-a767-001b3846fc38}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{847be673-beef-11dd-a3a5-001cea78e71c}\Shell\PRM\command - "" = Thumbs.exe -start O33 - MountPoints2\{e437e7f6-a182-11df-a84c-001b3846fc38}\Shell\AutoRun\command - "" = RECYCLER\autorun.exe O33 - MountPoints2\{e437e7f6-a182-11df-a84c-001b3846fc38}\Shell\open\command - "" = RECYCLER\autorun.exe O33 - MountPoints2\{fb89345f-795c-11de-a5c3-001b3846fc38}\Shell\AutoRun\command - "" = G:\cv8j.exe -- File not found O33 - MountPoints2\{fb89345f-795c-11de-a5c3-001b3846fc38}\Shell\open\Command - "" = G:\cv8j.exe -- File not found @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7311BB85 :Files C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\16031505.exe C:\WINDOWS\System32\qtplugin.exe C:\Documents and Settings\kkasiaka\Dane aplikacji\desktop.ini C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini C:\Documents and Settings\kkasiaka\Dane aplikacji\SystemProc C:\Documents and Settings\kkasiaka\Dane aplikacji\download2\svcnost.exe C:\WINDOWS\Temp\_ex-08.exe :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {32099AAC-C132-4136-9E9A-4E364A424E17}=- {3041d03e-fd4b-44e0-b742-2d9b88305f98}=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RegistryMonitor1"=- "sniffer"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "RTHDBPL"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "download"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "16031505"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-winpoet-service] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\DOCUME~1\kkasiaka\USTAWI~1\Temp\0.685406087870099.exe"=- :Services Mbgjhn RegistryMonitor1 sniffer 16031505 :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
majka07 komentarz 10 grudnia 2010 Autor komentarz 10 grudnia 2010 (edytowane) dziekuje za pomoc źle zrozumiałam początkową część, ponieważ po wpisaniu w notatnik i naciśnięciu enter nic się nie stało. logi z usuwania [log]Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\53342f745,c2tpbjptYWdhenlueV9jb21tb25z,bWFpbjptYWdhenlueS9zdHlsZV9jb21tb25zX3ByZTptYWdhenlueS9zdHlsZV90YWJzOm1hZ2F6eW55L3N0eWxlX2NvbW1vbnNfcG9zdA%3D%3D,mag_polec,0,style[1].css not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\7CALCFDBPCATAZDW3CAOLGZ9VCAUSRLMDCA31K0B7CAZ2X9JXCA98NUVPCAUAFWKVCA3CN8N4CASG6B1FCAMIXEB7CATABI4QCAL3BXJNCA5UE78ACAA78E6DCANISR62CAENWUESCACO69DQCAD8ODA7CAOA18PLCASU30HO.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\8CAYVGSKSCAIXQP40CAJGKJF0CABM213QCAR9JP1FCA6TSOM3CAJ7IIYCCANCM0N3CAXL6OMYCA7I4HQ2CAKNJYSMCAATHBB0CAYPIAUMCAY1IA9QCA3WQRUGCAAUPF38CATP232GCARU6KVVCAARRBW4CARN0AM9CA0L633C.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\9CAEIHY3UCAQXVUXNCAC15LPQCA9XDFI2CAOGRA1RCAL712Y3CA4J8PMKCAL9X8OUCAH6EKBFCAK0Q03ACA22SCZ6CAFVV3L3CAVBTLHZCAA97V9JCATR87I8CAJH8VLACA91QTMICAMK4SWHCA8MM506CAX3U8CGCAIMRIQF.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\BCAH2TVG1CAV22O68CAT351U0CA5V960LCAOE4IBXCAWB6MBOCAKH7SYVCAWN6I9YCAAJDW8SCA7IXF35CAE3Y63ACA6A2HEWCAECKSY3CAUTARRCCALQ2YOJCACYGC8QCACAZT7HCAV0CHQ2CA9DRDKLCA55HILYCAQZDBIQ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\BCASG7GMACAB1ZXL6CAKDLOLRCALL2D6QCAQ8D7I8CARB1HRECA9HHLSTCAOO38IUCAAW36RICAG162NRCAQXRO68CAN5KUXDCA2172TWCADJ26A6CAV3RIDECA86YWIZCA4FY5C7CAVJ72D2CAC84661CAE0508GCATMJ92W.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\CCAJ5U4O8CA4TB7WDCAGET3SYCAXEUMVRCAM7AVHKCAZ3F4KUCAFP07H5CAHOPXKJCAU0DAGKCAZULW0YCAT6MGX6CAGQCJK7CA1QZ54VCAGPNGHICASXV2DICAFXUEWACA6U9H5FCAB6SP7RCAI02QS7CAU2FTWHCASPU1LD.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\DCABV1M2YCAVYJ9A4CAHHRYIPCA0YUBC5CATK464ECA0PA3X5CAHK5L71CA2EMV3PCA1K4FRMCAUBLLDDCA1SX528CADUNNRJCAHHF6JNCAAB1PD6CAMXY6E1CA4YDHPHCAPSGEFUCA2SV3B1CA6Q1NUOCAHBI5QJCA5Q2MNQ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\ECAZDSH08CAQ6NWHBCANH4480CAOUU2HWCAD9LKVTCA5O72LMCA1098SACAP9FPI5CAU09BY4CAI0MES4CAZFJ3J9CAFVEXDUCAKEIN9ZCAL3R9IECASS1VEYCA6KWYKUCAX7JRVTCAJA8IIACAY1BV2ECA3IJ5WVCAU2P4YH.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\GCAF264H9CAAXHCEQCA4KK7CFCA4TMDF1CA1DRFLNCA3JP40VCARN8FZBCA6JT49QCAKMHNB8CAHQM685CA6SL5HRCAXY2M65CAS9SR3RCALFTGUDCAKWFQJ5CAS6GB7CCA9N0X4KCA3957IPCADDU5NXCAON7FD2CAA040OB.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\GCAS2HG2GCACI2FRMCAELT3KQCAHGKWSYCA9XL634CAJJG9O3CA8CFSR3CAUB8OZ4CA0OC4MRCAPV5WEVCAI81251CAU2R5O8CA5U17ZUCAFLWQQMCAE8D8EFCAEWXJZBCALUJ7EMCA7C09N8CAIZYDPQCAFBQQYBCAMMBG4W.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\JCAZP8L2KCA7HFW45CA9RHFGCCAU8N624CATERMD7CAFN6MEHCAKXQ6R2CAH3EUBWCANZVTM7CAJH5JAECANWNG6NCA0GGO7RCAVPLA1ZCAW9P0I2CAA9JYHZCATT54J4CAQC1O33CA4QRPTCCAMJSJQ6CAC7DXLYCARZF47A.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\LCAEDV310CAD94ZUUCA0YS5KDCA93QZF9CAHGSF4ICALV50B0CACGBQQPCAR55WZ8CAB9J9OPCAH1YFKECA4XFX9ICAOMDK91CA4J6ASRCAWF7H6NCAACM5RNCA3L11P0CA290QMHCAUBD1GLCAI1ZMC9CAQAJIIBCA4W7KUT.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\MCAGBCMGZCAAVXG3VCAC1IVS2CAKX8J8YCA84ATU1CAE1P1OJCAT28V7OCA10OARCCAB62KX6CA77KIDPCAHF4O3BCAPDCDPXCA31JOBVCAFAERUTCAV1FML9CA2V1LBOCA9KOCZ2CAPYQ7QQCATIDR7HCADUZ9QQCAGOCCH3.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\MCAIJDGMUCAE83KSUCATJQ093CAW17JRHCABEYALKCAQ1VM2SCAE7I9ZNCA3T739OCAELYTKNCA5E3R3ACACHD90MCAAHUGHTCAE3LYQ9CAARRVIYCAA4O8QZCA2Q53XMCAX31YUSCABUC57QCAWBCZ2MCAPAZHFHCA2L1DNW.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\NCAAZ013PCAVQOF3NCAAFH9BJCABXDGL4CA8VHLODCAR3MHNNCA3UX5N4CAQ24A01CAYHCR4PCA4OVB4DCAQXPAI3CA82YJLUCA6HE1G0CAZPWLMGCAEAAAQ0CALF0QQNCARYGYXLCAH3EWTKCA5NKI8XCAXAZR81CA2TLA2R.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\NCAGCGOZ3CAVV5GDNCAU0T4UGCATBTO53CABVCTNBCA9QRTUNCAYO3MZKCAGJOC05CA4R45G6CARP7EHCCAALQA69CA70GD5LCAQBSR1QCAT9I9F8CA9JVYAXCAIX9YGSCA6IVTT0CAH5VVH2CALCB528CA3I85LFCAQYIK8G.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\OCA23TN8XCAXA0P1UCA32D6BCCADH2Q5QCAMCCKXLCAM0V6ZVCAQRE6SPCA2W9R68CA8Y6Q3ACASA3DH9CAQV1JL6CASMOCWSCADL8LOXCAHFNO6ACAU29EYMCAEY1QH2CA2D6ECYCADC8H7BCACK8EKACAU07VGOCA8381S1.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\YVCLAOQZ\TCAT876UWCAZ6GQOHCADK85OHCA3DHMN9CANOHKD6CAK3GGXLCAH6ANR7CA5TKY1DCAWMQ0C4CA5GTAGICA21TL8SCA7IQXJUCA2R2YYMCA61D8WHCA058VY7CAUOTN9DCA0SPEV4CAUVHN8LCAJESAVBCAMHI8M6CAP835YP.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\0CA3QP41GCAGKL6TJCA1L6O0BCASE9HTRCA101NU7CAX8NYOQCACX8P0TCATV6N13CA7N3Q55CASIXRNUCASS4FIKCAUGU7P9CADS7OUUCAV39KNFCA29XEMKCAIHSPCACAVJ4GV1CAR4NEZ1CAT18NMLCAYDXHS0CALXZKE3.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\1CA05DY2FCAWQ0F7MCAD23UCXCAZF4QNBCA74F1IYCA42MJJDCARO2SATCAPJ44PGCA3CZO7FCAG78ZY9CALI28JYCAYQL13ZCAE8H411CAIDKCJ4CAUCP3LJCA5UA41ZCAU1M3H1CAEG25VBCAICPHBDCAT9VSN0CAG5RQV0.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\1CACUR0TSCA8CUID2CANA4H7UCA22D5W0CAW72JVQCAE0SVGQCA6QYG80CAYGL284CAFVE0BRCAEDWD79CA65H1ASCAR1KCBCCAUVN8DTCAGD0XYQCA8R0GAYCAHHGWZNCARSQ9IVCATNZ339CASX759UCAR661DECAXSJZXP.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\2CAPKLU08CA3J0U2WCALHCPVMCASPPVFNCA2R2VEMCAIT9BOTCAT9K7PRCAXC729WCASJ2DCXCAJVAEY8CAR7S49KCAZFA6FDCALOE76QCARNBJHSCA8RFCGNCAWMZLSZCA5YQ3NECA8FDG9TCAVFX0YRCA33HJ1NCA0BSXE1.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\4CADAJQ2VCA8OSK4VCA1WXJ7JCAWKZK54CA5DRM35CAZPJ6A1CAJ0R671CA3K4WENCAM4PVTACATN341VCAJMI0EVCAU0B0O4CAZPXCM0CAEK2CKJCACCYZ94CALBY1OSCAA1IIILCA2B9WB1CA5CVUMGCA4VLMGFCACV0PAW.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\6CAGUZ5OMCATYH1CRCAVCZ0D3CAPZR0J8CAVFU2X9CAFMFO0GCAZTOAJOCAIXZIPKCAAIX01NCAFV8ZELCASML1H5CAOCJ87GCAUNZU28CAE3QXP9CA9ESLF6CAUU1264CA0NNUOACAUK63SCCA0ZG2O0CA84CHQMCA1WZFCB.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\7CAG4Z13DCAEWJWTYCA2TW799CA93J782CASS1GWOCALTBZTZCAK6FAUMCAIFE6BVCATF9WXVCAKKWBMCCAVR8MMDCA6DABKPCABSTZS5CABKTKO6CATGS4KVCA3291GYCAIQS79NCA2IYXLDCARG1CBICARWKRZGCA3ZK9TM.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\7CANOS8WWCAG1198WCAI1NK1RCAWXS6VHCAAS62KOCA1PUPOMCASUY9X1CABA8V7WCATFMS76CA3AXC1VCA1VJIB3CA4NMM56CAUALYAYCA155D9VCAHIN61VCA9ETGMFCALEJ76CCA35SQQGCAWNF14VCAUY1XO1CA093KQ7.