Junior_Battle utworzono 10 stycznia 2011 utworzono 10 stycznia 2011 Wczoraj, przez przypadek wszedłem w link, który dostałem na czacie, na facebooku. Od tego czasu, z mojego konta cały czas są wysyłane wiadomosci na czacie do moich znajomych, w liczbie... zatrważającej. Zrobiłem scan malwarebytes, wykryło 7 wirusów, które usunąłem, próbowałem też przywrócenia sytemu, ale mój komputer nie chce wykonać tej czynośći Problem występuje nadal, avast widzi trojana :nvsvc32.exe NA innym forum, użytkownik, miał identyczny problem, z identycznym trojanem, ale niestety, ma zupełnie inny system i inny komputer LOGI Z OTL [log]OTL logfile created on: 2011-01-10 17:46:26 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Luki\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 1,46 Gb Free Space | 4,99% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 0,08 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Drive E: | 61,15 Gb Total Space | 9,54 Gb Free Space | 15,59% Space Free | Partition Type: NTFS Drive F: | 2,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 1,90 Gb Total Space | 1,68 Gb Free Space | 88,41% Space Free | Partition Type: FAT Computer Name: LUK | User Name: Luki | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-10 17:45:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luki\Moje dokumenty\Downloads\OTL (1).exe PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- E:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-12-09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2010-10-19 20:25:27 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-07-06 09:54:24 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-06-18 20:41:06 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010-04-14 17:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-04-14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009-11-06 22:04:54 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe PRC - [2009-06-04 21:56:22 | 000,869,888 | ---- | M] () -- E:\Program Files\ALLPlayer\ALLUpdate.exe PRC - [2008-07-04 16:01:54 | 000,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-08-23 10:18:24 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2007-08-15 10:38:30 | 000,147,456 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2007-08-08 10:03:42 | 002,441,216 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007-07-19 11:18:48 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe PRC - [2007-06-26 13:11:42 | 000,675,913 | ---- | M] () -- C:\Program Files\IRReceive\IRReceive.exe PRC - [2007-05-22 15:57:26 | 002,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2007-05-18 01:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007-04-26 13:53:38 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2007-03-06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2007-03-03 12:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2007-02-27 19:21:08 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2007-02-25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2006-12-28 15:17:50 | 000,123,248 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2006-11-02 07:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2006-10-26 12:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE PRC - [2006-09-28 20:09:14 | 000,700,416 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe PRC - [2006-07-26 17:01:06 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe PRC - [2006-01-23 22:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe PRC - [2005-05-19 14:47:36 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-10 17:45:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Luki\Moje dokumenty\Downloads\OTL (1).exe MOD - [2006-03-02 13:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll MOD - [2006-03-02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (wuauserv) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-07-06 09:54:24 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-04-14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-04-14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-04-14 17:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007-05-18 01:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) SRV - [2007-03-06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2007-03-03 12:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2007-02-25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2006-12-28 15:17:50 | 000,123,248 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Everest 4.20.1212\Everest 4.20.1212\kerneld.wnt -- (EverestDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Luki\USTAWI~1\Temp\cpuz131\cpuz_x32.sys -- (cpuz131) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Luki\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2010-06-05 09:56:51 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-04-14 17:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-04-14 17:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-04-14 17:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-04-14 17:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-04-14 17:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-04-14 17:30:45 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-08-27 22:01:24 | 000,018,688 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2008-07-06 11:51:20 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-06-27 10:24:56 | 004,742,656 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-05-12 