klapek80 utworzono 1 lutego 2011 utworzono 1 lutego 2011 Witam! Mam trochę dziwny problem, polega on na tym że dowolną aplikację z pulpitu którą włączam dwukrotnym kliknięciem zwyczajnie ,uruchamia się wielokrotnie blokując cały system(po prostu tak jakbym klikał więcej razy niż tylko 2 razy)Czy to jakiś wirus?(avast nic nie pokazuje nie ma żadnych alertów)Bardzo proszę o pomoc.Dzięki z góry.
Tomek01 komentarz 1 lutego 2011 komentarz 1 lutego 2011 Możesz pokazać logi OTL i RSIT dokładnie wg poniższego opisu:
klapek80 komentarz 2 lutego 2011 Autor komentarz 2 lutego 2011 (edytowane) oto logi: [log]OTL Extras logfile created on: 2011-02-02 12:34:34 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\krs\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,85 Gb Total Space | 1,42 Gb Free Space | 14,46% Space Free | Partition Type: NTFS Drive D: | 19,56 Gb Total Space | 19,41 Gb Free Space | 99,26% Space Free | Partition Type: NTFS Drive E: | 45,14 Gb Total Space | 22,53 Gb Free Space | 49,91% Space Free | Partition Type: NTFS Drive F: | 19,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KOMP | User Name: krs | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-220523388-484061587-1801674531-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Documents and Settings\krs\Moje dokumenty\Winamp\winamp.exe" /BOOKMARK "%1" Directory [Winamp.Enqueue] -- "C:\Documents and Settings\krs\Moje dokumenty\Winamp\winamp.exe" /ADD "%1" Directory [Winamp.Play] -- "C:\Documents and Settings\krs\Moje dokumenty\Winamp\winamp.exe" "%1" Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{738179D8-3D76-4AFF-A7BE-AEF3B4370CB4}" = Opera 9.02 "{73C2BB36-ABE5-4E02-A043-E6C0F91A3E2C}" = PC VGA Camer@ Plus "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312}" = BabasChess "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8 "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3 "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D2D3D146-67BC-43D0-9015-2E7BAC2E032B}" = OpenOffice.org 3.1 "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ArcaOnline" = ArcaOnline - ArcaBit Online Scanner "asterisk key" = Asterisk Key 10.0 "avast5" = avast! Free Antivirus "Browser Protection Volume" = Browser Protection Volume "Codec_is1" = Codec 8.2 build 4 "Creative Software AutoUpdate" = Creative Software AutoUpdate "Digital Camera Driver" = Digital Camera Driver "Gadu-Gadu" = Gadu-Gadu 7.6 "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "InstallShield_{73C2BB36-ABE5-4E02-A043-E6C0F91A3E2C}" = PC VGA Camer@ Plus "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "Internet Explorer Secure Plug-in" = Internet Explorer Secure Plug-in "Internet Explorer Security Plugin 2006" = Internet Explorer Security Plugin 2006 "Internet Security Add-On" = Internet Security Add-On "MalwareSweeper_is1" = MalwareSweeper 2.1.0.2 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7) "NVIDIA Drivers" = NVIDIA Drivers "PCI Audio Driver" = PCI Audio Driver "Public Messenger ver 2.03" = Public Messenger ver 2.03 "RealAlt_is1" = Real Alternative 1.51 "Security Messenger" = Security Messenger "Shop for HP Supplies" = Shop for HP Supplies "System Alert Popup" = System Alert Popup "Video Access ActiveX Object" = Video Access ActiveX Object 2.07 "Video ActiveX Object" = Video ActiveX Object 2.07 "Video AX Object" = Video AX Object 2.07 "Winamp" = Winamp (remove only) "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Safety Alert" = Windows Safety Alert "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2008-02-13 17:23:04 | Computer Name = KOMP | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 2010-12-13 07:22:37 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x0012bd68. Error - 2010-12-13 07:22:44 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x0012bd68. Error - 2010-12-13 07:26:14 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x0012bd68. Error - 2010-12-13 07:33:38 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x0012bd68. Error - 2010-12-13 12:22:55 | Computer Name = KOMP | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd iexplore.exe, wersja 6.0.2900.2180, moduł powodujący błąd mshtml.dll, wersja 6.0.2900.2180, adres błędu 0x0012bd68. Error - 2010-12-13 13:51:07 | Computer Name = KOMP | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-13 14:43:28 | Computer Name = KOMP | Source = MsiInstaller | ID = 11601 Description = Produkt: Samsung New PC Studio -- Dysk pełny: Za mało miejsca na dysku -- Wolumin: 'C:'; wymagane miejsce: 471 602 KB; dostępne miejsce: 380 652 KB. Zwolnij trochę miejsca na dysku i ponów próbę. Error - 2010-12-13 14:46:36 | Computer Name = KOMP | Source = MsiInstaller | ID = 11601 Description = Produkt: Samsung New PC Studio -- Dysk pełny: Za mało miejsca na dysku -- Wolumin: 'C:'; wymagane miejsce: 471 602 KB; dostępne miejsce: 273 124 KB. Zwolnij trochę miejsca na dysku i ponów próbę. Error - 2010-12-13 14:48:56 | Computer Name = KOMP | Source = MsiInstaller | ID = 11601 Description = Produkt: Samsung New PC Studio -- Dysk pełny: Za mało miejsca na dysku -- Wolumin: 'C:'; wymagane miejsce: 198 982 KB; dostępne miejsce: 110 932 KB. Zwolnij trochę miejsca na dysku i ponów próbę. Error - 2010-12-16 07:44:17 | Computer Name = KOMP | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą [ System Events ] Error - 2011-01-27 10:42:17 | Computer Name = KOMP | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-27 10:42:54 | Computer Name = KOMP | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą Usługa COM nagrywania dysków CD IMAPI. Error - 2011-01-27 10:42:54 | Computer Name = KOMP | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa COM nagrywania dysków CD IMAPI z powodu następującego błędu: %%1053 Error - 2011-01-27 10:48:48 | Computer Name = KOMP | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-27 10:55:46 | Computer Name = KOMP | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-01-27 10:55:46 | Computer Name = KOMP | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-01-30 14:21:33 | Computer Name = KOMP | Source = SideBySide | ID = 16842811 Description = Generate Activation Context nie powiodło się dla C:\Program Files\Alwil Software\Avast5\snxhk.dll. Odpowiedni komunikat o błędzie: Operacja ukończona pomyślnie. . Error - 2011-01-30 14:21:34 | Computer Name = KOMP | Source = SideBySide | ID = 16842811 Description = Generate Activation Context nie powiodło się dla C:\Program Files\Alwil Software\Avast5\snxhk.dll. Odpowiedni komunikat o błędzie: Error Message is unavailable . Error - 2011-01-30 14:21:36 | Computer Name = KOMP | Source = SideBySide | ID = 16842811 Description = Generate Activation Context nie powiodło się dla C:\Program Files\BabasChess\BabasChess.exe. Odpowiedni komunikat o błędzie: Error Message is unavailable . Error - 2011-02-01 14:39:02 | Computer Name = KOMP | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. < End of report > [/log] [log]OTL logfile created on: 2011-02-02 12:34:34 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\krs\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,85 Gb Total Space | 1,42 Gb Free Space | 14,46% Space Free | Partition Type: NTFS Drive D: | 19,56 Gb Total Space | 19,41 Gb Free Space | 99,26% Space Free | Partition Type: NTFS Drive E: | 45,14 Gb Total Space | 22,53 Gb Free Space | 49,91% Space Free | Partition Type: NTFS Drive F: | 19,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KOMP | User Name: krs | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-02 12:31:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krs\Moje dokumenty\Downloads\OTL.exe PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2011-01-08 04:35:52 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2010-07-04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2010-01-08 17:05:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-01-08 17:05:17 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-05-21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2007-10-19 20:46:08 | 000,610,304 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2007-10-19 20:46:08 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2007-10-14 21:17:32 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007-10-14 20:38:52 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC7302\Monitor.exe PRC - [2006-10-22 12:22:00 | 000,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2006-08-03 04:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 02:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 02:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 02:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 02:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-04 02:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 02:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-02 12:31:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krs\Moje dokumenty\Downloads\OTL.exe MOD - [2011-01-13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2004-08-04 02:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 02:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 02:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-04 02:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 02:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 02:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 02:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 02:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 02:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 02:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 02:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 02:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 02:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 02:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 02:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 02:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 02:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 02:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 02:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 02:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 02:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 02:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 02:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 02:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 02:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-04 02:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-01-13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-01-13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-04-27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2010-04-27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2007-09-10 08:50:56 | 000,457,984 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302) DRV - [2006-10-22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-08-18 12:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-07-28 23:15:38 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004-07-28 23:15:36 | 000,033,024 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-06-03 03:40:50 | 000,068,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA NForce(tm) DRV - [2004-06-03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus) DRV - [2004-04-02 08:40:00 | 000,021,760 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp) DRV - [2003-12-31 04:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023) DRV - [2002-06-12 03:28:50 | 000,379,150 