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\9CACIRI5ECAOCCPULCADPYPI2CAV3ETLVCA1Z3K7BCAJ58TA0CAOMNME0CAXKOJFLCAEC1Z35CA6G9U6ACAQTM7ZPCAKNQ2U8CAJM2ELQCAIYMTGBCACCJN50CAIZAWFJCA0SVFGNCACV2QW0CAWI6DM2CAMYI66ECAUZY8TJ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\BCAZAAQ3HCAAIGOE9CAA3R4P0CA2XBCQACAKDAE5LCADM5PVXCAVAJEYRCAZ7BZ8UCAE8H89KCA2D2IWKCA3PLJYPCANSQ8PQCA8697RNCAISGKFUCAQ3ORRACA4G3V3CCA263HCYCAV7LPDXCA1CZ759CA7UMIZNCA8P9RWA.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\FCAFGSO8ECALC6AMXCAIQWHOSCARY8R07CAOPZICMCAAIK0BYCANTW6F9CAD7YJTYCARPRHA0CARS2RZICAIC8AAZCAQEYQNCCAW2JC1HCAKEMZYZCAFV5ZCGCA98MALJCAE102LMCAFS7W15CA3UKYIJCA4GS8D0CA0C3NSQ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\JCA19LWXBCA2MPO0VCA259J5NCA4GROGMCADHWZK9CA1VEQJBCA9IKZ5RCA0XELT6CAGQ6D10CA5MK3P0CA6J0UEBCA4OBYUNCAV0TE98CAC2J42RCACUU1W9CAWU8KPSCA0MK2K7CA89720JCADQMDYPCA2ZZRK8CAZ440HT.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\KCAZUJKPECAUSVQR2CAT0D1B7CAKW2L0GCAJ53U5DCAF0TR26CA9N2RXFCAKPPNH4CA84XF2ACA24RZGGCANFP6QNCAAO5V4DCA70JO9XCAAMLFQ2CA74MLLQCAUQL077CAH0BSW3CAGO8PXACADB5IXJCA6H5Q5OCA8NI95Y.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\NpWYnRw5-Xx7BO6h5UAC9IaBs_AUSlhQamBMn8zayFe7Lr5iiWj8LBljc7tsubiCPf-pdip-B1k8We7_gYz6S9aUogBIyfKXuFjO4bCZz7-CYI9YLEYIpPZfZ2HfTqn7WK3oEbe7zBnK9FyKJuDOqaP5AhothzM7[1].png not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\QCA4GTM82CAD2AALPCADC5NWVCAI08ZRMCAZE67NGCA7NNTIHCAYEP5U9CASFHO3XCA4316QZCA3EO4Q1CAD05QJ1CAUNMK97CAYREK5DCAZ03IMGCA80XSH0CAFVG5OJCAIHLHSECAS9X2NSCAPEEH7FCALF62ZYCA6FFMEC.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\TCA9O8PIGCAT3Y3IDCAXZWGY4CAQDDOXOCA0TDLMTCA598ZZ9CAPAFPFMCABTQQAZCANH13R6CA4RHM9CCASGOB9UCAM4XBZ6CAF1AJ0ICAYYGCFBCAUSZD1ICA6Q6HQBCAUF6ZP6CAOSJGKFCAEGMTSICAH8H93NCAG666AH.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\VCAIPUDDPCAYQVPW9CATQTRDPCAKHU3DDCAE6OJWKCAD85JSNCAX5B5QFCAJ643C9CA8ED1AACACM4TD5CAGQBQ2XCAGQ5YKRCARMZ4ZDCAMQFIO7CA5KLEVNCAMJ2S9PCAWY9FY1CA9PSJHGCAY9YYPGCAKIL7Z1CAFOFTVZ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\XCA4FE7GICAVTK8WXCA54XEY7CAPBRZOGCAIGTMD8CA46SM3DCA1ZCX2ZCA8VQ1VWCA0VJPH2CAAM33W2CAJ8XGZYCA2ZWPKDCACWHM2JCA04V1FOCAVLIYBQCA7AU9VVCAHR4DSKCAU1C27NCAF69XFOCA2HL228CAX7N8O2.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\YCA3LW4FZCA9CQ358CA2CMJTGCA9EA3QZCA21JQ8DCAFT0W85CAEYF5BRCA0C8MNGCAGAIAE1CA2SS8J7CAG1IF8MCAT5CM93CARSXT0RCARAIZ1BCACDV6IECAW281RXCA7SEI74CAGPVYNFCARDOSJUCAS1ISNTCAMN7WHH.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\YCAEKYQXTCARYQ0TKCAUBZ7F4CAJUW974CA1TGCQVCANY2DT0CA0H0DBKCAWXLY9XCAZ4WDBHCAC52EOGCA0MAOD6CA3U415WCA74DOY3CABT5B1TCAKW2MW9CAKK9T7PCAM11Q2ACAOR42I3CASGL7QNCAIUOCS3CAMM548S.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\ZCABVHCY3CACJHZF1CA4TVMLDCAOY2Y60CAI3MBUZCAWT5VXRCAU8G7YDCAX795IYCAXEEV0RCA2GVC0GCAFA73GXCATBX80QCA2MQCCJCAOLY6YGCAV57Y96CA1S32YWCADHJIPUCAQ13I9KCA8PN95FCAU432IXCA1B9L47.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\ZCAHKR9WCCAL8AI6QCA703G0SCA0PSQRQCA0DLC3ZCAM3ZOICCA0QBGINCA753OVUCA7DR2QNCAWMHJUNCAFO69JLCAWNAZ2KCASBUV8MCAH9JW5GCAVIHKEQCAJL1VW5CA4NETBQCA23099VCAWSG67ACAOONX8SCAD4Z39H.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\ZCAJN5FB7CA5IUDG6CAXNNIHICAOB4DXMCAC2WEH8CAU4SJXKCAOH7QDDCAC6GHCFCAT13VZICAGTNUTICALP14PBCAZ2INW5CAFGC9CPCASSHIC6CA4BQ3NHCASZ45RXCAR0WOSBCA2K7V84CAJVSRG4CA7440IUCASZWM3R.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\ZCAPPSXSPCAW1M914CACJCY26CAZ05O1QCA142ACOCATWOH9LCAY04H5RCA04CBI1CAKBK7QXCAJDSVDJCA5WLC8DCAQ7IY56CAU40LQ4CAOMPLV6CAY6DQMWCAVHV3J3CAJMGIS0CAS8V8XCCAQZH3H1CA1H382LCAW0JB54.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\LSZSGB5S\ZCAY4FMGPCA9HYCCCCA12BWCSCA0YE78RCAEBT0GWCA95PP5KCA73ANE6CA2ARQO8CAWKOWDACA94N2C6CAMEOS4LCAI19WVZCAN1VEVFCAB044T9CANG7C4UCAQCUV2TCA20UW0ZCA0J3VVBCAKUK5MNCAGNXP4SCAHBVJXM.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\1CAHESHO7CA9ZEJ5YCA1P5XLNCA3PM82BCAKA9ET7CAF3SUSZCAE3QGW7CAXUIBTOCA91W88DCA004A1JCAZ6L48UCAHVXS6LCADXVAGDCAW8L0Y9CACBHXBUCAAA1CQOCAZHE9DXCAE5G3RACAZ1M6FYCAQRXRN2CAGNTVUN.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\3CAMDFJMQCA25DE4OCAVHDG9ECA5N4X9PCA1NEEFPCA5E4N91CAEAUIB7CAAIWPI8CAIL30XGCAXDPJCTCA9RXN1YCACE6MYJCANPC6AVCAONF0KRCAUVD9WNCA1PJZV6CAJ6SY23CAUKJLSICA2QYOP0CACQ1IP5CAG32ZKK.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\4CASWD56UCA1LRJ3PCANTPPXBCAIK3RC2CAWG5NDOCA2T014FCAJJ5I5GCA4LP1XDCAMKGDSYCA56Y643CATBSY73CAZFBPQ7CAWKSF8WCAIAN6DJCAQ5U1CACAPBY3ZLCAC8TEQ3CAFCX86LCAT8AUBCCAEX1VESCAI3VKF9.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\4CAVEC0RMCADIRGF9CAMUCR2DCA4I5H3FCA14ZNLDCAFBJXG6CA3GSBSNCAVGKJUKCA1OPEM4CAZRZ4EFCA12B671CAKGL5SXCA4O40QTCA6WRBUGCA1IYKNCCA1U0VRICAZGEL2BCAZ9B7AWCAVXGFCUCAVY4P62CAOB2EHR.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\5CADDJJHQCAUYVSOFCAQAKXC8CA6VYN6ACANR98E9CA6M70F2CA7ZCURKCAO3J2SRCARGODRJCAANH3Y1CAD21D43CAFWGOJKCAKHHS3MCASTPZY0CA8XOR6GCAPIHUUGCAGG4E3XCAV5UQWOCAXV3PXDCA76GEPPCALX2RGH.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\5CALXASOFCAS0YQ2YCAL42JQ0CA6QRYVNCAMFU7L1CAD93FMYCAX5QJAECAM6MZXFCAHQURFECA4NOWQVCA2ZO03ZCANH4E20CAI432JKCA68H1B6CA7WH2ZECA62IGYQCARF0S2HCAMOAR6DCAOEAAJGCAE5XQTCCAFP2XQZ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\6CALTMP2TCA7YZ4VBCACU067UCARF31ECCAXACJBBCA1O6UJGCAY0V3NLCA4HA8OACAXA98Z5CA4EXPNSCA29FL3ICAV0Q61XCAKPHA16CAJG5TW3CAPR7BU0CAWHARRNCA7M0XYWCA7J5DZECAUNQNIRCAIP2W0UCA7MJ94S.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\7CAAY6160CAU6CB8JCAR8BRUFCAV207YTCA176W1VCA17Y0BMCAK27ME5CAY1K0EUCASZ3J3NCAVFN2QWCAG3VNXSCAGZ5W64CARJU7RWCAOJ427OCAW9ZQVVCAH0Z2EICARLS9TRCAM6YWMXCAR2XPEMCAXYR08ZCAIS8VW4.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\8CASRGD5RCA2370PTCAT3GGA2CAD7XW2ACAX8WQ30CA17Z8OOCAQXMTDECALOJPWVCA97R338CAN41C0SCA32FSUBCAWYPR9FCAGGL1GOCAAKWEEBCASFR7H0CAH30BKXCAG9AXS6CAV9LPN0CAW70DQ1CAPOL96XCAYLSUZ1.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\AWyzc4jKHhZuvlPru7IIBiSSMkvvk0Kf4JLmXiHgFouJl2Ki9tCf49-ZTjM4NDbIrMCx9onEbhBDk4YcJ7qjziqfYWvM26m9FkQRxsGzVddYOX1Iifq8u4eMq9IcylS0gpMFAJQ_XRlLgo4IxCyvRciibgzqmhKQ5A7_LeGA[1].png not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\BCA7GWTQICA6XO9XNCAH5WLPXCA50EDG6CAE9QOO1CAHHRS4KCAG0VPUDCAD7KB0UCAR37R40CAZ3C89JCAYIBJ4CCAB812MNCAU6YWWCCAE0QD6UCA9I5RZGCAGKCZEFCAXO7J5DCA73YKHWCAUH3HB2CAWQ278FCA6G5FIK.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\BCAFLSXLBCAGNXPEPCAH9H1IVCA80DILGCASKZKMMCAM6BWXSCANAX3KFCAW64UZQCAZ4VKLKCA6M1XYVCAKJ6DODCAHWPR9TCAT15U0PCAHQTGYSCAZBNOXJCAYN1KY5CA23CB7HCALJPT7VCAS45E2TCATZBUDTCA1KCKSS.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\BCAVCPBNBCADF7I2JCAXV2ZP3CAALN75ECAR89FMXCAEY0OT8CAHDJ942CAS9E2F3CAED33SWCAQYAKUECADA0JHACAPQ5D0FCAEG2WQWCASMPND0CAB08B23CAQIWGISCASP7X3HCAGAKZKVCAB9MHW7CAIYPDCKCA1XTUD3.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\CCA3MHI3ACAXEW2FYCABYH3AWCA3CHIIOCA37O5M7CAPCVQE2CAUMAKZ4CAW3RS0CCAMLSERYCA0R0V57CAZBR1J8CA7UWFT0CASKLQHJCAM3CYLHCAHRREOUCAOY0M87CA1KHYGOCAZ9W9GVCAJX3I8GCAR4H3NBCA0WZKC8.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\CCAQXTIMBCALEL8A0CAK228PACA6WDC6TCAH1XB71CAX378WVCAHFNOH2CABTMU61CA752JODCAVFWVOTCANKHYXRCAEJ8V6UCAI08FEDCAELIRS3CARFN5TRCASCEM91CAPLI2DNCAIA28K5CA0POWLKCAIHVUYTCA9F6CLZ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\DCAINE4CLCA0FNNQ8CAB2I924CA0Q6K81CADAR9KTCAFL0J68CAN79XVWCAH56YPKCAFUI2PDCA9IQQK6CAX7MWNNCAHJ4TH5CATZWPWTCAFU8Y8FCA3GJAV7CAIYWX8CCA6F00O5CA11BNRECAB0ECXRCAM795EHCA98LD9T.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\DCAL6MTHNCAIRZ3E9CAHUSCM8CALAH2N7CAJQKJWUCAMCAWSQCAE6JLNRCA0XZLYNCAK0972QCAE27WQYCA4J5JDBCAEP9HYWCAWJTAHECAGS4JHNCAK8JHHLCAQ8M8MKCAD4S66OCA7A7IYECA1LE7U7CASSY8BTCAG6MYY1.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\FCANGHLFICAP35Z1WCAGP3IA8CA030BZVCA70GKCFCANJTEFTCAPA0E7SCAO0WGU0CAIDWM4CCAE0R9PHCAHL0UB5CAM410WDCAQOP73BCAYPJDZICAENEXLQCA7M30B7CAZY6CI0CACJK0RRCAO2TZ3HCAN3IPKQCAPD8KO9.