17:30:02 | 003,007,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-04-13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-10-17 23:50:00 | 000,107,904 | R--- | M] (e3C, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EC168BDA.sys -- (EC168BDA) DRV - [2007-09-26 05:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Sterownik karty Intel(R) DRV - [2007-08-30 02:41:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l151x86.sys -- (AtcL001) DRV - [2007-08-23 11:22:08 | 001,201,312 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007-08-10 19:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2007-08-07 20:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2007-07-24 10:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2007-06-11 13:25:28 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb) DRV - [2007-05-24 13:27:30 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2007-04-24 12:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2007-03-21 23:02:04 | 000,037,376 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-03-01 15:53:10 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2007-02-24 15:42:22 | 000,039,936 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007-02-16 01:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay) DRV - [2007-01-23 17:40:20 | 000,042,496 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007-01-22 09:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2006-12-14 16:11:58 | 000,007,680 | R--- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006-11-20 16:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2006-11-10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006-10-10 18:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2005-05-03 16:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2005-01-06 12:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://vshare.toolbarhome.com/?hp=df" FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-03 20:49:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-01-04 19:00:31 | 000,000,000 | ---D | M] [2008-07-04 14:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Extensions [2011-01-09 21:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions [2008-07-24 09:11:40 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2009-09-04 18:00:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008-12-25 16:53:31 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2010-06-24 20:07:28 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\illimitux@illimitux.net [2010-10-02 15:03:03 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\vshare@toolbar [2008-07-06 11:54:40 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\searchplugins\daemon-search.xml [2010-12-01 16:12:50 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\searchplugins\web-search.xml [2011-01-09 21:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-07-31 15:03:16 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2008-08-11 22:58:53 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} [2008-11-20 15:01:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008-09-04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2009-01-28 18:03:11 | 000,024,673 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll [2009-07-25 20:13:08 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2008-09-28 08:46:27 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2008-09-28 08:46:27 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2008-09-28 08:46:27 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2008-09-28 08:46:27 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2008-09-28 08:46:27 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL (ZoneAlarm) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL (ZoneAlarm) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL (ZoneAlarm) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe () O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [CloneCDTray] d:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [IRReceive] C:\Program Files\IRReceive\IRReceive.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe () O4 - HKCU..\Run: [ALLUpdate] e:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKCU..\Run: [AQQ] D:\Program Files\WapSter\WapSter AQQ\AQQ.exe () O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu 10] E:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKCU..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) O4 - Startup: C:\Documents and Settings\Luki\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: internet ([]about in Internet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-07-02 07:49:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008-10-15 22:53:29 | 000,000,000 | R--D | M] - F:\autoplay -- [ UDF ] O32 - AutoRun File - [2008-10-15 22:22:03 | 003,064,456 | R--- | M] (UBISOFT) - F:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-10-15 21:55:59 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{9792e851-c699-11df-a7cd-001f3c0b2ee9}\Shell - "" = Autorun O33 - MountPoints2\{9792e851-c699-11df-a7cd-001f3c0b2ee9}\Shell\AutoRun\command - "" = H:\Install_Nokia_Ovi_Suite.exe -- File not found O33 - MountPoints2\{cbaa18c4-ca39-11de-a5dd-001f3c0b2ee9}\Shell\AutoRun\command - "" = u16sqrqn.exe O33 - MountPoints2\{cbaa18c4-ca39-11de-a5dd-001f3c0b2ee9}\Shell\open\Command - "" = u16sqrqn.exe O33 - MountPoints2\{dd17ce9e-4550-11de-a3f4-001f3c0b2ee9}\Shell\AutoRun\command - "" = u16sqrqn.exe O33 - MountPoints2\{dd17ce9e-4550-11de-a3f4-001f3c0b2ee9}\Shell\open\Command - "" = u16sqrqn.