czeski utworzono 17 grudnia 2010 utworzono 17 grudnia 2010 Witam, mam mały problem z avirą, która co jakiś czas (kilka razy dziennie) wyświetla mi taki oto komunikat: [i]access to the file 'D:\Autorun.inf' was blocked for your security[/i] Nie wiem jak się tego pozbyć, dlatego bardzo proszę o pomoc, oto log z OTL-a: [log] OTL logfile created on: 2010-12-17 16:54:00 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory | 97,00 Mb Available Physical Memory | 19,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 48,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 66,38 Gb Total Space | 4,41 Gb Free Space | 6,64% Space Free | Partition Type: NTFS Drive D: | 7,13 Gb Total Space | 1,43 Gb Free Space | 20,05% Space Free | Partition Type: FAT32 Computer Name: YOUR-B375270B44 | User Name: Klaudia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-11 13:12:47 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-09 17:33:05 | 000,435,368 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe PRC - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-13 22:33:49 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe PRC - [2010-11-13 22:33:49 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010-10-22 16:47:26 | 000,524,288 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2010-10-22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2010-10-12 22:32:49 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-09-13 00:09:56 | 012,653,152 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-02-26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe PRC - [2010-02-18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 10:41:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-12-04 12:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-01-16 12:42:20 | 000,950,272 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE PRC - [2006-06-19 10:33:12 | 000,163,840 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2006-05-18 15:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-05-03 21:58:26 | 000,458,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe PRC - [2006-05-02 14:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2005-06-11 08:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2005-01-28 12:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 22:00:00 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssvc.exe PRC - [2004-08-04 22:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 22:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 22:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2004-08-04 22:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 22:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 22:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-04-16 16:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-07-26 05:36:48 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:36:44 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 22:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 22:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 22:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 22:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 22:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 22:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 22:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 22:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-04 22:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 22:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 22:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 22:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-12-09 17:29:49 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_aeec0f0.dll -- (Akamai) SRV - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-10-22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2010-06-20 12:18:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-10-24 13:38:07 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2006-06-12 12:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr) SRV - [2005-10-06 17:46:38 | 000,856,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDPNDIS5.SYS -- (ZDPNDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090811.001\symidsco.sys -- (SYMIDSCO) DRV - [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-09-28 20:51:33 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-05-11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-05-11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007-07-03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007-07-03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007-07-03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-17 05:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-06-06 21:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD) DRV - [2006-06-02 16:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2006-05-12 21:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006-04-28 18:12:00 | 000,429,184 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006-04-21 18:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2006-04-20 17:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-04-20 17:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006-04-20 17:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-12-22 18:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-11-16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-11-01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-10-13 10:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2005-09-19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005-09-19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005-09-19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-04 08:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2004-08-04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-04 06:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2004-08-04 06:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2002-04-26 12:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) DRV - [2001-10-26 23:58:28 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001-08-18 05:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001-08-18 05:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001-08-18 05:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001-08-18 05:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001-08-18 05:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001-08-18 04:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001-08-18 04:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001-08-18 04:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001-08-18 04:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001-08-18 04:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001-08-18 04:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001-08-18 04:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001-08-18 04:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001-08-18 04:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/ IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.1 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1 FF - prefs.js..extensions.enabledItems: {333b42b0-9c75-11db-b606-0800200c9a66}:2.090208 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-11 13:13:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-11 13:13:08 | 000,000,000 | ---D | M] [2009-08-28 12:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Extensions [2010-12-16 22:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions [2009-10-24 08:59:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-08-29 20:42:04 | 000,000,000 | ---D | M] (PinkHope) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66} [2009-09-09 17:56:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2009-09-28 20:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com [2010-12-16 22:13:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-09-09 18:17:32 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-10-12 22:33:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-10-12 22:32:51 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll [2010-01-08 17:05:57 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-09-09 08:11:46 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png [2009-09-09 08:11:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml [2010-01-08 17:05:57 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-08 17:05:57 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-08 17:05:57 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-08 17:05:57 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-08 17:05:57 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-11-17 23:29:01 | 000,327,701 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 11212 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( ) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\Klaudia\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-21 13:40:47 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2001-07-27 12:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004-04-30 04:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ] O32 - Unable to obtain root file information for disk D:\ O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\AutoRun\command - "" = F:\ O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\explore\command - "" = F:\ O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\open\command - "" = F:\ O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell - "" = Autorun O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\Shell\AutoRun\command - "" = ARE\RUNNING\oF.exe O33 - MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\Shell\open\command - "" = ARE\RUNNING\oF.exe O33 - MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\Shell\AutoRun\command - "" = r2g20.exe O33 - MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\Shell\open\Command - "" = r2g20.exe O33 - MountPoints2\H\Shell\AutoRun\command - "" = DISALA///pushila.exe O33 - MountPoints2\H\Shell\explore\command - "" = DISALA//pushila.exe O33 - MountPoints2\H\Shell\open\command - "" = DISALA//pushila.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-13 17:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej [2010-12-10 16:15:06 | 000,000,000 | ---D | C] -- C:\FENAP [2010-12-10 16:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\z pena [2010-11-22 12:38:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-22 12:38:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-22 12:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-11-22 11:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\My Art [2010-11-21 13:55:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-11-21 13:54:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010-11-21 13:54:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010-11-21 13:54:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010-11-21 13:47:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2010-11-20 11:58:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings [2010-11-20 11:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2010-11-20 11:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar [2010-11-20 11:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2010-11-07 12:15:23 | 000,214,016 | ---- | C] (Marcin Dutkiewicz) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Dietetyk.exe [2010-10-31 19:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\101CANON [2010-10-31 13:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Avira [2010-10-25 18:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\IBP-Software [2010-10-25 11:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [2010-10-24 17:45:30 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-10-24 17:45:26 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-10-24 17:45:26 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010-10-24 17:45:26 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010-10-24 17:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira [2010-10-24 11:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI_Pro_v5.02.527.DB.24 [2010-10-23 17:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2010-10-23 16:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI.P.v5.02.527.DB.24.67.D [2010-10-22 12:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\Install_WUFI5 [2010-10-20 18:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\SEMESTR 7 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-17 16:57:08 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-12-17 16:50:35 | 003,072,054 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-17 15:52:04 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-12-17 15:51:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-17 15:51:47 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-12-15 18:01:37 | 001,010,726 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-15 15:42:01 | 000,521,905 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-14 19:16:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-13 16:51:57 | 029,382,704 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-13 13:34:31 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-12-01 22:13:27 | 000,433,358 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010-11-22 11:53:48 | 001,945,570 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:41 | 000,058,859 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 11:41:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-11-21 17:51:43 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-15 13:06:11 | 310,726,552 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:56:12 | 310,072,970 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:38:35 | 309,228,751 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 12:09:10 | 309,698,328 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:20:57 | 309,575,345 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:59:30 | 308,669,244 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:18 | 000,015,950 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-11-10 21:43:18 | 000,000,165 | ---- | M] () -- C:\WINDOWS\Aslan.INI [2010-11-05 11:47:42 | 000,500,540 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-05 11:47:41 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-05 11:47:41 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-05 11:47:41 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-26 21:42:03 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Strona tytułowa.doc [2010-10-24 17:45:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:14:09 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:15 | 001,259,599 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-17 16:50:34 | 003,072,054 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-15 18:22:33 | 000,521,905 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-15 18:01:34 | 001,010,726 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-13 16:49:55 | 029,382,704 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-01 22:13:22 | 000,433,358 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-22 11:53:48 | 001,945,570 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:31 | 000,058,859 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 02:05:00 | 000,690,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-11-15 11:05:29 | 309,228,751 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 11:05:03 | 310,072,970 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:03:15 | 309,698,328 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:02:48 | 310,726,552 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:00:00 | 309,575,345 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:28:49 | 308,669,244 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:16 | 000,015,950 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-10-24 17:45:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:10:57 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:07 | 001,259,599 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [2010-10-11 16:38:06 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll [2010-10-11 16:38:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll [2010-06-01 18:16:45 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-01 19:15:49 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2010-04-01 19:11:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010-04-01 18:43:23 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010-01-13 23:04:22 | 000,000,084 | ---- | C] () -- C:\WINDOWS\SW_Win2146X32.DLL [2010-01-13 23:03:52 | 001,753,088 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll [2010-01-13 23:03:52 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll [2010-01-13 23:03:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll [2010-01-13 23:03:51 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx15_ic.ini [2010-01-13 23:03:50 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll [2010-01-13 23:03:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll [2010-01-13 23:03:50 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll [2010-01-13 22:37:38 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\lakerda1967.sys [2010-01-13 22:37:12 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\docXConverter (3).ini [2009-12-13 18:53:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-11-10 00:15:42 | 002,733,056 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe [2009-10-27 22:56:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\RUNTEST.INI [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32f.