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\FCAY0ALLYCAEEJJ6HCA26KNQ1CAWJWCH5CABK825QCASTXCPACAG48CL7CAM7OJ94CAIOHADQCANVFYFACA7MHLN3CA33FYQYCAN97EKUCA62S7CXCAZ5RDYACA7MQPUUCAYDSH62CA3B9VGSCAKN5E3NCA8W3NJACAY0POI4.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\GCAGMY3M3CAC24PVKCAEI899YCA8A4X4KCADZB1VACAZLI2RWCAWZGZ2GCA8CKGV3CA6T7AZ0CAP58YKECAUCBN1XCA17GSQICAC2XWP5CABCXGXOCAJNMKOKCAO4MMBICA0TW55OCAG0TKX7CAJ3J4HXCAH0HGK9CA63A1L2.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\GCARCG9X8CAHEWAQ1CADPRIWDCA8IY4JRCAU6UQ9ICAYUT9YJCAOK2R38CA4GPIK6CACDVP8FCA8I32NRCAIZU27SCAFGRKQACA383V95CA5UENCYCAE00QTBCAO3JBD8CAIN405ICAP8U5WVCAB0UV7MCAOPGUBWCAC1AX9F.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\NCAX21YCACAFL4S5BCAFB9IO0CAXIPBHACA8GXRXFCAKHE427CAJZJMR4CAGC3B88CAXFZ8N0CAQFVTTGCAY5WIDCCAHCI1O1CAMT5YU1CAX3NHUDCA2N3Q2MCA8QW6S6CA190SWHCAHMMM1MCARFDHQICAZHB504CA7K35MT.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\QCA0AH470CACE9D1DCAY2CSVKCAO1F3LCCAC73GXXCAVS2PDACATOVRJWCA3NNNKOCADUSKD2CA2TWQ7TCA4C7BJCCA1P47DCCASZGEA4CA2JSCCSCAICVARCCAVWETU7CAO6JYTRCAD8K63QCAQSNLTSCAP4DSFUCAF1TI7P.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\RCADHSVZTCA32S7GXCAKLFBWFCA9AM9YYCA9UT094CAG44T4LCA84R4E0CABJC62XCABXNGGLCADW723MCAE0ZLAWCAN0JN4PCAGWJBXLCAVP9ZSRCAVTMYXZCAJ0S64HCAZS9J9MCAD4B602CAJQ5FB9CAGLTCSMCA1Q3SPP.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\RCAGQTA1ZCAS8YXFOCAG9CMSKCAP9Q453CAZ7CL1RCA7JPA2XCA63XL3VCA6GFBCSCAJFV3SGCA2A0SQQCAL1501SCARK2HVLCA8HIUGLCA66FX78CAO6HTOACA62LN5ZCAB3NKHNCAHM74KZCANFZWFOCA3B3GCICAGHB8Z2.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\TCA27M588CAEVOQK9CA24KJ23CATYGGHYCA6S5A8MCAN5KG8SCAYF0N5CCAZPVL3WCABK878QCAE1Z8IYCA28CUJECAFCXZZ0CAATL1P4CAD0P0MLCA5R3PAHCAK3WQYGCAK8EHBNCAOSAZGFCAZ7857ACAOVOS5YCAVEDMEJ.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\TCAPVPVDUCAM9TBFGCACV527NCAYEQFPXCA03GGCLCA1LY8PECAIAX6VBCAG53H45CAEY6KULCAP05E57CAD5W1V3CA2UJ1EUCAFQP37DCADAR8RPCAVRGSXUCAA9QSOZCAAWLXLNCA4M067FCAAEFQFACATGEFN5CA85RK40.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\UCAN3W8VTCAC5MZ0UCAD0C40QCA7V0ZXDCAADHBXCCAYEG15KCALBSUL8CACH6JRNCA0EYUU5CA4SELW2CA6A01K6CA7JBVP0CAN30OUOCAQRL8YZCAPUL0P9CALGB9LXCAQVLOCOCA4QIX1TCA1PRRLVCAGX7AHNCA81GDWR.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\HZUWQTUU\XCAKN20BLCAJF1X9PCALJH1LBCA53MDKKCAHOEPN8CATYHURMCACWM0YSCAG2P5LQCA6F1L5SCAPO3D1ACAKEYKJRCAIWXVT6CA6EBQ9ZCAS0ZTRJCA5RVEUMCAO5PLV7CASJ1MOYCAEGI14QCAT7ZIKMCANCRZUGCA2YKXJF.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\0CA0NJWJJCA5H461SCA9NEAJLCA5QAH0RCAAP9K0OCAS5C1URCALBJCYLCA3EV47JCAQI4OUWCAVTRMLACAKAR215CA1QYWKRCAUHDULZCA3CDWCXCA7T3GIGCALR5JAFCAP3UGEECAS3JFK0CA6APOPOCAGLCS0ZCA1ZNG57.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\1CA2J6UPJCAPF4PQACA1A97LWCAJ5PBC0CAPK41MDCAFXM44NCAC726BSCA1X3X6NCAK7VGM5CAY81NSVCA4L0FB1CALJE31ECADHFVL3CAKK55IJCAW8GO21CAPCBPJFCAO9NHDHCAIAL7DSCAGCHYC7CACCX92TCAW8A59A.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\1CAFWHJ9TCAX5X0S6CACPGPE0CA2XRSIKCA5VCRRDCANS03C3CAZUOTCLCAA09LLMCA87YH6KCA0EIFS4CAXAE731CANWV9COCAFECYKOCA6VV7GUCA808CQ0CAXQFDHXCAERWLYDCAWR0IRGCAGIY1CBCALAXK3DCANQU58Q.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\2CAWQMK1ACA4Z30DRCAOCUPGOCAH7E603CAMOS4C5CALPA65VCAIGJCFTCANW4CHGCA7OS82UCALH6V8MCA0YJE4MCAICAM43CAV0OINUCAVFQ528CAI86KXBCA4HEA0PCAN0YKT3CA6IMJVMCAFQTC9RCAIEWXEHCAU4MI04.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\2O26AVLaHhZuvlPru7IIBiSSMkvvnnuvfY-TwuXQP-bauRMxB0QHtz0hBrIwgQYwxyrzKAoRDacdh3UJbU-b97O2srhYxZLIJvylCaqlENwDgWPN5MrBivFfsgbz7Rl74xlCA9Ma2qXLDouL1vyvRciibgzqmhKQ5A7_LeGA[1].png not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\4CA9IWQH2CAAJ3VTBCA2XMPK9CAND8JEPCAK2DXVHCAMTWE0KCAPR6YTXCAQO4PO1CADVWUA9CANZ6FI4CA266KP0CA6KUFZVCAAR8K96CAN4WIYFCASUMN4YCA94320UCAWOPMVVCAYPYLB2CA85QQ12CAKMQ2W9CA6K0DWE.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\4CAMTESR2CA8UBRCICA4I2KX4CA0H051QCA0ZTSSCCAXIMDZBCA9US3JVCAPQNV4RCANTZ2GMCACKRV1SCA2QXJB8CA82NHSVCAUUP9VOCAHECE0JCA46WIXYCAM9A8D8CAAGI8CZCAVZ63ZXCA6ZL68UCAI0AOBVCAKZM1I7.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\4CAP4BMU4CAG9UVA8CAXYC717CA9T4ANICAS7YMXQCA07NFRNCA4VNC4KCAIU4I54CAWH6DTYCAYRA3RGCAN3P4P8CA3HW3CVCA7SRQQHCAYOOL78CA7O39RYCA7714CHCA264C10CAXY4VK8CAGW3IGICAGNZNJRCAHV7MOX.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\8CALSTDTSCAOA6H96CA3JVFL5CAZIFSA0CA94DIX2CAIBUCX4CAW7IVQNCABFBGQMCANMW26UCADGEH5FCA0MYW9ZCA2HG1AHCAOE83KXCAMM4ZR6CA8ND8B9CALYVH89CAJ9W9RWCAASY1NFCA821ZQOCAXWDYJQCAO235DI.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\9CATGD30HCA1BJ7R0CA5AAJCPCAC2JMOZCA99VJH8CADI9BLLCAG9WIBYCAS22O52CANXZGPFCAWPN5ZUCADN36R5CADX0LBYCAEBC49PCADZDLFJCA5TSL1OCA3B7RXBCASA3SASCAV4XS0PCAQWCARLCAM3HPPGCA8Q2YAK.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\CCA2Z4O44CABC4LILCAG1H8THCASDLXNUCA9T29D2CAHLJ8CQCADM9NVCCA4PZH3NCAMUHAQ9CAC9PKS0CASEG3MHCAI338Z2CA2O937HCAJP9GJBCAAOPPJ0CAYQD74DCAJS8Q5KCAR2G1OVCAGVHRNSCAQQ2THACAN1BXQ3.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\DCARRLC3UCAXGI405CATGGTSJCA8YYPD5CA16RW43CADZATCMCAUV7HBKCAGO87OTCAYWY7URCA1ZNDUDCAHBEN82CAMSIEPBCA0IPAU2CAVB5SSRCAYNM2AVCARDB7ONCAQ77SHPCA93PBZOCARMVZ57CABSSH4TCAUMFM2H.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\DCAURZ5X5CAXZC6A4CA2PKC6NCAEOFDRSCAJZQC5ACAZMICS1CAIDQVVCCAM7KWY0CAAZY5ZJCAQNAZNHCAKKOYHLCAD0DMDKCAXXGDR1CAA5NMMZCALJ9PGFCAVBD5WYCAJ8PX41CAIE822SCA38FSG7CA1E4PFKCA2UWOOG.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\FCAQMT2JYCA5LJLJ0CAOBPTSTCAPWI6XVCATRDKRRCAP2JSUECA3Y0MFXCAM1D59VCAGDMVPNCA2U1ZUHCA5LZ6XCCANVMPR1CAVKVYB9CAUVSYS2CAVDHZLZCA5755KZCABXYNFYCAE34ASBCAI829D3CAZ2JZJFCAMFNHZ4.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\GCAAB6SDECAA3FSMXCAP5GSB6CATV9YIRCA3W4Q1YCAC0MQPTCA3DZB3ACAUT2IHCCAJ01S20CADFAT75CAMCG0TRCAG1SO0WCARFRP26CA0RRN7MCA0TOOKCCAX4MYJ5CAPKA8NLCA3T2QN4CAETBC8UCA44O3V1CA86UJI8.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\HCAQYEPDYCA1663N0CAZFQUBCCA7B7TZWCAQQ67DYCA1C4DXCCA87EBS7CADKYFRECAATP418CA2I0EITCA8UWNEZCA706TKHCAN1N4PGCAN11SOUCAPPI3M3CAXPL1AHCAYBGL5RCA7FWT4YCADKFZYKCAYF51Z0CATSG67G.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\ICADMZIFTCAWL84ZFCAHO4LZBCA3269ZCCAB5S7LPCAHW32D9CAIEVV9ZCA67TXA0CA5MEUQCCA7J4IS1CAUU46RGCANCFEHGCA0RBBJ1CA5VDO1ZCA86BGO7CA0M3YKQCA310K48CAU2V1GQCABW110RCAH1TD2RCA7G4SMW.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\KCAEFDL56CA6TVY4LCAZV66ZUCAQ4GZAPCAC74NLWCA7KYOJ0CA3SIXD5CAIVQZGMCABLO8O5CA3J384VCAS8KHGUCAVCCI41CAD9NQ1FCAZYLXBSCAQU643DCA91F86SCA96H89KCAHU5SMKCAVXRLAVCAQZUW5MCAFVMYD3.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\NCA92CNLQCAWFJR7MCA1BVEZQCAFE1198CAF2MFQ0CARDZJ5MCAQ2F7GGCA0DXADLCAF7N70NCANTOW4ECAM9RX6ECAK29C0GCAP18JSZCA0AEK4MCATA6JHMCA4DMBWGCAYP6G1FCABJTPATCAA4AH0FCAC0WIJ1CANDDKUH.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\QCAMMEGHNCATOZ3IJCA9AEOX3CA2LYYXWCATJKW2NCAEP03SECAOSY83PCAHEL73NCAF7VQTYCAZ9CARKCAFDJ4KDCAQPY5MHCAWGNN43CAGLJDT2CAYW9RXJCANQY1TSCAWPDT91CAJOQ0TCCAGBVIBTCAIGXMEJCA1TLXMT.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\SCAFR6HDECAEQM4C3CA64UJRNCAUIPG4XCA61B254CAFV1G1MCAMRVQHUCAJDYHY2CAQKHCDYCAUJYR89CAC81641CAQ6IMJSCAKPK4XWCA7OCXTOCAH5DRNQCAYKPY3GCAKTF96ACAS0GDOPCAV8QSGKCA9VTPOGCAQT5CV2.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\UCAOBL83ICASNAXJXCA5G506BCAFNM7FKCAHVT5JPCAJFOYDPCAAUAXHUCALXAA3YCATLJ08QCAVG5OC2CANQHXYBCAJU5TX4CADPDFPSCA7M0GXCCAOZVUROCAVOQ5MGCAKAQT2BCA10TB2ECADCKY6ZCAXDM5N8CAJ4SLQE.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\VCATGA19RCA5AUL3DCATNASBACAWBMB63CA9UEQV1CAYG1VIVCAI3HMV0CAMFY6P3CAQGYPJNCAF79XJ9CAND2VIBCACP4MICCAK119GXCAT43KPOCA7JI059CAJN9PZMCABP11DACA13QF3CCAEYGVYOCAB2TUUFCAQ4KPB5.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\XCASM6GW8CA5JJI52CAK9RSGXCA32EJ5LCASNQFBXCAB99OH2CA7LQETOCATP0G61CA4262ANCAAR4IKDCA6LP3AYCALAEIU9CAH2UU1ACABWLVRTCA3U6QG0CA7K33E1CAK19LS5CAY0UKRACAZUUNV0CAI6PMNXCAD34O02.