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-484061587-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-220523388-484061587-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-220523388-484061587-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-220523388-484061587-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = w3cache.bmj.net.pl:3128 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-08 19:27:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-23 14:22:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-23 14:22:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-01-27 14:36:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011-01-27 14:36:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krs\Dane aplikacji\Mozilla\Extensions [2011-01-27 14:36:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krs\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-02-01 14:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krs\Dane aplikacji\Mozilla\Firefox\Profiles\8lhnym2t.default\extensions [2010-02-01 14:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-01-08 17:05:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-12-09 14:39:41 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-12-09 14:39:41 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-12-09 14:39:41 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-12-09 14:39:41 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-12-09 14:39:41 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-12-09 14:39:41 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2007-10-01 10:09:25 | 000,000,969 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 vip.towalker.com O1 - Hosts: 127.0.0.1 vip1.towalker.com O1 - Hosts: 127.0.0.1 vip2.towalker.com O1 - Hosts: 127.0.0.1 vip3.towalker.com O1 - Hosts: 127.0.0.1 vip4.towalker.com O1 - Hosts: 127.0.0.1 vip5.towalker.com O1 - Hosts: 127.0.0.1 vip6.towalker.com O1 - Hosts: 127.0.0.1 vip7.towalker.com O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: () - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - File not found O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (Protection Bar) - {84938242-5C5B-4A55-B6B9-A1507543B418} - File not found O3 - HKLM\..\Toolbar: (no name) - {F0993251-2512-4710-AF6E-0A13EA199D02} - No CLSID value found. O3 - HKU\S-1-5-21-220523388-484061587-1801674531-1003\..\Toolbar\WebBrowser: (Protection Bar) - {84938242-5C5B-4A55-B6B9-A1507543B418} - File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [hpqSRMon] File not found O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-220523388-484061587-1801674531-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-220523388-484061587-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.205.161.138 84.205.160.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - File not found O22 - SharedTaskScheduler: {2016a466-91a2-43c6-97d8-2fd380f065ef} - eitheror - File not found O22 - SharedTaskScheduler: {4233ac08-a2c4-4742-a0b4-83719613d62c} - grassily - File not found O22 - SharedTaskScheduler: {abef791f-947e-4cdf-83c3-e72a240afb67} - frisbee - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-11-18 14:13:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - () MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) MsConfig - StartUpReg: [b]CTFMON.EXE[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Error Safe[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]ErrorSafeFree[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]ErrorSafeGratis[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Komunikator[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-01-30 19:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Updater5 [2011-01-27 14:36:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Thunderbird [2011-01-27 14:36:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Dane aplikacji\Thunderbird [2011-01-27 14:35:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Thunderbird [2011-01-27 14:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2011-01-27 14:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Passware [2011-01-27 14:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Menu Start\Programy\Passware [2011-01-27 13:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Downloads [2011-01-25 22:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2011-01-25 22:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2011-01-25 22:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Temp [2011-01-25 22:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2011-01-25 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Google [2011-01-25 22:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-12-26 15:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\BabasChess [2010-12-26 15:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\BabasChess [2010-12-26 15:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\BabasChess [2010-12-13 19:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\NPS [2010-12-13 19:58:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Moje wideo [2010-12-13 19:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\My Art [2010-12-13 19:56:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Samsung New PC Studio [2010-12-13 19:56:33 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys [2010-12-13 19:56:33 | 000,098,432 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys [2010-12-13 19:56:33 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys [2010-12-13 19:56:33 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys [2010-12-13 19:56:33 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys [2010-12-13 19:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2010-12-13 19:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK Semiconductor Corporation [2010-12-13 19:55:40 | 000,238,952 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe [2010-12-13 19:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\My NPS Files [2010-12-13 19:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Samsung [2010-12-13 19:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny [2010-12-13 19:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2010-12-13 19:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Dane aplikacji\Samsung [2010-12-13 19:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Samsung PC Studio 3 [2010-12-13 12:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Pobieranie [2010-12-12 22:04:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\krs\Moje dokumenty\Moja muzyka [2010-12-12 18:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2010-12-12 18:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-12-09 14:47:48 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys [2010-12-09 14:47:48 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys [2010-12-09 13:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2010-12-09 13:46:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers [2010-02-01 14:10:23 | 009,035,208 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.exe [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-02 12:46:53 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\krs\Pulpit\BabasChess.lnk [2011-02-01 19:46:24 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-02-01 19:46:15 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-02-01 19:46:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-01 19:40:57 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-02-01 19:37:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-01-31 18:31:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2011-01-31 17:07:21 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-01-31 17:04:57 | 000,921,632 | ---- | M] () -- C:\PA7302.DAT [2011-01-30 20:10:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-01-30 20:00:14 | 000,028,877 | ---- | M] () -- C:\WINDOWS\BabasChess.INI [2011-01-30 19:57:03 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BabasChess.lnk [2011-01-27 14:36:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2011-01-27 14:35:56 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Thunderbird.lnk [2011-01-27 13:30:23 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-01-25 22:06:34 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2011-01-25 22:03:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-01-13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-01-13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-01-13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-12-13 19:56:51 | 000,001,783 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk [2010-12-13 19:55:32 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\krs\Dane aplikacji\$_hpcst$.hpc [2010-12-13 19:55:23 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-12-13 19:34:21 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\golabki z ziemniakami i grzybami.lnk [2010-12-09 13:20:35 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-09 12:52:05 | 000,000,211 | -HS- | M] () -- C:\boot.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-01-30 19:31:40 | 000,002,259 | ---- | C] () -- C:\Documents and Settings\krs\Pulpit\BabasChess.lnk [2011-01-27 14:36:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-01-27 14:35:56 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Thunderbird.lnk [2011-01-25 22:06:34 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2011-01-25 22:05:20 | 000,001,030 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-01-25 22:05:20 | 000,001,026 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-01-25 22:03:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-01-25 21:36:23 | 000,028,877 | ---- | C] () -- C:\WINDOWS\BabasChess.INI [2010-12-26 15:37:17 | 000,002,259 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BabasChess.lnk [2010-12-13 19:56:51 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung New PC Studio.lnk [2010-12-13 19:55:40 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-12-13 19:55:40 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-12-13 19:55:32 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\krs\Dane aplikacji\$_hpcst$.hpc [2010-12-13 19:35:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2010-12-13 19:34:38 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-12-13 19:34:21 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\golabki z ziemniakami i grzybami.lnk [2010-12-12 18:11:10 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-12-09 13:46:10 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\Uninstall.ico [2010-01-08 16:08:58 | 000,002,161 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-02-12 19:17:15 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-02-12 19:17:15 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-02-12 19:17:15 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-02-04 16:38:56 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2007-07-15 20:19:13 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2007-07-15 20:18:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2007-03-20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini [2007-02-12 19:17:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-02-03 00:48:58 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\krs\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-11-21 08:54:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2006-11-21 08:51:58 | 000,028,145 | ---- | C] () -- C:\WINDOWS\cmijack.ini [2006-11-21 08:51:58 | 000,017,824 | ---- | C] () -- C:\WINDOWS\cmaudio.ini [2006-11-21 08:51:37 | 000,000,199 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2006-11-21 08:51:37 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2006-11-18 