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divx.dll [2009-09-28 20:51:32 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-09-06 21:58:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2009-09-06 11:24:50 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-06 10:42:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-08-21 21:11:51 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DSwitch.txt [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\AtStart.txt [2009-08-21 21:11:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\QSwitch.txt [2009-08-13 11:15:30 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2009-06-20 08:57:06 | 000,000,868 | ---- | C] () -- C:\WINDOWS\rm-win.ini [2009-05-31 20:25:14 | 148,295,688 | ---- | C] () -- C:\Program Files\OOo_3.0.1_Win32Intel_install_wJRE_pl.exe [2009-03-12 00:32:28 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Aslan.INI [2008-09-30 15:53:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-01-16 00:22:39 | 002,788,800 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe [2006-09-06 20:32:19 | 000,029,006 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006-05-12 04:33:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-05-12 03:52:54 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2006-05-12 03:50:00 | 000,004,587 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006-05-12 03:27:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005-12-02 19:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-05-06 19:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [color=#E56717]========== LOP Check ==========[/color] [2010-07-20 12:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alpha-NET [2008-09-19 17:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-21 13:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-04-30 13:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Crystal Office [2009-09-28 20:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-31 20:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverCure [2009-10-22 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-04-01 18:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2010-10-05 17:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:21:35 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\INTERsoft [2010-10-05 17:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-26 19:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-05-31 20:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic [2009-08-21 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2009-04-04 19:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2010-04-01 18:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2010-10-25 10:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2009-05-08 11:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\foobar2000 [2009-09-07 00:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\VersionTracker Pro [2010-04-06 14:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Epson [2010-06-21 10:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\MfcEmbed [2010-06-21 10:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\OpenOffice.org [2010-01-31 11:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\pdfforge [2010-01-31 11:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Search Settings [2009-09-28 20:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Ashampoo [2010-11-21 13:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Autodesk [2010-06-01 18:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\BESTplayer [2010-04-01 19:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Canon [2009-10-24 15:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Crystal Office [2009-09-28 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\DAEMON Tools Lite [2010-01-13 22:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Docx2Rtf [2010-12-17 15:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox [2010-11-02 17:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Epson [2010-12-09 23:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\foobar2000 [2010-10-05 17:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:25:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\INTERsoft [2010-11-15 13:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\ipla [2009-12-28 20:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\IrfanView [2009-09-28 20:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Leadertech [2009-10-19 23:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mathsoft [2010-12-15 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\MfcEmbed [2010-05-20 18:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Nowe Gadu-Gadu [2010-01-13 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\NwDocx [2009-08-28 11:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenFM [2009-09-01 17:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenOffice.org [2010-01-14 21:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\pdfforge [2010-07-20 12:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\PhotoScape [2009-09-06 10:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Samsung [2010-11-20 11:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings [2010-10-25 11:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-03-04 17:48:22 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004-08-04 22:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-12-17 15:51:47 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 22:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM [2004-08-04 22:00:00 | 000,250,624 | -HS- | M] () -- C:\NTLDR [2010-12-17 15:51:45 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 22:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys [2004-08-04 22:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtUninstallKB912436$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\WINDOWS:97967C87659F17A3 < End of report > [/log]
Tomek01 komentarz 17 grudnia 2010 komentarz 17 grudnia 2010 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. Odinstaluj:pdfforge Toolbar, Application Updater, Search Settings ( jak się uda). W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL PRC - [2010-10-22 16:47:26 | 000,524,288 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2010-10-22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe SRV - [2010-10-22 16:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.1 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1 [2009-09-28 20:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com O1 - Hosts: 11212 more lines...O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\AutoRun\command - "" = F:\ O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\explore\command - "" = F:\ O33 - MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\Shell\open\command - "" = F:\ O33 - MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\Shell\AutoRun\command - "" = ARE\RUNNING\oF.exe O33 - MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\Shell\open\command - "" = ARE\RUNNING\oF.exe O33 - MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\Shell\AutoRun\command - "" = r2g20.exe O33 - MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\Shell\open\Command - "" = r2g20.exe O33 - MountPoints2\H\Shell\AutoRun\command - "" = DISALA///pushila.exe O33 - MountPoints2\H\Shell\explore\command - "" = DISALA//pushila.exe O33 - MountPoints2\H\Shell\open\command - "" = DISALA//pushila.exe @Alternate Data Stream - 24 bytes -> C:\WINDOWS:97967C87659F17A3 :Files C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings C:\Program Files\Common Files\Spigot C:\Program Files\pdfforge Toolbar C:\Program Files\Application Updater C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic C:\Documents and Settings\Gość\Dane aplikacji\Search Settings C:\Documents and Settings\Klaudia\Dane aplikacji\pdfforge C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings r2g20.exe/ alldrivers oF.exe/ alldrivers pushila.exe/ alldrivers autorun.inf/ alldrivers :Services Search Settings :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT 1
czeski komentarz 17 grudnia 2010 Autor komentarz 17 grudnia 2010 Nie udało się zastosować Flash Disinfectora z podpiętym pen drivem i przenośnym hdd, avira wywaliła taki oto komunikat: [i]A virus or unwanted program 'APPL/NirCmd.2' was found in file 'C:\Documents and settings\Klaudia\...\nircmd.exe'[/i] Również nie udało się dinstalowanie: pdfforge Toolbar, Application Updater, Search Settings. Nie ma ich w Panel sterowania->Dodaj lub usuń programy. LOGI z OTL: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== No active process named SearchSettings.exe was found! No active process named ApplicationUpdater.exe was found! Service Application Updater stopped successfully! Service Application Updater deleted successfully! C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully. C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll moved successfully. Prefs.js: pdfforge@mybrowserbar.com:4.1 removed from extensions.enabledItems Prefs.js: wtxpcom@mybrowserbar.com:4.1 removed from extensions.enabledItems C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\DTToolbar@toolbarnet.com folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\ deleted successfully. C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found. File C:\Program Files\pdfforge Toolbar\IE\4.1\pdfforgeToolbarIE.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ deleted successfully. File To-Page\EPSON Web-To-Page.dll not found. Registry value HKEY_USERS\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ not found. Item F:\ is whitelisted and cannot be moved. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ not found. Item F:\ is whitelisted and cannot be moved. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00414d06-d7c1-11df-a0a0-0014a5f9a2e0}\ not found. Item F:\ is whitelisted and cannot be moved. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\ not found. File ARE\RUNNING\oF.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71fabd18-9bf1-11de-9d6e-0014a5f9a2e0}\ not found. File ARE\RUNNING\oF.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\ not found. File r2g20.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dbd816e4-c87e-11de-9dfa-0014a5f9a2e0}\ not found. File r2g20.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully. File DISALA///pushila.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found. File DISALA//pushila.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found. File DISALA//pushila.exe not found. ADS C:\WINDOWS:97967C87659F17A3 deleted successfully. ========== FILES ========== C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings\temp folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings\res folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings folder moved successfully. C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully. C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully. C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully. C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully. C:\Program Files\Common Files\Spigot folder moved successfully. C:\Program Files\pdfforge Toolbar\Res folder moved successfully. C:\Program Files\pdfforge Toolbar\IE\4.1 folder moved successfully. C:\Program Files\pdfforge Toolbar\IE folder moved successfully. C:\Program Files\pdfforge Toolbar\FF\chrome\skin folder moved successfully. C:\Program Files\pdfforge Toolbar\FF\chrome\locale\EN-US folder moved successfully. C:\Program Files\pdfforge Toolbar\FF\chrome\locale folder moved successfully. C:\Program Files\pdfforge Toolbar\FF\chrome\content folder moved successfully. C:\Program Files\pdfforge Toolbar\FF\chrome folder moved successfully. C:\Program Files\pdfforge Toolbar\FF folder moved successfully. C:\Program Files\pdfforge Toolbar folder moved successfully. C:\Program Files\Application Updater folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic\UUS2\DriverCure folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic\UUS2 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\ParetoLogic folder moved successfully. C:\Documents and Settings\Gość\Dane aplikacji\Search Settings\kb130\temp folder moved successfully. C:\Documents and Settings\Gość\Dane aplikacji\Search Settings\kb130 folder moved successfully. C:\Documents and Settings\Gość\Dane aplikacji\Search Settings folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\pdfforge\temp folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\pdfforge\res folder moved successfully. C:\Documents and Settings\Klaudia\Dane aplikacji\pdfforge folder moved successfully. File\Folder C:\Documents and Settings\Klaudia\Dane aplikacji\Search Settings not found. Invalid Switch: alldrivers Invalid Switch: alldrivers Invalid Switch: alldrivers Invalid Switch: alldrivers ========== SERVICES/DRIVERS ========== Error: No service named Search Settings was found to stop! Service\Driver key Search Settings not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: Father and Muther ->Temp folder emptied: 1081 bytes ->Temporary Internet Files folder emptied: 877702 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 58821237 bytes ->Flash cache emptied: 1300 bytes User: Gość ->Temp folder emptied: 156 bytes ->Temporary Internet Files folder emptied: 795109 bytes ->FireFox cache emptied: 35719334 bytes ->Flash cache emptied: 995 bytes User: Klaudia ->Temp folder emptied: 68260510 bytes ->Temporary Internet Files folder emptied: 3197210 bytes ->Java cache emptied: 81020989 bytes ->FireFox cache emptied: 103932468 bytes ->Google Chrome cache emptied: 5931117 bytes ->Flash cache emptied: 9334 bytes User: Klodi User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 6698515 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22515304 bytes RecycleBin emptied: 4228333967 bytes Total Files Cleaned = 4 402,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12172010_202255 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6ec.dat not found! Registry entries deleted on Reboot... [/log] [log]OTL logfile created on: 2010-12-17 20:35:50 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory | 101,00 Mb Available Physical Memory | 20,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 66,38 Gb Total Space | 8,62 Gb Free Space | 12,99% Space Free | Partition Type: NTFS Drive D: | 7,13 Gb Total Space | 1,43 Gb Free Space | 20,05% Space Free | Partition Type: FAT32 Drive F: | 1,83 Gb Total Space | 1,26 Gb Free Space | 69,10% Space Free | Partition Type: FAT32 Drive H: | 149,01 Gb Total Space | 25,31 Gb Free Space | 16,98% Space Free | Partition Type: FAT32 Computer Name: YOUR-B375270B44 | User Name: Klaudia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-11 13:12:47 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-13 22:33:49 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010-10-12 22:32:49 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-02-26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe PRC - [2010-02-18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 10:41:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-12-04 12:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-01-16 12:42:20 | 000,950,272 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE PRC - [2006-06-19 10:33:12 | 000,163,840 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2006-05-18 15:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-05-03 21:58:26 | 000,458,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe PRC - [2006-05-02 14:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2005-06-11 08:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2005-01-28 12:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 22:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 22:00:00 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE PRC - [2004-08-04 22:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 22:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2004-08-04 22:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 22:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-04-16 16:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-07-26 05:36:48 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:36:44 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 22:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 22:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 22:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 22:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 22:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 22:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-04 22:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 22:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 22:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-12-09 17:29:49 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_aeec0f0.dll -- (Akamai) SRV - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-06-20 12:18:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-10-24 13:38:07 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2006-06-12 12:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr) SRV - [2005-10-06 17:46:38 | 000,856,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDPNDIS5.SYS -- (ZDPNDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090811.001\symidsco.sys -- (SYMIDSCO) DRV - [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-09-28 20:51:33 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-05-11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-05-11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007-07-03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007-07-03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007-07-03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-17 05:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-06-06 21:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD) DRV - [2006-06-02 16:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2006-05-12 21:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006-04-28 18:12:00 | 000,429,184 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006-04-21 18:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2006-04-20 17:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-04-20 17:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006-04-20 17:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-12-22 18:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-11-16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-11-01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-10-13 10:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2005-09-19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005-09-19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005-09-19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-04 08:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2004-08-04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-04 06:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2004-08-04 06:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2002-04-26 12:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) DRV - [2001-10-26 23:58:28 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001-08-18 05:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001-08-18 05:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001-08-18 05:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001-08-18 05:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001-08-18 05:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001-08-18 04:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001-08-18 04:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001-08-18 04:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001-08-18 04:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001-08-18 04:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001-08-18 04:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001-08-18 04:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001-08-18 04:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001-08-18 04:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/ IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6 FF - prefs.js..extensions.enabledItems: {333b42b0-9c75-11db-b606-0800200c9a66}:2.090208 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-11 13:13:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-11 13:13:08 | 000,000,000 | ---D | M] [2009-08-28 12:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Extensions [2010-12-17 20:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions [2009-10-24 08:59:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-08-29 20:42:04 | 000,000,000 | ---D | M] (PinkHope) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66} [2009-09-09 17:56:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-12-17 20:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-09-09 18:17:32 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-10-12 22:33:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-10-12 22:32:51 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll [2010-01-08 17:05:57 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-09-09 08:11:46 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png [2009-09-09 08:11:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml [2010-01-08 17:05:57 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-08 17:05:57 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-08 17:05:57 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-08 17:05:57 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-08 17:05:57 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-11-17 23:29:01 | 000,327,701 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 11212 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe File not found O4 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( ) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\Klaudia\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-21 13:40:47 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2001-07-27 12:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004-04-30 04:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ] O32 - Unable to obtain root file information for disk D:\ O32 - AutoRun File - [2010-11-07 17:53:32 | 000,000,088 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell - "" = Autorun O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-17 20:22:55 | 000,000,000 | ---D | C] -- C:\_OTL [2010-12-17 17:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\mb_2pro [2010-12-13 17:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej [2010-12-10 16:15:06 | 000,000,000 | ---D | C] -- C:\FENAP [2010-12-10 16:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\z pena [2010-11-22 12:38:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-22 12:38:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-22 12:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-11-22 11:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\My Art [2010-11-21 13:55:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-11-21 13:54:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010-11-21 13:54:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010-11-21 13:54:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010-11-21 13:47:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2010-11-07 12:15:23 | 000,214,016 | ---- | C] (Marcin Dutkiewicz) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Dietetyk.exe [2010-10-31 19:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\101CANON [2010-10-31 13:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Avira [2010-10-25 18:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\IBP-Software [2010-10-25 11:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [2010-10-24 17:45:30 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-10-24 17:45:26 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-10-24 17:45:26 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010-10-24 17:45:26 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010-10-24 17:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira [2010-10-24 11:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI_Pro_v5.02.527.DB.24 [2010-10-23 17:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2010-10-23 16:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI.P.v5.02.527.DB.24.67.D [2010-10-22 12:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\Install_WUFI5 [2010-10-20 18:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\SEMESTR 7 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-17 20:26:42 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-12-17 20:26:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-17 20:26:09 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-12-17 19:57:02 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-12-17 16:50:35 | 003,072,054 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-15 18:01:37 | 001,010,726 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-15 15:42:01 | 000,521,905 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-14 19:16:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-13 16:51:57 | 029,382,704 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-13 13:34:31 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-12-01 22:13:27 | 000,433,358 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010-11-22 11:53:48 | 001,945,570 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:41 | 000,058,859 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 11:41:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-11-21 17:51:43 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-15 13:06:11 | 310,726,552 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:56:12 | 310,072,970 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:38:35 | 309,228,751 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 12:09:10 | 309,698,328 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:20:57 | 309,575,345 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:59:30 | 308,669,244 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:18 | 000,015,950 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-11-10 21:43:18 | 000,000,165 | ---- | M] () -- C:\WINDOWS\Aslan.INI [2010-11-05 11:47:42 | 000,500,540 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-05 11:47:41 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-05 11:47:41 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-05 11:47:41 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-26 21:42:03 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Strona tytułowa.doc [2010-10-24 17:45:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:14:09 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:15 | 001,259,599 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-17 16:50:34 | 003,072,054 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-15 18:22:33 | 000,521,905 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-15 18:01:34 | 001,010,726 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-13 16:49:55 | 029,382,704 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-01 22:13:22 | 000,433,358 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-22 11:53:48 | 001,945,570 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:31 | 000,058,859 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 02:05:00 | 000,690,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-11-15 11:05:29 | 309,228,751 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 11:05:03 | 310,072,970 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:03:15 | 309,698,328 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:02:48 | 310,726,552 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:00:00 | 309,575,345 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:28:49 | 308,669,244 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:16 | 000,015,950 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-10-24 17:45:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:10:57 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:07 | 001,259,599 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [2010-10-11 16:38:06 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll [2010-10-11 16:38:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll [2010-06-01 18:16:45 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-01 19:15:49 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2010-04-01 19:11:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010-04-01 18:43:23 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010-01-13 23:04:22 | 000,000,084 | ---- | C] () -- C:\WINDOWS\SW_Win2146X32.DLL [2010-01-13 23:03:52 | 001,753,088 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll [2010-01-13 23:03:52 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll [2010-01-13 23:03:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll [2010-01-13 23:03:51 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx15_ic.ini [2010-01-13 23:03:50 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll [2010-01-13 23:03:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll [2010-01-13 23:03:50 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll [2010-01-13 22:37:38 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\lakerda1967.sys [2010-01-13 22:37:12 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\docXConverter (3).ini [2009-12-13 18:53:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-11-10 00:15:42 | 002,733,056 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe [2009-10-27 22:56:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\RUNTEST.INI [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32f.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divx.dll [2009-09-28 20:51:32 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-09-06 21:58:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2009-09-06 11:24:50 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-06 10:42:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-08-21 21:11:51 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DSwitch.txt [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\AtStart.txt [2009-08-21 21:11:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\QSwitch.txt [2009-08-13 11:15:30 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2009-06-20 08:57:06 | 000,000,868 | ---- | C] () -- C:\WINDOWS\rm-win.ini [2009-05-31 20:25:14 | 148,295,688 | ---- | C] () -- C:\Program Files\OOo_3.0.1_Win32Intel_install_wJRE_pl.exe [2009-03-12 00:32:28 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Aslan.INI [2008-09-30 15:53:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-01-16 00:22:39 | 002,788,800 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe [2006-09-06 20:32:19 | 000,029,006 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006-05-12 04:33:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-05-12 03:52:54 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2006-05-12 03:50:00 | 000,004,587 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006-05-12 03:27:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005-12-02 19:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-05-06 19:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [color=#E56717]========== LOP Check ==========[/color] [2010-07-20 12:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alpha-NET [2008-09-19 17:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-21 13:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-04-30 13:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Crystal Office [2009-09-28 20:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-31 20:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverCure [2009-10-22 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-04-01 18:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2010-10-05 17:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:21:35 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\INTERsoft [2010-10-05 17:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-26 19:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-08-21 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2009-04-04 19:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2010-04-01 18:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2010-10-25 10:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2009-05-08 11:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\foobar2000 [2009-09-07 00:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\VersionTracker Pro [2010-04-06 14:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Epson [2010-06-21 10:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\MfcEmbed [2010-06-21 10:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\OpenOffice.org [2010-01-31 11:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\pdfforge [2009-09-28 20:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Ashampoo [2010-11-21 13:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Autodesk [2010-06-01 18:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\BESTplayer [2010-04-01 19:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Canon [2009-10-24 15:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Crystal Office [2009-09-28 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\DAEMON Tools Lite [2010-01-13 22:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Docx2Rtf [2010-12-17 20:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox [2010-11-02 17:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Epson [2010-12-09 23:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\foobar2000 [2010-10-05 17:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:25:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\INTERsoft [2010-11-15 13:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\ipla [2009-12-28 20:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\IrfanView [2009-09-28 20:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Leadertech [2009-10-19 23:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mathsoft [2010-12-15 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\MfcEmbed [2010-05-20 18:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Nowe Gadu-Gadu [2010-01-13 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\NwDocx [2009-08-28 11:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenFM [2009-09-01 17:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenOffice.org [2010-07-20 12:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\PhotoScape [2009-09-06 10:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Samsung [2010-10-25 11:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-03-04 17:48:22 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004-08-04 22:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-12-17 20:26:09 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 22:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM [2004-08-04 22:00:00 | 000,250,624 | -HS- | M] () -- C:\NTLDR [2010-12-17 20:26:06 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 22:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys [2004-08-04 22:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtUninstallKB912436$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe < End of report > [/log] Czekam na dalsze instrukcje.