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\YCA2X8AJOCAT06KR8CANQIS5CCAOWVOXOCAJD568QCABO0NS8CA7TLOIICAVHZBJ3CAW911LYCA27MQ0ACAOZ91CDCA0KXX2BCAG72KWSCADFL267CAZNUTRDCAK3RSATCAZP0PBECAG7W97UCA2N4VTACADUUCY4CAA5NMSW.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\YCAWTNP36CAE3S7ZYCABMZ4HPCATY46XJCA87QLAACAYE1Y9SCAH6B0NCCAPDPQQ2CAR81EMJCA3ZB7KCCAALE40JCA9ECLQUCAD2GK03CAEP0VA0CA7K5JAICA2F0N3SCAVWL6PCCA25X3VFCAXLW070CA8TLE3BCA3ECV5V.jpg not found! File\Folder C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temp\Temporary Internet Files\Content.IE5\EM1B5R8R\YCAZ2BI5HCA12HH4BCA4IZ90ACA16XC5ACA70IA4UCA2WM4ADCA2KKPHKCA0M6RH7CAVMONQ9CAJ6VSRNCA3IDK7GCA46J2ATCAC4QU8UCAHGHXN6CA1NC9H0CAF2JFQMCAZNBKGGCA5SPW7BCANOBETSCAWU4XHGCAKHWUZY.jpg not found! Registry entries deleted on Reboot... [/log] [log]OTL logfile created on: 2010-12-09 19:29:16 - Run 3 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\kkasiaka\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 2,32 Gb Free Space | 3,11% Space Free | Partition Type: NTFS Drive D: | 1,46 Gb Total Space | 1,07 Gb Free Space | 72,76% Space Free | Partition Type: NTFS Drive E: | 73,06 Gb Total Space | 5,17 Gb Free Space | 7,08% Space Free | Partition Type: NTFS Drive H: | 3,77 Gb Total Space | 2,77 Gb Free Space | 73,37% Space Free | Partition Type: FAT32 Drive I: | 3,73 Gb Total Space | 1,40 Gb Free Space | 37,63% Space Free | Partition Type: FAT32 Computer Name: KASIOWY | User Name: kkasiaka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-04 12:17:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkasiaka\Pulpit\OTL.exe PRC - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe PRC - [2010-05-20 23:29:12 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-05-20 23:29:08 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-03-23 17:44:21 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE PRC - [2009-02-26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-02-09 11:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 17:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-11-18 18:54:00 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-09-08 16:02:18 | 000,186,200 | ---- | M] () -- C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZNLSvc.exe PRC - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2008-07-19 15:38:34 | 000,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-06-15 14:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2007-12-16 13:22:42 | 000,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe PRC - [2007-08-10 15:21:56 | 016,384,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2007-07-25 18:19:54 | 000,888,832 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007-07-25 18:14:58 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-06 16:55:42 | 000,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2007-03-06 16:47:02 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2007-03-06 16:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2007-03-06 16:40:30 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2007-03-06 16:37:04 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2006-04-12 16:31:20 | 000,638,976 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe PRC - [2006-02-28 11:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2006-02-16 18:34:00 | 000,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-11 00:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 00:44:28 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-04 12:17:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkasiaka\Pulpit\OTL.exe MOD - [2009-12-08 10:01:26 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:03:38 | 008,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-02-16 18:34:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2006-02-16 18:34:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll MOD - [2006-02-16 18:34:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-08-31 17:36:24 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2010-07-06 14:08:06 | 000,711,352 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2009-08-07 11:43:04 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009-03-23 17:44:21 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA) SRV - [2009-02-15 23:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) [On_Demand | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2008-09-08 16:02:18 | 000,186,200 | ---- | M] () [Auto | Running] -- C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZNLSvc.exe -- (ZNLSvc) SRV - [2008-07-23 15:25:45 | 000,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2008-07-19 15:38:28 | 000,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2008-07-19 15:38:04 | 000,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2008-07-19 15:25:06 | 000,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2008-06-15 14:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008-06-05 23:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2007-12-16 13:22:42 | 000,085,096 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2007-07-25 18:14:58 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007-03-06 16:55:42 | 000,643,072 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2007-03-06 16:43:52 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2007-03-06 16:37:04 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-09-05 10:40:20 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-06-29 17:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk) DRV - [2009-03-23 17:44:22 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA) DRV - [2009-02-15 23:10:26 | 000,353,672 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008-11-17 01:24:00 | 000,051,688 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan) DRV - [2008-07-19 15:37:42 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008-07-19 15:37:21 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2008-07-19 15:35:18 | 000,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2008-07-19 15:33:42 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2008-07-19 15:32:36 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2008-07-19 15:32:15 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2007-08-10 13:52:44 | 004,603,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-07-25 18:19:52 | 000,209,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2007-07-25 18:19:38 | 000,101,874 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007-07-25 18:17:26 | 000,090,880 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-07-25 18:14:58 | 001,161,888 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007-07-25 18:07:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2007-07-04 15:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2007-06-21 04:43:26 | 002,208,512 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Sterownik karty Intel(R) DRV - [2007-04-16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007-02-21 12:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006-06-22 16:27:12 | 000,011,264 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-18 08:00:00 | 000,067,584 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Wibukey.sys -- (WIBUKEY) DRV - [2004-06-10 00:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM) DRV - [1999-04-22 05:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [2010-10-09 12:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Mozilla\Firefox\extensions [2010-10-09 12:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2010-07-06 18:12:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-07-06 18:12:47 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} O1 HOSTS File: ([2010-02-07 18:53:39 | 001,891,268 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 005.free-counter.co.uk O1 - Hosts: 127.0.0.1 006.free-counter.co.uk O1 - Hosts: 127.0.0.1 007.free-counter.co.uk O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008.free-counter.co.uk O1 - Hosts: 127.0.0.1 00fun.