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color] [2011-01-10 17:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2011-01-10 15:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Luki\Dane aplikacji\Malwarebytes [2011-01-10 15:20:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-01-10 15:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-01-10 15:20:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-01-10 15:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-01-05 14:17:20 | 000,000,000 | ---D | C] -- C:\Themes [2011-01-05 14:17:20 | 000,000,000 | ---D | C] -- C:\Plugins [2011-01-05 14:17:20 | 000,000,000 | ---D | C] -- C:\Incoming [2011-01-05 14:17:20 | 000,000,000 | ---D | C] -- C:\Data [2008-09-16 16:32:35 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Luki\Dane aplikacji\pcouffin.sys [2004-11-24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 7 Days ==========[/color] [2011-01-10 17:30:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-57989841-839522115-1004UA.job [2011-01-10 17:28:30 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-01-10 17:23:39 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-01-10 17:23:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-01-10 17:22:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-01-10 15:20:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-01-10 08:07:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-09 21:30:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-57989841-839522115-1004Core.job [2011-01-07 16:16:45 | 000,000,086 | ---- | M] () -- C:\Settings.ini [2011-01-07 13:23:52 | 000,037,869 | ---- | M] () -- C:\Documents and Settings\Luki\Pulpit\380733.zip [2011-01-06 17:51:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-10 15:20:24 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-01-07 13:23:50 | 000,037,869 | ---- | C] () -- C:\Documents and Settings\Luki\Pulpit\380733.zip [2011-01-06 16:01:05 | 000,503,720 | ---- | C] () -- C:\Documents and Settings\Luki\Pulpit\IMG_4359.JPG [2011-01-06 16:01:05 | 000,469,535 | ---- | C] () -- C:\Documents and Settings\Luki\Pulpit\IMG_4370.JPG [2011-01-06 16:01:05 | 000,459,440 | ---- | C] () -- C:\Documents and Settings\Luki\Pulpit\IMG_4363.JPG [2011-01-05 14:17:20 | 000,000,086 | ---- | C] () -- C:\Settings.ini [2010-08-14 17:53:41 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2010-08-14 17:53:41 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2010-06-19 12:02:56 | 000,374,272 | ---- | C] () -- C:\WINDOWS\System32\mss32.dll [2010-06-07 20:33:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-06-07 20:33:37 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Luki\Dane aplikacji\PnkBstrK.sys [2010-04-28 18:16:33 | 000,013,954 | -HS- | C] () -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\1560349806 [2010-04-28 18:16:33 | 000,013,954 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1560349806 [2010-04-28 17:30:48 | 000,013,978 | -HS- | C] () -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\OAGW0KNwM [2010-04-27 22:48:39 | 000,013,970 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\OAGW0KNwM [2009-07-16 19:53:58 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009-07-08 18:19:14 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-04-11 11:08:31 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009-04-11 11:08:31 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009-04-11 11:08:31 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009-04-11 11:08:31 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009-04-11 11:08:31 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009-04-11 11:08:31 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009-02-21 20:23:35 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\winitn.dll [2009-02-06 23:22:44 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-02-06 23:22:44 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-02-06 23:22:42 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-02-06 23:22:42 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-02-06 23:22:41 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-02-06 23:22:40 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-01-29 19:16:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-01-28 18:34:46 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI [2008-12-28 13:28:17 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-12-22 16:39:31 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2008-11-12 18:41:36 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008-11-07 15:49:53 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008-10-20 21:24:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-09-16 16:32:40 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Luki\Dane aplikacji\pcouffin.log [2008-09-16 16:32:35 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Luki\Dane aplikacji\inst.exe [2008-09-16 16:32:35 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Luki\Dane aplikacji\pcouffin.cat [2008-09-16 16:32:35 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Luki\Dane aplikacji\pcouffin.inf [2008-07-15 10:59:35 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2008-07-15 09:43:47 | 000,098,816 | ---- | C] () -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-07-14 