Tomek01 komentarz 17 grudnia 2010 komentarz 17 grudnia 2010 Zastosuj w takim razie SDFix. O1 - Hosts: 11212 more lines... Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. I czekam na log RSIT o który prosiłem. 1
czeski komentarz 17 grudnia 2010 Autor komentarz 17 grudnia 2010 (edytowane) Skąd najlepiej pobrać SDFix i jak postępować po uruchomieniu? Bowiem pobrałem SDFix-a i od razu avira wyskoczyła z komunikatem o wirusie bądź podejrzanym programie.logi z RSIT: [log]info.txt logfile of random's system information tool 1.08 2010-12-17 22:29:08 ======Uninstall list====== -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{028EC2AF-F501-4567-9CEA-140030DE8544}\setup.exe" -l0x9 -u -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2580F4DA-324F-4945-B16F-B2B867325085}\setup.exe" -l0x9 -u -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002} Aide PDF to DXF Converter 9.6-->"C:\Program Files\Aide PDF to DXF Converter\unins000.exe" Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe Aktualizacja dla systemu Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981350)-->"C:\WINDOWS\$NtUninstallKB981350$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" AutoCAD 2006 - Polski-->MsiExec.exe /I{5783F2D7-4001-0415-0002-0060B0CE6BBA} AutoCAD 2009 - Polski-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0415-0002-0060B0CE6BBA} /M ACAD Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} Autodesk Network License Manager-->MsiExec.exe /X{EAB8A41D-FABA-4569-A0A1-60A8B358D6F1} Autodesk Robot Structural Analysis 2010-->"C:\Program Files\InstallShield Installation Information\{7B72EC26-C48C-4D23-B332-50292294901F}\setup.exe" -runfromtemp -l0x0015 -removeonly Autodesk Robot Structural Analysis Professional 2009-->"C:\Program Files\InstallShield Installation Information\{10A532D0-EEA9-4217-9254-3E8DEC0E9F23}\setup.exe" -runfromtemp -l0x0015 -removeonly AVIcodec (remove only)-->"C:\Program Files\AVIcodec\uninst.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" CleanGP 4.4 Build 4005-->"C:\Program Files\SoftprojectGP\CleanGP\unins000.exe" Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe DWG TrueView 2011-->C:\Program Files\Autodesk\DWG TrueView 2011\Setup\Setup.exe /P {5783F2D7-9028-0409-0000-0060B0CE6BBA} /M AOEM /language en-US Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}\SETUP.EXE -runfromtemp -l0x0009 UNINST -removeonly Epson Event Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\SETUP.EXE" -l0x9 -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r Epson Stylus SX210_SX410_TX210_TX410 Podręcznik-->C:\Program Files\EPSON\TPMANUAL\ESSX210_410_TX210_410\POL\USE_G\DOCUNINS.EXE EPSON SX210 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSFDE.EXE /R /APD /P:"EPSON SX210 Series" EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe Google Chrome-->"C:\Program Files\Google\Chrome\Application\8.0.552.224\Installer\setup.exe" --uninstall --system-level Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x15 -removeonly HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Quick Launch Buttons 6.10 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x15 -removeonly uninst HP QuickPlay 2.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall HP Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP User Guides 0035-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE247E71-C143-40BB-ADF2-A465DF062BAB}\Setup.exe" -l0x15 -removeonly HP Wireless Assistant 2.00 G2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x15 hpquninst Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2 Intel(R) PRO Network Connections Drivers-->Prounstl.exe ipla 2.2-->C:\Program Files\ipla\uninst.exe IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} K-Lite Codec Pack 5.4.4 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" LTBeam (C:\Program Files\LTBeam\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\LTBeam\ST6UNST.LOG" LTBeam-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\LTBeam\ST6UNST.LOG" Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46} Macromedia Shockwave Player-->MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Maple 11-->"C:\Program Files\Maple 11\Uninstall_Maple 11\Uninstall Maple 11.exe" Mathcad 14.0 M020 Help-->MsiExec.exe /I{205ACCD7-5342-4694-91F3-3A99E4FD5AA6} Mathcad 14.0 M020 Resource Center-->MsiExec.exe /I{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC} Mathcad 14.0 M020-->MsiExec.exe /I{8796E14E-2031-463F-8A9A-31062B2652B4} Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1} Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 — pakiet języka polskiego-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PLK\install.exe Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Works-->MsiExec.exe /I{3D0736DC-2C04-4168-A16D-1DA6F968EBFC} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mozilla Firefox (3.5.16)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} NapiProjekt 1.0.6.9-->"C:\Program Files\NAPI-PROJEKT\unins001.exe" NET Installation Assistance for VB6 App (Runtime Only)-->MsiExec.exe /I{66333C41-085E-4DA1-8273-E2BCA382D766} NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x15 ControlPanel Norma Pro-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FCEBA1E-B484-4972-883F-E2B99A12758E}\setup.exe" -l0x15 odf-converter-integrator-->C:\Program Files\odf-converter-integrator\uninstall.exe OpenOffice.org 3.1-->MsiExec.exe /I{30BE2CB7-A171-48BB-9673-9211834956CC} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe pdfforge Toolbar v4.1-->MsiExec.exe /X{B1BFDF6B-3C03-46fe-B5D7-BABB0063D8E0} Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Polskie Normy i prawo budowlane-->"C:\Program Files\Aslan Wydawnictwa Elektroniczne\PNPB\unins000.exe" Poprawka dla systemu Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB909095)-->"C:\WINDOWS\$NtUninstallKB909095$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB912436)-->"C:\WINDOWS\$NtUninstallKB912436$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB915326)-->"C:\WINDOWS\$NtUninstallKB915326$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Poprawka systemu Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB884575-->C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885464-->C:\WINDOWS\$NtUninstallKB885464$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB888239-->C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB888402-->C:\WINDOWS\$NtUninstallKB888402$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB889673-->C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Poprawka systemu Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Poprawka systemu Windows XP - KB892559-->"C:\WINDOWS\$NtUninstallKB892559$\spuninst\spuninst.exe" Rama 3D/2D 7.0-->MsiExec.exe /X{77BBC5AD-2D09-4DEE-97B0-E19A090EC731} Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe" SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x0015 -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0015 -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m\HXFSETUP.EXE -U -IAt8VEN5m.inf Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall WUFI® 5-->"C:\Program Files\IBP-Software\unins000.exe" WUFI®-DB 24-->"C:\Program Files\IBP-Software\unins001.exe" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======System event log====== Computer Name: YOUR-B375270B44 Event Code: 7035 Message: Do usługi Karta wydajności WMI został pomyślnie wysłany kod sterowania uruchom. Record Number: 33820 Source Name: Service Control Manager Time Written: 20101109135535.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: YOUR-B375270B44 Event Code: 7036 Message: Usługa Usługa bramy warstwy aplikacji weszła w stan uruchomienia. Record Number: 33819 Source Name: Service Control Manager Time Written: 20101109135534.000000+060 Event Type: informacje User: Computer Name: YOUR-B375270B44 Event Code: 7035 Message: Do usługi Usługa bramy warstwy aplikacji został pomyślnie wysłany kod sterowania uruchom. Record Number: 33818 Source Name: Service Control Manager Time Written: 20101109135534.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: YOUR-B375270B44 Event Code: 7036 Message: Usługa Rozpoznawanie lokalizacji w sieci (NLA) weszła w stan uruchomienia. Record Number: 33817 Source Name: Service Control Manager Time Written: 20101109135534.000000+060 Event Type: informacje User: Computer Name: YOUR-B375270B44 Event Code: 7035 Message: Do usługi Rozpoznawanie lokalizacji w sieci (NLA) został pomyślnie wysłany kod sterowania uruchom. Record Number: 33816 Source Name: Service Control Manager Time Written: 20101109135533.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM =====Application event log===== Computer Name: YOUR-B375270B44 Event Code: 1002 Message: Aplikacja zawieszająca subedit.exe, wersja 1.0.0.4072, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Record Number: 3070 Source Name: Application Hang Time Written: 20100430084522.000000+120 Event Type: błąd User: Computer Name: YOUR-B375270B44 Event Code: 4096 Message: The AntiVir service has been started successfully! Record Number: 3069 Source Name: Avira AntiVir Time Written: 20100430083016.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: YOUR-B375270B44 Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 3068 Source Name: SecurityCenter Time Written: 20100430083009.000000+120 Event Type: informacje User: Computer Name: YOUR-B375270B44 Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 3067 Source Name: LightScribeService Time Written: 20100430083004.000000+120 Event Type: informacje User: Computer Name: YOUR-B375270B44 Event Code: 4096 Message: The AntiVir service has been started successfully! Record Number: 3066 Source Name: Avira AntiVir Time Written: 20100429212112.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\watcom-1.3\binnt;C:\watcom-1.3\binw;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\Autodesk Shared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0e08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\ "KMP_DUPLICATE_LIB_OK"=TRUE "WATCOM"=C:\watcom-1.3 -----------------EOF----------------- [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Klaudia at 2010-12-17 22:07:44 Microsoft Windows XP Home Edition Dodatek Service Pack 2 System drive C: has 9 GB (13%) free of 68 GB Total RAM: 502 MB (13% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:28:54, on 2010-12-17 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Klaudia.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\WINDOWS\TEMP\E_S8B.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ? O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- End of file - 6508 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-11 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840] "EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-13 281768] "SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON SX210 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [2008-11-06 199680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe Przyspieszenie uruchomienia programu AutoCAD.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe C:\Documents and Settings\Klaudia\Menu Start\Programy\Autostart Dropbox.lnk - C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Maple 11\jre\bin\maple.exe"="C:\Program Files\Maple 11\jre\bin\maple.exe:*:Enabled:Maple 11" "C:\Program Files\IBP-Software\WUFI5\Animation1D.exe"="C:\Program Files\IBP-Software\WUFI5\Animation1D.exe:*:Enabled:1D-Animation of WUFI®-Film.Documents" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .scr - open - C:\WINDOWS\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-12-17 22:07:48 ----D---- C:\Program Files\trend micro 2010-12-17 22:07:43 ----D---- C:\rsit 2010-12-17 20:22:55 ----D---- C:\_OTL 2010-12-10 16:15:06 ----D---- C:\FENAP 2010-11-22 12:38:59 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-11-22 12:38:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-11-22 12:38:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-21 13:55:20 ----SHD---- C:\Config.Msi 2010-11-21 13:54:25 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-11-21 13:54:25 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-11-21 13:54:22 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-11-21 13:47:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ ======List of files/folders modified in the last 1 months====== 2010-12-17 22:26:24 ----D---- C:\Program Files\Common Files\Akamai 2010-12-17 22:07:48 ----D---- C:\Program Files 2010-12-17 20:29:15 ----D---- C:\Program Files\Mozilla Firefox 2010-12-17 20:28:26 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox 2010-12-17 20:28:00 ----AD---- C:\WINDOWS 2010-12-17 20:27:29 ----D---- C:\WINDOWS\Temp 2010-12-17 20:26:39 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-17 20:24:51 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-17 20:23:31 ----D---- C:\Program Files\Common Files 2010-12-17 20:23:27 ----D---- C:\Program Files\DAEMON Tools Toolbar 2010-12-17 16:25:39 ----D---- C:\WINDOWS\Prefetch 2010-12-17 16:25:30 ----D---- C:\WINDOWS\Registration 2010-12-17 14:12:52 ----D---- C:\WINDOWS\Debug 2010-12-17 14:12:45 ----A---- C:\WINDOWS\system32\MRT.exe 2010-12-15 18:40:40 ----D---- C:\WINDOWS\system32 2010-12-15 18:27:35 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\MfcEmbed 2010-12-14 23:33:46 ----D---- C:\WINDOWS\Minidump 2010-12-09 23:11:36 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\foobar2000 2010-12-09 22:22:44 ----D---- C:\Program Files\LTBeam 2010-12-07 15:54:58 ----SD---- C:\Documents and Settings\Klaudia\Dane aplikacji\Microsoft 2010-11-24 22:54:15 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Skype 2010-11-24 20:31:50 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\skypePM 2010-11-22 19:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$ 2010-11-22 19:35:53 ----D---- C:\WINDOWS\system32\drivers 2010-11-21 14:06:51 ----RSD---- C:\WINDOWS\assembly 2010-11-21 14:06:51 ----D---- C:\WINDOWS\Microsoft.NET 2010-11-21 14:02:19 ----SHD---- C:\WINDOWS\Installer 2010-11-21 13:59:41 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Autodesk 2010-11-21 13:59:38 ----RSD---- C:\WINDOWS\Fonts 2010-11-21 13:59:25 ----D---- C:\Program Files\Common Files\Autodesk Shared 2010-11-21 13:56:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk 2010-11-21 13:55:29 ----D---- C:\Program Files\Autodesk 2010-11-21 13:54:28 ----D---- C:\WINDOWS\system32\DirectX 2010-11-21 13:54:26 ----HD---- C:\WINDOWS\inf 2010-11-21 13:53:22 ----D---- C:\WINDOWS\Logs 2010-11-21 13:40:47 ----D---- C:\Autodesk 2010-11-20 11:58:22 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240] R0 ohci1394;Kontroler hosta IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-09-27 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-28 721904] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-12-09 135096] R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 40192] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-25 61960] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672] R3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-04-28 429184] R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-04-11 163328] R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-20 995712] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-20 208000] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-06-17 193120] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-20 727296] S2 Kmm4xNT;Kmm4xNT; C:\WINDOWS\system32\drivers\Kmm4xNT.sys [2002-04-26 95484] S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952] S3 aj937yhh;aj937yhh; C:\WINDOWS\system32\drivers\aj937yhh.sys [] S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824] S3 NSCIRDA;Sterownik urządzenia podczerwieni NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672] S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-18 19584] S3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928] S3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840] S3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992] S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090811.001\symidsco.sys [] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-21 1429632] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS [] S4 agp440;Filtr magistrali AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368] S4 agpCPQ;Filtr magistrali AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928] S4 alim1541;Filtr magistrali AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752] S4 amdagp;Sterownik filtru magistrali AGP AMD; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952] S4 sisagp;Filtr magistrali AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088] S4 viaagp;Filtr magistrali AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-13 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-09 267944] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-12 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-20 135664] S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-10-24 85096] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-20 651720] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-11 182768] S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMConnectCDS;Usługa Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 856064] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log][quote name='Tomek01' timestamp='1292620134' post='1144538'] Wejdź w Start/Uruchom, wklejasz : [b]Notepad C:\windows\System32\drivers\etc\Hosts[/b] - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany.[/quote] Zrobione. Jedynie mam problem z tym SDFix-em
Tomek01 komentarz 19 grudnia 2010 komentarz 19 grudnia 2010 To nie podejmuj akcji, pozwól by ta aplikacja się uruchomiła. Czy to robi się automatycznie ? Wklej do OTL: [code] :Processes Explorer.exe :Files C:\Program Files\Common Files\Spigot C:\Program Files\DAEMON Tools Toolbar :Reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SearchSettings"=- :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT 1
czeski komentarz 19 grudnia 2010 Autor komentarz 19 grudnia 2010 (edytowane) [quote name='Tomek01' timestamp='1292718092' post='1145389'] To nie podejmuj akcji, pozwól by ta aplikacja się uruchomiła. Czy to robi się automatycznie ? [/quote] Robi to automatycznie i nie mogę odpalić aplikacji. LOG z usuwania: [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== FILES ========== File\Folder C:\Program Files\Common Files\Spigot not found. C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully. C:\Program Files\DAEMON Tools Toolbar folder moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Father and Muther ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Gość ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Klaudia ->Temp folder emptied: 2074939 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 93125114 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1282 bytes User: Klodi User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes RecycleBin emptied: 2940132440 bytes Total Files Cleaned = 2 895,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12192010_094222 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6f8.dat not found! Registry entries deleted on Reboot... [/log] LOG z OTL: [log]OTL logfile created on: 2010-12-19 09:56:09 - Run 3 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 502,00 Mb Total Physical Memory | 78,00 Mb Available Physical Memory | 16,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 66,38 Gb Total Space | 8,16 Gb Free Space | 12,29% Space Free | Partition Type: NTFS Drive D: | 7,13 Gb Total Space | 1,43 Gb Free Space | 20,05% Space Free | Partition Type: FAT32 Drive H: | 149,01 Gb Total Space | 28,04 Gb Free Space | 18,82% Space Free | Partition Type: FAT32 Computer Name: YOUR-B375270B44 | User Name: Klaudia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-11 13:12:47 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-11-13 22:33:49 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010-10-12 22:32:49 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-02-26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe PRC - [2010-02-18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 10:41:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-12-04 12:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-01-16 12:42:20 | 000,950,272 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE PRC - [2006-06-19 10:33:12 | 000,163,840 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2006-05-18 15:52:06 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-05-03 21:58:26 | 000,458,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe PRC - [2006-05-02 14:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2005-06-11 08:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2005-01-28 12:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 22:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 22:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 22:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2004-08-04 22:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 22:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-17 16:51:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-04-16 16:37:04 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-04-16 16:37:04 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2010-04-16 16:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2010-04-16 16:37:03 | 001,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2009-12-24 08:07:42 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-09-04 21:47:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-07-17 19:57:56 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2009-06-25 09:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:00:47 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-06-20 18:42:20 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2005-09-01 03:28:38 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2005-07-26 05:36:48 | 001,285,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2005-07-26 05:36:44 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 22:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 22:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 22:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-04 22:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2004-08-04 22:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2004-08-04 22:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 22:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 22:00:00 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll MOD - [2004-08-04 22:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 22:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 22:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 22:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2004-08-04 22:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2004-08-04 22:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-04 22:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 22:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2004-08-04 22:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 22:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2004-08-04 22:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 22:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2004-08-04 22:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 22:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 22:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2004-08-04 22:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-12-09 17:33:04 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-12-09 17:29:49 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_aeec0f0.dll -- (Akamai) SRV - [2010-11-13 22:33:49 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-06-20 12:18:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-10-24 13:38:07 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2006-06-12 12:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr) SRV - [2005-10-06 17:46:38 | 000,856,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDPNDIS5.SYS -- (ZDPNDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090811.001\symidsco.sys -- (SYMIDSCO) DRV - [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-09-28 20:51:33 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-05-11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-05-11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007-07-03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007-07-03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007-07-03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-17 05:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-06-06 21:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD) DRV - [2006-06-02 16:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2006-05-12 21:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006-04-28 18:12:00 | 000,429,184 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006-04-21 18:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2006-04-20 17:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-04-20 17:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006-04-20 17:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-12-22 18:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-11-16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-11-01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-10-13 10:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2005-09-19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005-09-19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005-09-19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-04 08:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2004-08-04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-04 06:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2004-08-04 06:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2002-04-26 12:04:16 | 000,095,484 | ---- | M] (DATOM Dariusz Cielebąk) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KMM4XNT.SYS -- (Kmm4xNT) DRV - [2001-10-26 23:58:28 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) DRV - [2001-08-18 05:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001-08-18 05:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001-08-18 05:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001-08-18 05:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001-08-18 05:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001-08-18 04:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001-08-18 04:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001-08-18 04:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001-08-18 04:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001-08-18 04:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001-08-18 04:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001-08-18 04:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001-08-18 04:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001-08-18 04:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/ IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.6 FF - prefs.js..extensions.enabledItems: {333b42b0-9c75-11db-b606-0800200c9a66}:2.090208 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-11 13:13:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-11 13:13:08 | 000,000,000 | ---D | M] [2009-08-28 12:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Extensions [2010-12-18 22:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions [2009-10-24 08:59:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-08-29 20:42:04 | 000,000,000 | ---D | M] (PinkHope) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66} [2009-09-09 17:56:04 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010-12-18 