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00inkjets.com O1 - Hosts: 127.0.0.1 00pro.com O1 - Hosts: 127.0.0.1 00web.com O1 - Hosts: 127.0.0.1 01.sharedsource.org O1 - Hosts: 127.0.0.1 0123hardcore.com O1 - Hosts: 127.0.0.1 0190-dialer.com O1 - Hosts: 127.0.0.1 0190-dialers.com O1 - Hosts: 127.0.0.1 01i.info O1 - Hosts: 127.0.0.1 01sexe.com O1 - Hosts: 127.0.0.1 01smith.com O1 - Hosts: 127.0.0.1 02.main.ru O1 - Hosts: 127.0.0.1 0-29.com O1 - Hosts: 127.0.0.1 02kmky1xgzbmsdfx.com O1 - Hosts: 127.0.0.1 02pmnzy5eo29bfk4.com O1 - Hosts: 127.0.0.1 03.sharedsource.org O1 - Hosts: 127.0.0.1 030.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 64151 more lines... O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\PlusIEContextMenu.dll (Zeon Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZeonIEFavClient.dll (Zeon Corporation) O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\bin\ZeonIEFavClient.dll (Zeon Corporation) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SmartIndex] C:\WINDOWS\Temp\_ex-08.exe File not found O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe (r2 studios) O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-842925246-706699826-839522115-1003..\RunOnce: [11759588] C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\11759588.exe (Корпорация Майкрософт) O4 - Startup: C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-842925246-706699826-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: E&ksport do programu Microsoft Excel - E:\Program files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Open PDF in DocuCom PDF Plus - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Append to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert link target to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert link target to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert selected links to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert selected links to existing PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O8 - Extra context menu item: Zeon Convert to DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll (Zeon Corporation) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O15 - HKLM\..Trusted Domains: se-2011-download.com ([]http in Trusted sites) O15 - HKLM\..Trusted Domains: se-2011-payment.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..Trusted Domains: se-2011-download.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-842925246-706699826-839522115-1003\..Trusted Domains: se-2011-payment.com ([]http in Trusted sites) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab (CKAVWebScan Object) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/66.35/uploader2.cab (UploadListView Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_04) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-12-31 11:03:59 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-09 18:44:40 | 000,022,528 | ---- | M] () - C:\autoexec.exe -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:46 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:47 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-09-20 19:20:48 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-09 18:58:56 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "gusvc" MsConfig - Services: "Adobe LM Service" MsConfig - Services: "LightScribeService" MsConfig - Services: "WinPPPoverEthernet" MsConfig - Services: "PnkBstrA" MsConfig - StartUpReg: [b]Camera Assistant Software[/b] - hkey= - key= - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) MsConfig - StartUpReg: [b]Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) MsConfig - StartUpReg: [b]Odkurzacz-MCD[/b] - hkey= - key= - C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software) MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-09 19:27:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kkasiaka\Pulpit\OTL.exe [2010-12-06 00:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2010-12-06 00:04:35 | 000,899,584 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\11759588.exe [2010-12-04 13:10:39 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-30 21:32:25 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll [2010-11-30 21:32:25 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll [2010-11-30 21:32:25 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys [2010-11-19 21:14:44 | 112,188,440 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\kkasiaka\Pulpit\kav11.0.1.400pl.exe [2010-11-16 20:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010-11-14 19:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Pulpit\bg [2010-10-11 19:40:30 | 000,065,776 | ---- | C] (JGsoft - Just Great Software) -- C:\WINDOWS\UnDeploy.exe [2010-10-11 19:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\001Micron Memory Card Recovery(Demo) [2010-10-11 18:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\OpenOffice.org [2010-10-11 18:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2010-10-11 18:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\open office [2010-10-11 17:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkasiaka\Pulpit\dmde-2.0.1-win32-gui [2010-02-13 16:04:36 | 106,855,968 | ---- | C] (Sony Creative Software Inc.) -- C:\Program Files\moviestudio90b.exe [2008-11-30 15:55:04 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys [2008-11-30 00:02:23 | 022,285,608 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe [2006-12-12 11:13:20 | 000,032,768 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll [2006-07-28 16:25:26 | 000,019,456 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-09 19:23:43 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-12-09 19:23:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-09 19:22:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-09 18:52:58 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Pulpit\Flash_Disinfector.exe [2010-12-09 18:44:58 | 000,252,928 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\1399014948.exe [2010-12-09 18:44:40 | 000,022,528 | ---- | M] () -- C:\autoexec.exe [2010-12-07 16:06:06 | 001,240,064 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\25594903.exe [2010-12-06 00:04:35 | 000,899,584 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\11759588.exe [2010-12-04 12:17:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkasiaka\Pulpit\OTL.exe [2010-12-04 11:57:20 | 000,245,248 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-30 21:32:25 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll [2010-11-30 21:32:25 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll [2010-11-30 21:32:25 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys [2010-11-28 22:16:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-11-19 21:14:49 | 112,188,440 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\kkasiaka\Pulpit\kav11.0.1.400pl.exe [2010-10-31 08:50:07 | 000,503,756 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-10-31 08:50:07 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-10-31 08:50:07 | 000,090,292 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-10-31 08:50:07 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-12 07:40:07 | 001,581,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-10-11 20:25:25 | 000,000,082 | ---- | M] () -- C:\WINDOWS\System32\RPRID.KEY [2010-10-11 19:40:30 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\001Micron Memory Card Recovery(Demo).lnk [2010-10-11 18:57:26 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Moje dokumenty\TempWmicBatchFile.bat [2010-10-11 18:57:13 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-10-11 18:55:53 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-10-10 21:52:43 | 000,031,462 | ---- | M] () -- C:\WINDOWS\bestplayer.bbt [2010-10-10 21:52:43 | 000,001,911 | ---- | M] () -- C:\WINDOWS\bestplayer.ini [2010-10-10 21:52:43 | 000,000,063 | ---- | M] () -- C:\WINDOWS\bestplayer.bpp [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-09 19:02:40 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Pulpit\Flash_Disinfector.exe [2010-12-09 18:44:58 | 000,252,928 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\1399014948.exe [2010-12-07 16:06:06 | 001,240,064 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\25594903.exe [2010-12-05 15:17:35 | 000,022,528 | ---- | C] () -- C:\autoexec.exe [2010-10-11 20:25:25 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\RPRID.KEY [2010-10-11 19:40:30 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\001Micron Memory Card Recovery(Demo).lnk [2010-10-11 18:57:24 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Moje dokumenty\TempWmicBatchFile.bat [2010-10-11 18:57:13 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-10-11 18:55:53 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-10-09 18:28:22 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2010-10-09 18:26:21 | 000,491,120 | ---- | C] () -- C:\Program Files\sr_dm.exe [2010-10-09 18:04:30 | 001,561,733 | ---- | C] () -- C:\Program Files\testdisk-6.11.3.win.zip [2010-10-09 12:22:57 | 003,267,488 | ---- | C] () -- C:\Program Files\PandoraRecovery2.1.1Setup.exe [2010-09-08 19:46:35 | 000,587,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-04-08 21:28:07 | 000,000,093 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-01-29 12:23:30 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-01-07 19:12:25 | 000,002,136 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-11-30 15:55:04 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys [2008-11-06 22:18:18 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-11-05 19:42:45 | 000,062,400 | ---- | C] () -- C:\WINDOWS\System32\IFC.dll [2008-11-05 19:41:56 | 000,422,848 | ---- | C] () -- C:\WINDOWS\System32\PPL.dll [2008-10-10 17:35:50 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys [2008-10-10 17:35:50 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys [2008-09-14 20:06:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI [2008-09-12 22:35:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-09-03 18:04:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Dane aplikacji\AVSDVDPlayer.m3u [2008-07-06 15:31:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2008-03-15 20:21:44 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-03-15 20:21:43 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-03-15 20:21:43 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-02-27 20:48:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2007-12-03 09:28:07 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007-11-22 10:59:34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2007-11-21 12:46:00 | 000,001,911 | ---- | C] () -- C:\WINDOWS\bestplayer.ini [2007-11-17 16:52:21 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS [2007-11-17 16:52:21 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL [2007-11-17 16:52:21 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL [2007-11-13 20:09:24 | 000,245,248 | ---- | C] () -- C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-11-12 22:37:20 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll [2007-11-12 21:38:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL [2007-11-12 21:09:13 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2007-11-12 21:09:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2007-11-12 21:09:13 | 000,010,132 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2007-11-12 21:09:13 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2007-11-11 15:42:20 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-07-01 12:12:14 | 003,145,728 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2007-07-01 11:59:22 | 000,517,632 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2007-06-17 12:43:56 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2007-06-12 15:45:56 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2007-06-12 12:21:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2007-01-09 18:05:50 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2006-02-16 18:34:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-02-16 18:34:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-02-16 18:34:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-02-16 18:34:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-02-16 18:34:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-02-16 18:34:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006-01-05 18:49:34 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll [2006-01-05 17:36:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll [2006-01-04 10:59:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005-11-23 13:55:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [color=#E56717]========== LOP Check ==========[/color] [2010-09-15 15:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2010-12-09 18:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2010-09-05 10:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-10 01:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iolo [2007-12-09 00:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2008-06-01 20:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier [2009-03-16 03:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\r2 Studios [2010-10-10 01:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2007-11-12 22:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Vista64 [2010-07-06 19:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\zeon [2008-05-29 23:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Auslogics [2010-09-15 15:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Autodesk [2010-10-10 21:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\BESTplayer [2008-09-21 11:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Canneverbe_Limited [2009-01-29 12:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\DAEMON Tools [2010-09-05 10:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\DAEMON Tools Lite [2007-12-09 01:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Gadu-Gadu [2010-10-09 18:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\iolo [2010-10-11 18:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\OpenOffice.org [2008-05-18 22:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Opera [2009-01-30 03:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Poser Pro [2008-01-21 01:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\QPrinter [2009-03-16 03:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\r2 Studios [2010-08-04 22:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\runic games [2007-11-12 21:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\toshiba [2008-01-30 01:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Uniblue [2010-12-07 20:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\uTorrent [2010-07-06 19:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkasiaka\Dane aplikacji\Zeon [2010-10-09 18:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\iolo [2010-07-06 19:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Zeon [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-12-09 18:44:40 | 000,022,528 | ---- | M] () -- C:\autoexec.exe [2008-12-13 17:34:27 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2001-10-30 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2007-11-11 15:55:16 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2007-11-11 15:55:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007-11-11 15:55:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2007-11-12 19:52:25 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2007-11-12 19:52:25 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-12-09 19:22:17 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2008-06-16 04:29:11 | 000,002,861 | ---- | M] () -- C:\rollback.ini [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys [2001-10-30 13:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-10-30 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-10-30 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by kkasiaka at 2010-12-09 19:38:15 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 2 GB (3%) free of 76 GB Total RAM: 2046 MB (71% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:38:22, on 2010-12-09 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17055) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\notepad.