15:04:12 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006-10-22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-10-22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-10-22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2004-08-04 02:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [color=#E56717]========== LOP Check ==========[/color] [2006-11-18 14:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-07-20 12:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-12-13 19:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2007-07-15 08:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2007-07-15 09:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\ArcaBit [2010-01-08 17:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\OpenOffice.org [2006-11-18 14:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\Opera [2010-12-13 19:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\Samsung [2011-01-27 14:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\Thunderbird [2008-05-30 04:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krs\Dane aplikacji\Tlen.pl [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-11-18 14:13:38 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-12-09 12:52:05 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2002-09-29 00:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2006-11-18 14:13:38 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2006-11-18 14:13:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006-11-18 14:13:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 00:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-04 00:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-01-31 17:04:57 | 000,921,632 | ---- | M] () -- C:\PA7302.DAT [2011-02-01 19:46:03 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 02:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 02:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2002-09-29 00:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2002-09-29 00:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 02:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 02:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-04 02:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4295826C < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by krs at 2011-02-02 13:01:46 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 1 GB (14%) free of 10 GB Total RAM: 1535 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:02:01, on 2011-02-02 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\notepad.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\krs\Moje dokumenty\Downloads\RSIT.exe C:\Program Files\trend micro\krs.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.onet.pl/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = w3cache.bmj.net.pl:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video ActiveX Object\isadd.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing) O3 - Toolbar: (no name) - {F0993251-2512-4710-AF6E-0A13EA199D02} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll (file missing) O22 - SharedTaskScheduler: frisbee - {abef791f-947e-4cdf-83c3-e72a240afb67} - C:\WINDOWS\system32\ygjun.dll (file missing) O22 - SharedTaskScheduler: grassily - {4233ac08-a2c4-4742-a0b4-83719613d62c} - C:\WINDOWS\system32\ilmpjy.dll (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6400 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6ACAE64-F798-4930-AD86-BD3FB32038DB}] C:\Program Files\Video ActiveX Object\isadd.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-08 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-08 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {84938242-5C5B-4A55-B6B9-A1507543B418} - Protection Bar - C:\Program Files\Video ActiveX Object\iesplugin.dll [] {F0993251-2512-4710-AF6E-0A13EA199D02} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536] "C-Media Mixer"=Mixer.exe /startup [] "PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-08 149280] "hpqSRMon"= [] "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624] "NPSStartup"= [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe] C:\Program Files\ErrorSafe Free\ers.exe /min [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafeFree] C:\Program Files\ErrorSafe Free\uers.exe /scan [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafeGratis] C:\Program Files\ErrorSafe Free\uers.exe /min [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator] C:\Program Files\Tlen.pl\tlen.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-23 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-23 734872] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll [] frisbee - {abef791f-947e-4cdf-83c3-e72a240afb67} - C:\WINDOWS\system32\ygjun.dll [] grassily - {4233ac08-a2c4-4742-a0b4-83719613d62c} - C:\WINDOWS\system32\ilmpjy.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe" "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe" "C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe" "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe" "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe" "C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe" "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe" ======List of files/folders created in the last 3 months====== 2011-02-02 13:01:48 ----D---- C:\Program Files\trend micro 2011-02-02 13:01:46 ----D---- C:\rsit 2011-01-27 14:36:01 ----D---- C:\Documents and Settings\krs\Dane aplikacji\Thunderbird 2011-01-27 14:35:49 ----D---- C:\Program Files\Mozilla Thunderbird 2011-01-27 14:28:55 ----D---- C:\Program Files\Passware 2011-01-25 22:04:44 ----D---- C:\Program Files\Google 2011-01-25 21:36:23 ----A---- C:\WINDOWS\BabasChess.INI 2010-12-26 15:37:11 ----D---- C:\Program