22:31:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-09-09 18:17:32 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-10-12 22:33:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-10-12 22:32:51 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll [2010-01-08 17:05:57 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-09-09 08:11:46 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png [2009-09-09 08:11:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml [2010-01-08 17:05:57 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-08 17:05:57 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-08 17:05:57 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-08 17:05:57 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-08 17:05:57 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-11-17 23:29:01 | 000,327,701 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 11212 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( ) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\Klaudia\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3878064813-3404945718-133233761-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-21 13:40:47 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2001-07-27 12:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004-04-30 04:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ] O32 - Unable to obtain root file information for disk D:\ O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell - "" = Autorun O33 - MountPoints2\{4bc98142-c92a-11de-9dfe-0014a5f9a2e0}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2004-08-04 22:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-17 22:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-12-17 22:07:43 | 000,000,000 | ---D | C] -- C:\rsit [2010-12-17 20:22:55 | 000,000,000 | ---D | C] -- C:\_OTL [2010-12-17 17:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\mb_2pro [2010-12-13 17:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej [2010-12-10 16:15:06 | 000,000,000 | ---D | C] -- C:\FENAP [2010-12-10 16:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\z pena [2010-11-22 12:38:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-22 12:38:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-22 12:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-11-22 11:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\My Art [2010-11-21 13:55:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-11-21 13:54:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010-11-21 13:54:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010-11-21 13:54:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010-11-21 13:47:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2010-11-07 12:15:23 | 000,214,016 | ---- | C] (Marcin Dutkiewicz) -- C:\Documents and Settings\Klaudia\Moje dokumenty\Dietetyk.exe [2010-10-31 19:45:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\101CANON [2010-10-31 13:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Avira [2010-10-25 18:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\IBP-Software [2010-10-25 11:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [2010-10-24 17:45:30 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-10-24 17:45:26 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-10-24 17:45:26 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010-10-24 17:45:26 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010-10-24 17:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira [2010-10-24 11:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI_Pro_v5.02.527.DB.24 [2010-10-23 17:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2010-10-23 16:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\WUFI.P.v5.02.527.DB.24.67.D [2010-10-22 12:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Moje dokumenty\Install_WUFI5 [2010-10-20 18:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klaudia\Pulpit\SEMESTR 7 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-19 09:57:04 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-12-19 09:45:43 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-12-19 09:45:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-19 09:45:23 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-12-19 00:17:23 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-18 00:03:50 | 003,072,054 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-17 22:09:28 | 000,000,532 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\spider.sav [2010-12-17 16:50:35 | 003,072,054 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-15 15:42:01 | 000,521,905 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-14 19:16:45 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-13 16:51:57 | 029,382,704 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-09 17:33:07 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-12-01 22:13:27 | 000,433,358 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-25 18:13:29 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010-11-22 11:53:48 | 001,945,570 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:41 | 000,058,859 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 11:41:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-11-21 17:51:43 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-15 13:06:11 | 310,726,552 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:56:12 | 310,072,970 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 12:38:35 | 309,228,751 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 12:09:10 | 309,698,328 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:20:57 | 309,575,345 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:59:30 | 308,669,244 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:18 | 000,015,950 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-11-10 21:43:18 | 000,000,165 | ---- | M] () -- C:\WINDOWS\Aslan.INI [2010-11-05 11:47:42 | 000,500,540 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-05 11:47:41 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-05 11:47:41 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-05 11:47:41 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-10-26 21:42:03 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Strona tytułowa.doc [2010-10-24 17:45:44 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:14:09 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:15 | 001,259,599 | ---- | M] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-17 22:09:28 | 000,000,532 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\spider.sav [2010-12-17 16:50:34 | 003,072,054 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\bez tytułu.bmp [2010-12-15 18:22:33 | 000,521,905 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Procesy inwestycyjne, wykłady.pdf [2010-12-15 18:01:34 | 003,072,054 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\jak trafic do klaudii.bmp [2010-12-13 16:49:55 | 029,382,704 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Ekonomika produkcji budowlanej.rar [2010-12-01 22:13:22 | 000,433,358 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\ustawa_prawo_budowlane.pdf [2010-11-22 11:53:48 | 001,945,570 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film002.mp4 [2010-11-22 11:53:48 | 000,572,549 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film001.mp4 [2010-11-22 11:53:48 | 000,540,984 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film009.mp4 [2010-11-22 11:53:48 | 000,483,934 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film007.mp4 [2010-11-22 11:53:48 | 000,197,801 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Film006.mp4 [2010-11-22 11:44:31 | 000,058,859 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\ksiazka telefon.pdf [2010-11-22 02:05:00 | 000,690,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-11-15 11:05:29 | 309,228,751 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty.W5P [2010-11-15 11:05:03 | 310,072,970 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kraków - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:03:15 | 309,698,328 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty.W5P [2010-11-15 11:02:48 | 310,726,552 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Warszawa - wstępne warianty - zależne od wiatru.W5P [2010-11-15 11:00:00 | 309,575,345 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty - zależne od wiatru.W5P [2010-11-15 10:28:49 | 308,669,244 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\Kołobrzeg - wstępne warianty.W5P [2010-11-14 10:13:16 | 000,015,950 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\Bez tytułu 1.ods [2010-10-24 17:45:44 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk [2010-10-24 17:10:57 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Klaudia\Moje dokumenty\avira_antivir_personal_en.exe [2010-10-22 12:33:07 | 001,259,599 | ---- | C] () -- C:\Documents and Settings\Klaudia\Pulpit\pub1_42.pdf [2010-10-11 16:38:06 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll [2010-10-11 16:38:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll [2010-06-01 18:16:45 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-01 19:15:49 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2010-04-01 19:11:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2010-04-01 18:43:23 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010-01-13 23:04:22 | 000,000,084 | ---- | C] () -- C:\WINDOWS\SW_Win2146X32.DLL [2010-01-13 23:03:52 | 001,753,088 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll [2010-01-13 23:03:52 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll [2010-01-13 23:03:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll [2010-01-13 23:03:51 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx15_ic.ini [2010-01-13 23:03:50 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll [2010-01-13 23:03:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll [2010-01-13 23:03:50 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll [2010-01-13 22:37:38 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\lakerda1967.sys [2010-01-13 22:37:12 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Klaudia\Dane aplikacji\docXConverter (3).ini [2009-12-13 18:53:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2009-11-10 00:15:42 | 002,733,056 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe [2009-10-27 22:56:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\RUNTEST.INI [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32f.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divxc32.dll [2009-10-12 19:17:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\divx.dll [2009-09-28 20:51:32 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-09-06 21:58:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2009-09-06 11:24:50 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-06 10:42:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-08-21 21:11:51 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\DSwitch.txt [2009-08-21 21:11:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\AtStart.txt [2009-08-21 21:11:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\QSwitch.txt [2009-08-13 11:15:30 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2009-06-20 08:57:06 | 000,000,868 | ---- | C] () -- C:\WINDOWS\rm-win.ini [2009-05-31 20:25:14 | 148,295,688 | ---- | C] () -- C:\Program Files\OOo_3.0.1_Win32Intel_install_wJRE_pl.exe [2009-03-12 00:32:28 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Aslan.INI [2008-09-30 15:53:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-01-16 00:22:39 | 002,788,800 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe [2006-09-06 20:32:19 | 000,029,006 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006-05-12 04:33:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-05-12 03:52:54 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2006-05-12 03:50:00 | 000,004,587 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006-05-12 03:27:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005-12-02 19:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-05-06 19:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [color=#E56717]========== LOP Check ==========[/color] [2010-07-20 12:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alpha-NET [2008-09-19 17:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-21 13:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2009-04-30 13:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Crystal Office [2009-09-28 20:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-31 20:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DriverCure [2009-10-22 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-04-01 18:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2010-10-05 17:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:21:35 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\INTERsoft [2010-10-05 17:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-26 19:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-08-21 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2009-04-04 19:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2010-04-01 18:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL [2010-10-25 10:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\XMLVerifier [2009-05-08 11:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\foobar2000 [2009-09-07 00:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Father and Muther\Dane aplikacji\VersionTracker Pro [2010-04-06 14:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Epson [2010-06-21 10:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\MfcEmbed [2010-06-21 10:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\OpenOffice.org [2010-01-31 11:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\pdfforge [2009-09-28 20:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Ashampoo [2010-11-21 13:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Autodesk [2010-06-01 18:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\BESTplayer [2010-04-01 19:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Canon [2009-10-24 15:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Crystal Office [2009-09-28 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\DAEMON Tools Lite [2010-01-13 22:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Docx2Rtf [2010-12-19 09:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox [2010-11-02 17:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Epson [2010-12-09 23:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\foobar2000 [2010-10-05 17:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Gadu-Gadu 10 [2010-10-17 19:25:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\INTERsoft [2010-11-15 13:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\ipla [2009-12-28 20:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\IrfanView [2009-09-28 20:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Leadertech [2009-10-19 23:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Mathsoft [2010-12-15 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\MfcEmbed [2010-05-20 18:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Nowe Gadu-Gadu [2010-01-13 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\NwDocx [2009-08-28 11:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenFM [2009-09-01 17:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\OpenOffice.org [2010-07-20 12:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\PhotoScape [2009-09-06 10:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\Samsung [2010-10-25 11:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klaudia\Dane aplikacji\WUFI [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-03-04 17:48:22 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004-08-04 22:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-12-19 09:45:23 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-17 22:36:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 22:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM [2004-08-04 22:00:00 | 000,250,624 | -HS- | M] () -- C:\NTLDR [2010-12-19 09:45:20 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004-08-04 06:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-04 22:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-04 22:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-10-23 19:32:34 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\sp3.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [2004-08-04 22:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004-08-04 22:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\ndis.sys [2004-08-04 22:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtUninstallKB912436$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [2006-01-10 02:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2004-08-04 22:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\dd64aa87403cfac627c6c8f37d245aa4\winlogon.exe < End of report > [/log] Log z RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Klaudia at 2010-12-19 10:05:25 Microsoft Windows XP Home Edition Dodatek Service Pack 2 System drive C: has 8 GB (12%) free of 68 GB Total RAM: 502 MB (40% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:05:48, on 2010-12-19 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Klaudia.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [EPSON SX210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\WINDOWS\TEMP\E_S8B.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = ? O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- End of file - 6352 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-11 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-11 256112] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840] "EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-13 281768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON SX210 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [2008-11-06 199680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe Przyspieszenie uruchomienia programu AutoCAD.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe C:\Documents and Settings\Klaudia\Menu Start\Programy\Autostart Dropbox.lnk - C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Maple 11\jre\bin\maple.exe"="C:\Program Files\Maple 11\jre\bin\maple.exe:*:Enabled:Maple 11" "C:\Program Files\IBP-Software\WUFI5\Animation1D.exe"="C:\Program Files\IBP-Software\WUFI5\Animation1D.exe:*:Enabled:1D-Animation of WUFI®-Film.Documents" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .scr - open - C:\WINDOWS\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-12-17 22:07:48 ----D---- C:\Program Files\trend micro 2010-12-17 22:07:43 ----D---- C:\rsit 2010-12-17 20:22:55 ----D---- C:\_OTL 2010-12-10 16:15:06 ----D---- C:\FENAP 2010-11-22 12:38:59 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-11-22 12:38:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-11-22 12:38:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-21 13:55:20 ----SHD---- C:\Config.Msi 2010-11-21 13:54:25 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-11-21 13:54:25 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-11-21 13:54:22 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-11-21 13:47:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ ======List of files/folders modified in the last 1 months====== 2010-12-19 09:47:33 ----D---- C:\Program Files\Mozilla Firefox 2010-12-19 09:47:13 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Dropbox 2010-12-19 09:46:56 ----AD---- C:\WINDOWS 2010-12-19 09:46:27 ----D---- C:\WINDOWS\Temp 2010-12-19 09:46:00 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-19 09:45:36 ----D---- C:\Program Files\Common Files\Akamai 2010-12-19 09:42:47 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-19 09:42:26 ----D---- C:\Program Files 2010-12-17 22:43:36 ----D---- C:\WINDOWS\system32\drivers\etc 2010-12-17 20:23:31 ----D---- C:\Program Files\Common Files 2010-12-17 16:25:39 ----D---- C:\WINDOWS\Prefetch 2010-12-17 16:25:30 ----D---- C:\WINDOWS\Registration 2010-12-17 14:12:52 ----D---- C:\WINDOWS\Debug 2010-12-17 14:12:45 ----A---- C:\WINDOWS\system32\MRT.exe 2010-12-15 18:40:40 ----D---- C:\WINDOWS\system32 2010-12-15 18:27:35 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\MfcEmbed 2010-12-14 23:33:46 ----D---- C:\WINDOWS\Minidump 2010-12-09 23:11:36 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\foobar2000 2010-12-09 22:22:44 ----D---- C:\Program Files\LTBeam 2010-12-07 15:54:58 ----SD---- C:\Documents and Settings\Klaudia\Dane aplikacji\Microsoft 2010-11-24 22:54:15 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Skype 2010-11-24 20:31:50 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\skypePM 2010-11-22 19:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$ 2010-11-22 19:35:53 ----D---- C:\WINDOWS\system32\drivers 2010-11-21 14:06:51 ----RSD---- C:\WINDOWS\assembly 2010-11-21 14:06:51 ----D---- C:\WINDOWS\Microsoft.NET 2010-11-21 14:02:19 ----SHD---- C:\WINDOWS\Installer 2010-11-21 13:59:41 ----D---- C:\Documents and Settings\Klaudia\Dane aplikacji\Autodesk 2010-11-21 13:59:38 ----RSD---- C:\WINDOWS\Fonts 2010-11-21 13:59:25 ----D---- C:\Program Files\Common Files\Autodesk Shared 2010-11-21 13:56:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk 2010-11-21 13:55:29 ----D---- C:\Program Files\Autodesk 2010-11-21 13:54:28 ----D---- C:\WINDOWS\system32\DirectX 2010-11-21 13:54:26 ----HD---- C:\WINDOWS\inf 2010-11-21 13:53:22 ----D---- C:\WINDOWS\Logs 2010-11-21 13:40:47 ----D---- C:\Autodesk 2010-11-20 11:58:22 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240] R0 ohci1394;Kontroler hosta IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-09-27 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-28 721904] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-12-09 135096] R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 40192] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-25 61960] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672] R3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-04-28 429184] R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-04-11 163328] R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-20 995712] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-20 208000] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-06-17 193120] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-20 727296] S2 Kmm4xNT;Kmm4xNT; C:\WINDOWS\system32\drivers\Kmm4xNT.sys [2002-04-26 95484] S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952] S3 afu26vya;afu26vya; C:\WINDOWS\system32\drivers\afu26vya.sys [] S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824] S3 NSCIRDA;Sterownik urządzenia podczerwieni NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672] S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-18 19584] S3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928] S3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840] S3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992] S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090811.001\symidsco.sys [] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-21 1429632] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS [] S4 agp440;Filtr magistrali AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368] S4 agpCPQ;Filtr magistrali AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928] S4 alim1541;Filtr magistrali AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752] S4 amdagp;Sterownik filtru magistrali AGP AMD; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952] S4 sisagp;Filtr magistrali AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088] S4 viaagp;Filtr magistrali AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-13 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-09 267944] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-12 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-20 135664] S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-10-24 85096] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-20 651720] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-11 182768] S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMConnectCDS;Usługa Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 856064] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log]
czeski komentarz 19 grudnia 2010 Autor komentarz 19 grudnia 2010 (edytowane) [log] [b]SDFix: Version 1.182 [/b] Run by Klaudia on 2010-12-19 at 21:10 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting [b]Checking Files [/b]: Trojan Files Found: C:\WINDOWS\SYSTEM32\DIVXCONF.EXE - Deleted C:\WINDOWS\SYSTEM32\DIVX.DLL - Deleted C:\WINDOWS\SYSTEM32\DIVXC32.DLL - Deleted C:\WINDOWS\SYSTEM32\DIVXC32F.DLL - Deleted C:\WINDOWS\SYSTEM32\MP4FIL32.DLL - Deleted Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-12-19 21:19:48 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "hdf12"=hex:8f,28,1a,60,c0,15,11,18,76,8c,5c,20,20,f0,02,e6,45,df,7e,c8,d7,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "a0"=hex:20,01,00,00,76,df,08,75,19,d8,72,c5,ea,e5,6d,48,26,3e,88,30,78,.. "hdf12"=hex:fb,f2,ed,ea,1b,8e,e3,5a,b5,57,03,d6,7f,e9,48,16,9b,e1,a4,32,ea,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:64,af,bd,99,21,92,a9,1a,3a,e4,1a,0a,ce,8f,9d,7d,90,62,45,2f,c5,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "hdf12"=hex:8f,28,1a,60,c0,15,11,18,76,8c,5c,20,20,f0,02,e6,45,df,7e,c8,d7,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "a0"=hex:20,01,00,00,76,df,08,75,19,d8,72,c5,ea,e5,6d,48,26,3e,88,30,78,.. "hdf12"=hex:fb,f2,ed,ea,1b,8e,e3,5a,b5,57,03,d6,7f,e9,48,16,9b,e1,a4,32,ea,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:64,af,bd,99,21,92,a9,1a,3a,e4,1a,0a,ce,8f,9d,7d,90,62,45,2f,c5,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="C:\\Program Files\\Nowe Gadu-Gadu\\gg.exe:*:Enabled:Nowe Gadu-Gadu" "C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Enabled:EA Download Manager" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox" "C:\\Documents and Settings\\Klaudia\\Dane aplikacji\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\Klaudia\\Dane aplikacji\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox" "C:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"="C:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe:*:Enabled:EEventManager Application" "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\\Program Files\\Gadu-Gadu 10\\gg.exe"="C:\\Program Files\\Gadu-Gadu 10\\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\\Program Files\\Maple 11\\jre\\bin\\maple.exe"="C:\\Program Files\\Maple 11\\jre\\bin\\maple.exe:*:Enabled:Maple 11" "C:\\Program Files\\IBP-Software\\WUFI5\\Animation1D.exe"="C:\\Program Files\\IBP-Software\\WUFI5\\Animation1D.exe:*:Enabled:1D-Animation of WUFIR-Film.Documents" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [b]Remaining Files [/b]: File Backups: - C:\SDFix\backups\backups.zip [b]Files with Hidden Attributes [/b]: Wed 4 Nov 2009 1,168,216 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll" Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe" Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Thu 5 Mar 2009 2,260,480 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Tue 14 Nov 2006 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS" Fri 16 Oct 2009 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Wed 13 Jan 2010 136 A..H. --- "C:\Documents and Settings\Klaudia\Dane aplikacji\lakerda1967.sys" Tue 1 Sep 2009 10,053,112 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe" Fri 2 Jul 2010 0 A.SH. --- "C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\PlayReady\Cache\indiv01.tmp" [b]Finished![/b] [/log] Co dalej ??