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Opera\opera.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\kkasiaka\Pulpit\RSIT.exe C:\Program Files\trend micro\kkasiaka.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe" O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SmartIndex] C:\WINDOWS\Temp\_ex-08.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\RunOnce: [11759588] "C:\DOCUME~1\kkasiaka\USTAWI~1\DANEAP~1\11759588.exe" 17 50 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open PDF in DocuCom PDF Plus - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O8 - Extra context menu item: Zeon Append to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Zeon Convert link target to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Zeon Convert link target to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Zeon Convert selected links to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Zeon Convert selected links to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Zeon Convert to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.se-2011-download.com O15 - Trusted Zone: http://*.se-2011-payment.com O15 - Trusted Zone: http://*.se-2011-download.com (HKLM) O15 - Trusted Zone: http://*.se-2011-payment.com (HKLM) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/66.35/uploader2.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F6435A7C-DC49-484A-AC12-682FA4076FF6}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O19 - User stylesheet: (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Zeon License Service (ZNLSvc) - Unknown owner - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe -- End of file - 11953 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll [2008-10-15 253952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-18 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}] ZeonIEEventHelper Class - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll [2008-11-18 479232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-18 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-18 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - DocuCom PDF - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll [2008-11-18 479232] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe [2007-12-14 44032] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-03-06 819200] "nwiz"=nwiz.exe /install [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "SmartIndex"=C:\WINDOWS\Temp\_ex-08.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "11759588"=C:\DOCUME~1\kkasiaka\USTAWI~1\DANEAP~1\11759588.exe [2010-12-06 899584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-05-22 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe [2007-11-14 2131392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe [2008-08-16 264704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe [2004-02-22 32881] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 "Adobe LM Service"=3 "LightScribeService"=2 "WinPPPoverEthernet"=2 "PnkBstrA"=2 C:\Documents and Settings\kkasiaka\Menu Start\Programy\Autostart OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======File associations====== .scr - open - "C:\WINDOWS\system32\notepad.exe" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 2 months====== 2010-12-06 00:04:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess 2010-12-05 15:17:35 ----A---- C:\autoexec.exe 2010-12-04 13:10:39 ----D---- C:\rsit 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\wpcap.dll 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\Packet.dll 2010-11-30 21:32:25 ----A---- C:\WINDOWS\system32\drivers\npf.sys 2010-11-16 20:11:09 ----D---- C:\WINDOWS\Minidump 2010-10-11 19:40:30 ----D---- C:\Program Files\001Micron Memory Card Recovery(Demo) 2010-10-11 19:40:30 ----A---- C:\WINDOWS\UnDeploy.exe 2010-10-11 18:56:49 ----D---- C:\Documents and Settings\kkasiaka\Dane aplikacji\OpenOffice.org 2010-10-11 18:54:50 ----D---- C:\Program Files\OpenOffice.org 3 2010-10-11 18:53:35 ----D---- C:\Program Files\open office ======List of files/folders modified in the last 2 months====== 2010-12-09 19:38:16 ----D---- C:\WINDOWS\Prefetch 2010-12-09 19:38:16 ----D---- C:\Program Files\Trend Micro 2010-12-09 19:30:44 ----D---- C:\WINDOWS\Temp 2010-12-09 19:30:43 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-09 19:20:34 ----D---- C:\WINDOWS\system32 2010-12-09 19:20:33 ----D---- C:\Program Files\DAEMON Tools Toolbar 2010-12-09 18:40:56 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-07 20:15:18 ----D---- C:\Documents and Settings\kkasiaka\Dane aplikacji\uTorrent 2010-12-07 19:32:15 ----D---- C:\movies 2010-11-30 21:32:25 ----D---- C:\WINDOWS\system32\drivers 2010-11-19 21:19:34 ----D---- C:\WINDOWS 2010-11-16 17:21:45 ----D---- C:\Program Files 2010-11-08 21:12:56 ----SHD---- C:\WINDOWS\Installer 2010-11-08 21:12:56 ----HD---- C:\Config.Msi 2010-11-02 16:47:16 ----A---- C:\WINDOWS\system32\MRT.exe 2010-10-31 08:50:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-10-17 12:55:32 ----A---- C:\WINDOWS\win.ini 2010-10-11 18:55:57 ----RSD---- C:\WINDOWS\assembly 2010-10-11 18:55:11 ----RSD---- C:\WINDOWS\Fonts 2010-10-10 21:52:43 ----A---- C:\WINDOWS\bestplayer.ini 2010-10-10 21:32:15 ----D---- C:\Documents and Settings\kkasiaka\Dane aplikacji\BESTplayer 2010-10-10 01:30:50 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\iolo 2010-10-10 01:30:40 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-05 691696] R0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys [2008-11-17 51688] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2010-06-29 9341] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40320] R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys [] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-15 353672] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-12 21425] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS [] R2 s24trans;Transport WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416] R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\Wibukey.sys [2004-08-18 67584] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-07-25 1161888] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 NETw4x32;Sterownik karty Intel(R) Wireless WiFi Link dla systemu Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-07-25 90880] R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2004-08-03 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-07-25 209312] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-07-25 290304] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 usbvideo;Chicony USB 2.0 Camera; C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] R3 UVCFTR;UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776] S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [1999-04-22 73216] S3 afqua0dp;afqua0dp; C:\WINDOWS\system32\drivers\afqua0dp.sys [] S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-07-25 101874] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 sffdisk;Sterownik SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-03 11136] S3 sffp_sd;Sterownik SFF Storage Protocol Driver dla SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-03 10240] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944] S3 WRSWanDD;WinPoET PPPoE Adapter; C:\WINDOWS\system32\DRIVERS\WrKPoETNic2000.sys [2007-07-04 65604] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-07-25 9216] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-12-16 85096] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2009-03-23 54784] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-06 643072] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2010-07-06 711352] R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2010-07-06 711352] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-18 152984] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-02-16 143426] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-06 327680] R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-03-06 983040] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 ZNLSvc;Zeon License Service; C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe [2008-09-08 186200] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-17 72704] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-31 1045256] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-15 2402184] S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-06 66872] -----------------EOF----------------- [/log] DrWeb [log]CDDFogpWflwreWC C:\WINDOWS\temp Trojan.DownLoader1.34491 Niewyleczalny.Przeniesiony. autoexec.exe C:\ Trojan.DownLoad.41551 Usunięty. Flash_Disinfector.exe/data002\nircmd.exe C:\Documents and Settings\kkasiaka\Pulpit\Flash_Disinfector.exe/data002 Tool.NirCmd.1 data002 C:\Documents and Settings\kkasiaka\Pulpit Archiwum zawierające zainfekowane obiekty Flash_Disinfector.exe C:\Documents and Settings\kkasiaka\Pulpit Kontener zawiera zainfekowane obiekty Przeniesiony. 25594903.exe C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Dane aplikacji Trojan.Fakealert.19447 mail[1].htm\Script.5 C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\0GLEB0KP\mail[1].htm Odmiana wirusa W97M.Verlor mail[1].htm C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\0GLEB0KP Kontener zawiera zainfekowane obiekty Przeniesiony. update4303[2].exe C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\M8O1SQZY Trojan.DownLoad.41551 mail[2].htm\Script.5 C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QA5NMZH9\mail[2].htm Odmiana wirusa W97M.Verlor mail[2].htm C:\Documents and Settings\kkasiaka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QA5NMZH9 Kontener zawiera zainfekowane obiekty Przeniesiony. A0059284.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP369 Trojan.DownLoad2.18222 A0059285.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP369 Trojan.FakeAV.1407 A0060281.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP369 Trojan.FakeAV.1407 A0060290.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP369 Trojan.DownLoader1.37189 A0060340.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP370 Trojan.Fakealert.19447 A0062515.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.Fakealert.19447 A0062529.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.Fakealert.19447 A0063557.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.DownLoad.41551 A0063596.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.DownLoader1.37205 A0063597.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.Fakealert.19447 A0063598.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.DownLoad1.40055 A0063627.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Trojan.DownLoad.41551 A0063628.exe/data002\nircmd.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373\A0063628.exe/data002 Tool.NirCmd.1 data002 C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Archiwum zawierające zainfekowane obiekty A0063628.exe C:\System Volume Information\_restore{49FFECCF-B610-490E-AEE1-A7981F912E20}\RP373 Kontener zawiera zainfekowane obiekty Przeniesiony. avenger.exe E:\narzedzia Joke.Forgery.525 [/log] Malwarebytes [log]Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Wersja bazy: 5214 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 7.0.5730.13 2010-12-10 22:59:11 mbam-log-2010-12-10 (22-59-06).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowano obiektów: 341042 Upłynęło: 1 godzin(y), 26 minut(y), 54 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 6 Zainfekowanych wartości rejestru: 3 Zainfekowane informacje rejestru systemowego: 8 Zainfekowanych folderów: 5 Zainfekowanych plików: 10 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAX5-81C01C608512} (Worm.AutoRun) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAX5-90401C608512} (Backdoor.IRCBot) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-21CX1C643131} (Worm.AutoRun) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} (Trojan.Agent) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE17712-987E-4424-A00C-9DA0BC4E2078} (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\SE2010 (Rogue.Securityessentials2010) -> No action taken. Zainfekowanych wartości rejestru: HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Value: idln2 -> No action taken. HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Value: bk -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\RegistryMonitor2 (Malware.Trace) -> Value: RegistryMonitor2 -> No action taken. Zainfekowane informacje rejestru systemowego: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\se-2011-download.com\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\se-2011-payment.com\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\se-2011-download.com\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\se-2011-payment.com\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken. Zainfekowanych folderów: c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d} (Worm.Prolaco.M) -> No action taken. c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d}\chrome (Worm.Prolaco.M) -> No action taken. c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d}\chrome\content (Worm.Prolaco.M) -> No action taken. c:\RECYCLER\s-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> No action taken. c:\SYSTEM\s-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> No action taken. Zainfekowanych plików: c:\documents and settings\kkasiaka\doctorweb\quarantine\cddfogpwflwrewc (Rogue.SecurityEssentials) -> No action taken. c:\system volume information\_restore{49ffeccf-b610-490e-aee1-a7981f912e20}\RP370\A0060319.exe (Rogue.Installer) -> No action taken. c:\documents and settings\kkasiaka\menu start\Programy\security tool.lnk (Rogue.SecurityTool) -> No action taken. c:\documents and settings\kkasiaka\dane aplikacji\microsoft\internet explorer\quick launch\security essentials 2011.lnk (Rogue.SecurityEssentials) -> No action taken. c:\documents and settings\kkasiaka\menu start\Programy\thinkpoint.lnk (Rogue.ThinkPoint) -> No action taken. c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d}\chrome.manifest (Worm.Prolaco.M) -> No action taken. c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d}\install.rdf (Worm.Prolaco.M) -> No action taken. c:\program files\mozilla firefox\extensions\{9ce11043-9a15-4207-a565-0c94c42d590d}\chrome\content\timer.xul (Worm.Prolaco.M) -> No action taken. c:\RECYCLER\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> No action taken. c:\SYSTEM\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> No action taken. [/log]
Tomek01 komentarz 10 grudnia 2010 komentarz 10 grudnia 2010 Miało być: Start > Uruchom... (wklej polecenie) Notepad C:\WINDOWS\system32\drivers\etc\hosts Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem ! Coś nie tak poszło. Wykonaj jeszcze raz operację ze skryptem do OTL. Wykonaj wszystko dokładnie, krok po kroku. Komputer powinien się zrestartować. Jeszcze raz pełne skany i usuwasz wszystko co znajdą. Wtedy nowe logi.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.