17:24:17 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-07-06 11:51:20 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-07-04 23:49:32 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI [2008-07-04 23:34:38 | 000,016,480 | R--- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2008-07-04 23:09:58 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\WMV9VCM.dll [2008-07-04 23:09:58 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-07-04 23:09:58 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-07-04 23:09:58 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-07-04 23:09:58 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-07-04 23:09:57 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\mplvpx.dll [2008-07-04 23:09:57 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\i263_32.drv [2008-07-04 23:09:57 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-07-04 22:23:23 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2008-07-04 22:05:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI [2008-07-02 21:21:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll [2008-07-02 21:21:21 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll [2008-07-02 15:24:23 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-12-05 12:05:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005-07-22 20:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004-10-12 06:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2004-10-12 06:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2004-10-12 06:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2004-10-09 06:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2004-10-05 08:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2004-10-03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2002-03-17 01:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000088.DLL [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [1988-11-08 06:11:26 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 < End of report >[/log] [log] OTL Extras logfile created on: 2011-01-10 17:46:26 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Luki\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 1,46 Gb Free Space | 4,99% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 0,08 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Drive E: | 61,15 Gb Total Space | 9,54 Gb Free Space | 15,59% Space Free | Partition Type: NTFS Drive F: | 2,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 1,90 Gb Total Space | 1,68 Gb Free Space | 88,41% Space Free | Partition Type: FAT Computer Name: LUK | User Name: Luki | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "d:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "d:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "d:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8461:TCP" = 8461:TCP:*:Enabled:GoD High Port "8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S) "50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A) [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = D:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- () "E:\Program Files\Soldier of Fortune II - Double Helix MP TEST\SoF2MP-Test.exe" = E:\Program Files\Soldier of Fortune II - Double Helix MP TEST\SoF2MP-Test.exe:*:Enabled:SoF2MP-Test -- () "E:\Program Files\Sports Interactive\Football Manager 2010\fm.exe" = E:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive) "E:\Program Files\2K Sports\NBA 2K10\nba2k10.exe" = E:\Program Files\2K Sports\NBA 2K10\nba2k10.exe:*:Enabled:2K Sports NBA 2K10 -- File not found "E:\Program Files\Counter-Strike Source\hl2.exe" = E:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- File not found "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found "E:\Program Files\Microsoft Games\Age of Empires II\empires2.exe" = E:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II -- File not found "E:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = E:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion -- File not found "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "E:\Program Files\Sports Interactive\Football Manager 2011\fm.exe" = E:\Program Files\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011 -- (Sports Interactive) "C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Edytor -- (Ubisoft Entertainment) "C:\Documents and Settings\Luki\Moje dokumenty\Downloads\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07BA1F40-85B5-11D4-0091-A500A0245DC0}" = NHL 2001 Demo "{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0A9C9BD5-8588-40D4-8A1A-860E3D2ED6EE}" = NBA 2K10 "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax "{1C36647E-F5BD-43E9-BA64-5F274B7F7050}_is1" = Prawo Jazdy 2006 1.0 "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2 "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10 "{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes "{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup "{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1 "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{39C8EFBA-042B-11DC-A860-0EE955D89593}" = EA SPORTS™ NBA LIVE 08 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = XTB-Trader 4.00 "{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear "{49FC50FC-F965-40D9-89B4-CBFF80941PLK}" = Windows Movie Maker 2.0 "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skoki Narciarskie 2002 "{628C3D50-F524-4C49-A958-672CE7953756}" = Władca