Tomek01 komentarz 19 grudnia 2010 komentarz 19 grudnia 2010 Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum. 1
czeski komentarz 21 grudnia 2010 Autor komentarz 21 grudnia 2010 Log z Malwarebytes: [log]Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Wersja bazy: 5358 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 2010-12-20 00:04:26 mbam-log-2010-12-20 (00-04-26).txt Typ skanowania: Pełne skanowanie (C:\|D:\|H:\|) Przeskanowano obiektów: 323391 Upłynęło: 2 godzin(y), 13 minut(y), 54 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 16 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: c:\documents and settings\Klodi\ustawienia lokalne\dane aplikacji\Opera\Opera\profile\cache4\opr00028 (Trojan.Zbot) -> Quarantined and deleted successfully. c:\documents and settings\Klodi\ustawienia lokalne\dane aplikacji\Opera\Opera\profile\cache4\opr0002O (Trojan.Zbot) -> Quarantined and deleted successfully. c:\documents and settings\Klodi\ustawienia lokalne\dane aplikacji\Opera\Opera\profile\cache4\opr0006T (Trojan.Zbot) -> Quarantined and deleted successfully. c:\documents and settings\Klodi\ustawienia lokalne\dane aplikacji\Opera\Opera\profile\cache4\opr0008B (Trojan.Zbot) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP263\A0050990.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP263\A0050991.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP286\A0055501.rbf (Adware.WidgiToolbar) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP286\A0055516.old (Adware.WidgiToolbar) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP292\A0056115.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\system volume information\_restore{e4a5cdf2-75d6-4ce3-b276-318d60a72a1f}\RP292\A0056116.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\_OTL\movedfiles\12172010_202255\c_program files\pdfforge toolbar\widgihelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully. c:\_OTL\movedfiles\12172010_202255\c_program files\pdfforge toolbar\IE\4.1\pdfforgetoolbarie.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. h:\system volume information\_restore{582e28ae-6394-4be1-8a74-610e2df3badf}\RP247\A0030680.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. h:\dokumenty klodi\programy\robot structural analysis profesional 2009 + crack\Crack\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. h:\dokumenty klodi\semestr 6\STAL\robot2010\autodesk_key_2010\x86\xf-a2010.exe (Trojan.Agent) -> Quarantined and deleted successfully. h:\dokumenty klodi\semestr 6\STAL\robot2010\autodesk_key_2010\x64\xf-a2010.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. [/log]Log z DrWebCureIt: [log]0d1da7ca.qua\data001;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED\0d1da7ca.qua;Win32.HLLW.Autoruner.22584;; 0d1da7ca.qua;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED;Kontener zawiera zainfekowane obiekty;Przeniesiony.; 4618d2d2.qua\data001;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED\4618d2d2.qua;Win32.HLLW.Autoruner.22584;; 4618d2d2.qua;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED;Kontener zawiera zainfekowane obiekty;Przeniesiony.; 4e6e164c.qua\data001;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED\4e6e164c.qua;Tool.NirCmd.1;; 4e6e164c.qua;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED;Kontener zawiera zainfekowane obiekty;Przeniesiony.; 4e6e17bb.qua\data001;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED\4e6e17bb.qua;Tool.NirCmd.1;; 4e6e17bb.qua;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED;Kontener zawiera zainfekowane obiekty;Przeniesiony.; 5e81fd73.qua\data001;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED\5e81fd73.qua;Trojan.Packed.21005;; 5e81fd73.qua;C:\Documents and Settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED;Kontener zawiera zainfekowane obiekty;Przeniesiony.; Flash_Disinfector.exe/data002\nircmd.exe;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\Flash_Disinfector.exe/data002;Tool.NirCmd.1;; data002;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie;Archiwum zawierające zainfekowane obiekty;; Flash_Disinfector.exe;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie;Kontener zawiera zainfekowane obiekty;Przeniesiony.; sdfix_1.173.exe/data001\SDFix\apps\Process.exe;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie\sdfix_1.173.exe/data001;Tool.Killproc.3;; data001;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie;Archiwum zawierające zainfekowane obiekty;; sdfix_1.173.exe;C:\Documents and Settings\Klaudia\Moje dokumenty\Pobieranie;Kontener zawiera zainfekowane obiekty;Przeniesiony.; B335A81Ed01/gziped.gz/data001\SDFix\apps\Process.exe;C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\Cache\B335A81Ed01;Tool.Killproc.3;; data001;C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\Cache;Archiwum zawierające zainfekowane obiekty;; gziped.gz;C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\Cache;Kontener zawiera zainfekowane obiekty;; B335A81Ed01;C:\Documents and Settings\Klaudia\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1nqnwfpj.default\Cache;Archiwum zawierające zainfekowane obiekty;Przeniesiony.; Process.exe;C:\SDFix\apps;Tool.Killproc.3;Niewyleczalny.Usunięty.; A0055514.old;C:\System Volume Information\_restore{E4A5CDF2-75D6-4CE3-B276-318D60A72A1F}\RP286;Adware.Websearch.177;Niewyleczalny.Usunięty.; A0052752.exe;H:\System Volume Information\_restore{E4A5CDF2-75D6-4CE3-B276-318D60A72A1F}\RP270;Win32.HLLW.Autoruner.22584;Usunięty.; A0052753.exe;H:\System Volume Information\_restore{E4A5CDF2-75D6-4CE3-B276-318D60A72A1F}\RP270;Trojan.Packed.21005;; [/log]Co dalej ??
Tomek01 komentarz 21 grudnia 2010 komentarz 21 grudnia 2010 Nic groźnego w systemie już nie widzę.To co znalazły DrWeb i Mbam to w zasadzie nic groźnego. Wyłącz a następnie włącz przywracanie systemu. 1
czeski komentarz 21 grudnia 2010 Autor komentarz 21 grudnia 2010 Czyli to wszystko, nic więcej poza wyłączeniem i włączeniem przywracania systemu? I coś groźnego było w systemie poza tym autorunem.inf, bo skanowanie DrWebem trwało aż 17h!I bardzo dziękuję za poświęcony czas oraz pomoc I cały czas avira wywala komunikat: [i]access to the file '[u]D:\Autorun.inf[/u]' was blocked for your security[/i]
Tomek01 komentarz 21 grudnia 2010 komentarz 21 grudnia 2010 Czy avira Ci się aktualizuje ? Spróbuj ją przeinstalować. 1
czeski komentarz 21 grudnia 2010 Autor komentarz 21 grudnia 2010 Aktualizuje i spróbuję mimo to ją przeinstalować, zobaczymy czy dalej będzie wyskakiwać ten komunikat.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.