Pierścieni® - Podbój™ "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone "{6C5A8BA1-8114-11D5-0090-B800902724B3}" = FIFA 2002 "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758A4269-70E5-4B11-B419-F692882408A9}" = Gothic "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{97B78FAE-5E46-4E56-9B25-37862F5EC568}" = IRReceive "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2) "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A70500000002}" = Adobe Reader 7.0.5 - Polish "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6 "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{B700113B-24A8-4D4C-8484-0CC944F764C8}" = Google SketchUp 8 "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min "{C708333C-B1B9-43be-B797-49FEC7A8D15B}" = C5200 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}" = C5200_Help "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "{D867D5F2-C2D1-406F-B9E4-D4D2BFB7AA0D}" = Ghost Recon Advanced Warfighter "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Driver Install "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1 "{DD920AB6-2DB9-48B7-8052-0A4F0C4277BC}" = MarketingReg "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{DE74FC6F-EB3C-4EFC-B5AA-0F0C03DEC23F}" = MANTA "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EA5E8895-08E6-4CE5-9034-074BED87B71A}_is1" = ALO RM to MP3 Converter 7.0 "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio "{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "0BF49E9448DA0DFB69DB9D673379652AB9087171" = Windows Driver Package - Intel net (09/26/2007 11.5.0.32) "3D Driving-School" = 3D Driving-School "3D Driving-School Demo" = 3D Driving-School Demo "5D81FBED6E61194F43FF1556F43BD8309BA44634" = Windows Driver Package - Intel (NETw4x32) net (09/26/2007 11.5.0.32) "Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2 "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Agere Systems Soft Modem" = Agere Systems HDA Modem "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "Ashampoo Burning Studio 8_is1" = Ashampoo Burning Studio 8.04 "Assopigliatutto_is1" = Assopigliatutto 3.0 "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "Asus_F8_ScreenSaver" = Asus_F8_ScreenSaver "ATI Display Driver" = ATI Display Driver "AudibleManager" = AudibleManager "avast5" = avast! Free Antivirus "Bingo Buddies_is1" = Bingo Buddies 1.2 "Blender" = Blender (remove only) "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter "Budzik 2.0" = Budzik 2.0 "burnatonce_is1" = burnatonce "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "ColorCastFX for Digital Cameras_is1" = ColorCastFX for Digital Cameras "Counter-Strike: Source" = Counter-Strike: Source "Creative Removable Disk Manager" = Creative Removable Disk Manager "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.5.0 "Diablo II" = Diablo II "dog1" = dog1 Screen Saver "Driving Simulator 2009_is1" = Driving Simulator 2009 Version 1.12 "Duke Nukem 3D_is1" = Duke Nukem 3D "EFD65E7CD7A28D00217941F33C5CA55964F96136" = Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37) "eMule" = eMule "Fifa 98 - Road To World Cup_is1" = Fifa 98 - Road To World Cup - www.cgarchive.com "Football Manager 2008" = Football Manager 2008 "Football Manager 2010" = Football Manager 2010 "Football Manager 2011" = Football Manager 2011 "Gadu-Gadu" = Gadu-Gadu 7.7 "Gadu-Gadu 10" = Gadu-Gadu 10 "GoD_is1" = GoD 1.95 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "HPOCR" = OCR Software by I.R.I.S. 10.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "IMG Tool" = IMG Tool (remove only) "InfraRecorder" = InfraRecorder "InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008 "InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "InstallShield_{97B78FAE-5E46-4E56-9B25-37862F5EC568}" = IRReceive "InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11 "ipla" = ipla 2.2.1 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "mVoice_is1" = mVoice For Windows Mobile, v5.6 "Native Instruments Traktor DJ Studio 3 Demo" = Native Instruments Traktor DJ Studio 3 Demo "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NSS" = Norton Security Scan "OCCT_is1" = OCCT Perestroika 3.1.0 "PGGForever_is1" = PGGForever 0.1.18 Full "Progetto Italiano 1_is1" = Progetto Italiano 1 "PunkBusterSvc" = PunkBuster Services "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Shop for HP Supplies" = Shop for HP Supplies "Soldier of Fortune II - Double Helix MP TEST" = Soldier of Fortune II - Double Helix MP TEST "SpeedFan" = SpeedFan (remove only) "SysInfo" = Creative System Information "The Sims" = The Sims "Tony Hawk's Pro Skater 2 Demo" = Tony Hawk's Pro Skater 2 Demo "Total Video Converter 3.11_is1" = Total Video Converter 3.11 "Tunatic" = Tunatic "Winamp" = Winamp "WinAVI Video Converter_is1" = WinAVI Video Converter "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xilisoft 3GP Video Converter" = Xilisoft 3GP Video Converter "ZENcast Organizer" = ZENcast Organizer "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "592819874.demos.telerik.com" = Telerik f!acedeck Client for Facebook "75730ac606da7c7e" = Komunikator "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA "Facebook Plug-In" = Facebook Plug-In "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2009-11-07 15:31:12 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-08 13:34:12 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-08 15:39:07 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-09 10:09:29 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2010-01-24 09:40:22 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2010-02-18 16:52:08 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8031 Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8031 Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9984 Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9984 Error - 2011-01-07 11:47:11 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ipla.exe, wersja 2.2.1.13, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-07 12:46:03 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca gg.exe, wersja 10.3.2.12444, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-09 19:11:27 | Computer Name = LUK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd nvsvc32.exe, wersja 0.0.0.0, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00028c0b. Error - 2011-01-10 10:02:36 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca gg.exe, wersja 10.3.2.12444, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ OSession Events ] Error - 2008-11-01 10:57:11 | Computer Name = LUK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13908 seconds with 840 seconds of active time. This session ended with a crash. Error - 2009-12-07 13:52:19 | Computer Name = LUK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 283 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 2011-01-10 09:57:29 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 09:58:54 | Computer Name = LUK | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-10 11:31:06 | Computer Name = LUK | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.1.2 na karcie sieciowej o adresie sieciowym 001F3C0B2EE9. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = sr | ID = 1 Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001' podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało zatrzymane monitorowanie woluminu. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 11:51:26 | Computer Name = LUK | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-10 12:12:00 | Computer Name = LUK | Source = Dhcp | ID = 1001 Description = Komputerowi nie został przypisany adres z sieci (przez serwer DHCP) dla karty sieciowej o adresie 001F3C0B2EE9. Wystąpił następujący błąd: %%1223. Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP). Error - 2011-01-10 12:17:32 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 12:17:32 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "d:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "d:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "d:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8461:TCP" = 8461:TCP:*:Enabled:GoD High Port "8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "50001:TCP" = 50001:TCP:*:Enabled:ArcaVir CommunicationPort (S) "50000:TCP" = 50000:TCP:*:Enabled:ArcaVir CommunicationPort (A) [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\eMule\emule.exe" = D:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = D:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ -- () "E:\Program Files\Soldier of Fortune II - Double Helix MP TEST\SoF2MP-Test.exe" = E:\Program Files\Soldier of Fortune II - Double Helix MP TEST\SoF2MP-Test.exe:*:Enabled:SoF2MP-Test -- () "E:\Program Files\Sports Interactive\Football Manager 2010\fm.exe" = E:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive) "E:\Program Files\2K Sports\NBA 2K10\nba2k10.exe" = E:\Program Files\2K Sports\NBA 2K10\nba2k10.exe:*:Enabled:2K Sports NBA 2K10 -- File not found "E:\Program Files\Counter-Strike Source\hl2.exe" = E:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- File not found "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- File not found "E:\Program Files\Microsoft Games\Age of Empires II\empires2.exe" = E:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II -- File not found "E:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = E:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion -- File not found "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "E:\Program Files\Sports Interactive\Football Manager 2011\fm.exe" = E:\Program Files\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011 -- (Sports Interactive) "C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Edytor -- (Ubisoft Entertainment) "C:\Documents and Settings\Luki\Moje dokumenty\Downloads\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- File not found [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07BA1F40-85B5-11D4-0091-A500A0245DC0}" = NHL 2001 Demo "{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0A9C9BD5-8588-40D4-8A1A-860E3D2ED6EE}" = NBA 2K10 "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax "{1C36647E-F5BD-43E9-BA64-5F274B7F7050}_is1" = Prawo Jazdy 2006 1.0 "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2 "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 10 "{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes "{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup "{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1 "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{39C8EFBA-042B-11DC-A860-0EE955D89593}" = EA SPORTS™ NBA LIVE 08 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = XTB-Trader 4.00 "{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear "{49FC50FC-F965-40D9-89B4-CBFF80941PLK}" = Windows Movie Maker 2.0 "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skoki Narciarskie 2002 "{628C3D50-F524-4C49-A958-672CE7953756}" = Władca Pierścieni® - Podbój™ "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone "{6C5A8BA1-8114-11D5-0090-B800902724B3}" = FIFA 2002 "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758A4269-70E5-4B11-B419-F692882408A9}" = Gothic "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{97B78FAE-5E46-4E56-9B25-37862F5EC568}" = IRReceive "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2) "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A70500000002}" = Adobe Reader 7.0.5 - Polish "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6 "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{B700113B-24A8-4D4C-8484-0CC944F764C8}" = Google SketchUp 8 "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min "{C708333C-B1B9-43be-B797-49FEC7A8D15B}" = C5200 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}" = C5200_Help "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "{D867D5F2-C2D1-406F-B9E4-D4D2BFB7AA0D}" = Ghost Recon Advanced Warfighter "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Driver Install "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1 "{DD920AB6-2DB9-48B7-8052-0A4F0C4277BC}" = MarketingReg "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{DE74FC6F-EB3C-4EFC-B5AA-0F0C03DEC23F}" = MANTA "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EA5E8895-08E6-4CE5-9034-074BED87B71A}_is1" = ALO RM to MP3 Converter 7.0 "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio "{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "0BF49E9448DA0DFB69DB9D673379652AB9087171" = Windows Driver Package - Intel net (09/26/2007 11.5.0.32) "3D Driving-School" = 3D Driving-School "3D Driving-School Demo" = 3D Driving-School Demo "5D81FBED6E61194F43FF1556F43BD8309BA44634" = Windows Driver Package - Intel (NETw4x32) net (09/26/2007 11.5.0.32) "Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2 "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Agere Systems Soft Modem" = Agere Systems HDA Modem "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010 "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "Ashampoo Burning Studio 8_is1" = Ashampoo Burning Studio 8.04 "Assopigliatutto_is1" = Assopigliatutto 3.0 "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "Asus_F8_ScreenSaver" = Asus_F8_ScreenSaver "ATI Display Driver" = ATI Display Driver "AudibleManager" = AudibleManager "avast5" = avast! Free Antivirus "Bingo Buddies_is1" = Bingo Buddies 1.2 "Blender" = Blender (remove only) "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter "Budzik 2.0" = Budzik 2.0 "burnatonce_is1" = burnatonce "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "ColorCastFX for Digital Cameras_is1" = ColorCastFX for Digital Cameras "Counter-Strike: Source" = Counter-Strike: Source "Creative Removable Disk Manager" = Creative Removable Disk Manager "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.5.0 "Diablo II" = Diablo II "dog1" = dog1 Screen Saver "Driving Simulator 2009_is1" = Driving Simulator 2009 Version 1.12 "Duke Nukem 3D_is1" = Duke Nukem 3D "EFD65E7CD7A28D00217941F33C5CA55964F96136" = Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37) "eMule" = eMule "Fifa 98 - Road To World Cup_is1" = Fifa 98 - Road To World Cup - www.cgarchive.com "Football Manager 2008" = Football Manager 2008 "Football Manager 2010" = Football Manager 2010 "Football Manager 2011" = Football Manager 2011 "Gadu-Gadu" = Gadu-Gadu 7.7 "Gadu-Gadu 10" = Gadu-Gadu 10 "GoD_is1" = GoD 1.95 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "HPOCR" = OCR Software by I.R.I.S. 10.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "IMG Tool" = IMG Tool (remove only) "InfraRecorder" = InfraRecorder "InstallShield_{2FDFD600-7338-4738-90D5-FC4ACA08DC36}" = Pro Evolution Soccer 2008 "InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "InstallShield_{97B78FAE-5E46-4E56-9B25-37862F5EC568}" = IRReceive "InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11 "ipla" = ipla 2.2.1 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full) "LastFM_is1" = Last.fm 1.5.4.24567 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "mVoice_is1" = mVoice For Windows Mobile, v5.6 "Native Instruments Traktor DJ Studio 3 Demo" = Native Instruments Traktor DJ Studio 3 Demo "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NSS" = Norton Security Scan "OCCT_is1" = OCCT Perestroika 3.1.0 "PGGForever_is1" = PGGForever 0.1.18 Full "Progetto Italiano 1_is1" = Progetto Italiano 1 "PunkBusterSvc" = PunkBuster Services "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Shop for HP Supplies" = Shop for HP Supplies "Soldier of Fortune II - Double Helix MP TEST" = Soldier of Fortune II - Double Helix MP TEST "SpeedFan" = SpeedFan (remove only) "SysInfo" = Creative System Information "The Sims" = The Sims "Tony Hawk's Pro Skater 2 Demo" = Tony Hawk's Pro Skater 2 Demo "Total Video Converter 3.11_is1" = Total Video Converter 3.11 "Tunatic" = Tunatic "Winamp" = Winamp "WinAVI Video Converter_is1" = WinAVI Video Converter "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xilisoft 3GP Video Converter" = Xilisoft 3GP Video Converter "ZENcast Organizer" = ZENcast Organizer "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "592819874.demos.telerik.com" = Telerik f!acedeck Client for Facebook "75730ac606da7c7e" = Komunikator "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA "Facebook Plug-In" = Facebook Plug-In "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2009-11-07 15:31:12 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-08 13:34:12 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-08 15:39:07 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2009-11-09 10:09:29 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2010-01-24 09:40:22 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = Error - 2010-02-18 16:52:08 | Computer Name = LUK | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8031 Error - 2011-01-06 11:20:17 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8031 Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9984 Error - 2011-01-06 11:20:19 | Computer Name = LUK | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9984 Error - 2011-01-07 11:47:11 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca ipla.exe, wersja 2.2.1.13, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-07 12:46:03 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca gg.exe, wersja 10.3.2.12444, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-09 19:11:27 | Computer Name = LUK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd nvsvc32.exe, wersja 0.0.0.0, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.5755, adres błędu 0x00028c0b. Error - 2011-01-10 10:02:36 | Computer Name = LUK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca gg.exe, wersja 10.3.2.12444, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ OSession Events ] Error - 2008-11-01 10:57:11 | Computer Name = LUK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13908 seconds with 840 seconds of active time. This session ended with a crash. Error - 2009-12-07 13:52:19 | Computer Name = LUK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 283 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 2011-01-10 09:57:29 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 09:58:54 | Computer Name = LUK | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-10 11:31:06 | Computer Name = LUK | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.1.2 na karcie sieciowej o adresie sieciowym 001F3C0B2EE9. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = sr | ID = 1 Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001' podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało zatrzymane monitorowanie woluminu. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 11:50:13 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 11:51:26 | Computer Name = LUK | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-10 12:12:00 | Computer Name = LUK | Source = Dhcp | ID = 1001 Description = Komputerowi nie został przypisany adres z sieci (przez serwer DHCP) dla karty sieciowej o adresie 001F3C0B2EE9. Wystąpił następujący błąd: %%1223. Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP). Error - 2011-01-10 12:17:32 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. Error - 2011-01-10 12:17:32 | Computer Name = LUK | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie D:. < End of report > [/code] prosze o wyrozumiałość, gdyż w sprawach komputera jestem laikiem. BŁAGAM O POMOC![/log] [color="#FF0000"]//Poprawiam //Tom01[/color]
Tomek01 komentarz 10 stycznia 2011 komentarz 10 stycznia 2011 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL [2010-10-02 15:03:03 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\extensions\vshare@toolbar [2008-07-06 11:54:40 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\searchplugins\daemon-search.xml [2010-12-01 16:12:50 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\Luki\Dane aplikacji\Mozilla\Firefox\Profiles\2x4hnmlg.default\searchplugins\web-search.xml [2008-08-11 22:58:53 | 000,000,000 | ---D | M] (BearShare MediaBar) -- C:\Program Files\Mozilla Firefox\extensions\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} O4 - HKCU..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found O32 - AutoRun File - [2008-10-15 21:55:59 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{cbaa18c4-ca39-11de-a5dd-001f3c0b2ee9}\Shell\AutoRun\command - "" = u16sqrqn.exe O33 - MountPoints2\{cbaa18c4-ca39-11de-a5dd-001f3c0b2ee9}\Shell\open\Command - "" = u16sqrqn.exe O33 - MountPoints2\{dd17ce9e-4550-11de-a3f4-001f3c0b2ee9}\Shell\AutoRun\command - "" = u16sqrqn.exe O33 - MountPoints2\{dd17ce9e-4550-11de-a3f4-001f3c0b2ee9}\Shell\open\Command - "" = u16sqrqn.exe @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 :Files C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-57989841-839522115-1004UA.job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-57989841-839522115-1004Core.job C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\1560349806 C:\Documents and Settings\All Users\Dane aplikacji\1560349806 C:\Documents and Settings\Luki\Ustawienia lokalne\Dane aplikacji\OAGW0KNwM C:\Documents and Settings\All Users\Dane aplikacji\OAGW0KNwM C:\Documents and Settings\All Users\Dane aplikacji\.zreglib :Commands [emptytemp] [start explorer] [Reboot] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT. Wstawiasz je w tagi ! Poczytaj w moim podpisie o tworzeniu logów. Nic skomplikowanego Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej: [code]filefind: OAGW0KNwM* 1560349806* file: OAGW0KNwM* 1560349806* s3ifLiUC.dll regfind: OAGW0KNwM 1560349806[/code] Wciśnij look, pokaż co wyskoczyło.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.