Files\BabasChess 2010-12-13 19:56:33 ----A---- C:\WINDOWS\system32\drivers\ss_bwhnt.sys 2010-12-13 19:56:33 ----A---- C:\WINDOWS\system32\drivers\ss_bmdm.sys 2010-12-13 19:56:33 ----A---- C:\WINDOWS\system32\drivers\ss_bmdfl.sys 2010-12-13 19:56:33 ----A---- C:\WINDOWS\system32\drivers\ss_bcmnt.sys 2010-12-13 19:56:33 ----A---- C:\WINDOWS\system32\drivers\ss_bbus.sys 2010-12-13 19:56:04 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Samsung 2010-12-13 19:55:44 ----D---- C:\Program Files\REALTEK Semiconductor Corporation 2010-12-13 19:55:40 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe 2010-12-13 19:55:40 ----A---- C:\WINDOWS\system32\FsUsbExDisk.Sys 2010-12-13 19:55:40 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll 2010-12-13 19:54:53 ----D---- C:\Program Files\MarkAny 2010-12-13 19:37:10 ----D---- C:\Documents and Settings\krs\Dane aplikacji\Samsung 2010-12-13 19:35:22 ----A---- C:\WINDOWS\system32\framedyn.dll 2010-12-13 19:34:38 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys 2010-12-12 18:11:09 ----D---- C:\Program Files\Common Files\Skype 2010-12-09 14:47:48 ----A---- C:\WINDOWS\system32\drivers\ss_bwh.sys 2010-12-09 14:47:48 ----A---- C:\WINDOWS\system32\drivers\ss_bcm.sys 2010-12-09 13:49:07 ----D---- C:\Program Files\Samsung 2010-12-09 13:46:11 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers ======List of files/folders modified in the last 3 months====== 2011-02-02 13:01:48 ----RD---- C:\Program Files 2011-02-02 13:01:48 ----D---- C:\WINDOWS\Prefetch 2011-02-02 12:22:12 ----D---- C:\WINDOWS\Temp 2011-02-01 19:38:24 ----D---- C:\Documents and Settings\krs\Dane aplikacji\Skype 2011-02-01 19:38:01 ----D---- C:\Documents and Settings\krs\Dane aplikacji\skypePM 2011-01-31 17:07:21 ----A---- C:\WINDOWS\NeroDigital.ini 2011-01-31 16:54:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\HP 2011-01-30 20:36:48 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-01-30 19:56:57 ----D---- C:\Documents and Settings\krs\Dane aplikacji\HPAppData 2011-01-27 15:52:38 ----D---- C:\WINDOWS 2011-01-27 13:30:22 ----D---- C:\WINDOWS\system32 2011-01-25 22:05:21 ----SHD---- C:\WINDOWS\Installer 2011-01-25 22:05:20 ----SD---- C:\WINDOWS\Tasks 2011-01-25 22:04:43 ----HD---- C:\Config.Msi 2011-01-13 09:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe 2010-12-23 14:24:50 ----D---- C:\Program Files\Mozilla Firefox 2010-12-18 19:49:34 ----D---- C:\Documents and Settings\krs\Dane aplikacji\HpUpdate 2010-12-13 20:59:54 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-13 19:57:38 ----D---- C:\WINDOWS\system32\drivers 2010-12-13 19:57:32 ----HD---- C:\WINDOWS\inf 2010-12-13 19:57:21 ----D---- C:\WINDOWS\system32\CatRoot 2010-12-13 19:56:47 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-12-13 19:55:06 ----HD---- C:\Program Files\InstallShield Installation Information 2010-12-13 19:55:06 ----D---- C:\WINDOWS\WinSxS 2010-12-12 18:11:10 ----RD---- C:\Program Files\Skype 2010-12-12 18:11:09 ----D---- C:\Program Files\Common Files 2010-12-12 18:10:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype 2010-12-09 12:52:05 ----SH---- C:\boot.ini 2010-12-09 12:52:05 ----A---- C:\WINDOWS\win.ini 2010-12-09 12:52:05 ----A---- C:\WINDOWS\system.ini 2010-11-18 12:47:44 ----D---- C:\Documents and Settings\krs\Dane aplikacji\HP 2010-11-05 21:31:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760] R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360] R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-08-25 36528] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392] R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424] R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-06-12 379150] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-29 9600] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-29 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-07-28 33024] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-07-28 12928] R3 PAC7302;PC VGA Camer@ Plus; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984] S1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-29 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-29 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-29 21568] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 npkcrypt;npkcrypt; \??\D:\gry\lineage2\system\npkcrypt.sys [] S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504] S3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-08 153376] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-25 136176] S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.08 2011-02-02 13:02:05 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002} Aktualizacja dla systemu Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" ArcaOnline - ArcaBit Online Scanner-->C:\WINDOWS\system32\ArcaOnlineUninstall.exe Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe Asterisk Key 10.0-->C:\Program Files\Passware\un-ariskkey.exe Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x15 avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup BabasChess-->MsiExec.exe /I{93CF9FA6-2A5E-4F8E-923E-F7D8741CB312} Browser Protection Volume-->"C:\Program Files\Video AX Object\bpunst.exe" Codec 8.2 build 4-->"C:\Program Files\Codec\Uninstall\unins000.exe" Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove Digital Camera Driver-->C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG Gadu-Gadu 7.6-->C:\Program Files\Gadu-Gadu\Setup.exe Google Chrome-->"C:\Program Files\Google\Chrome\Application\8.0.552.237\Installer\setup.exe" --uninstall --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{D77D43B5-ED55-426b-B67B-E21F804F6102}\setup\hpzscr01.exe -datfile hposcr27.dat -onestop HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1} Internet Explorer Secure Plug-in-->"C:\Program Files\Video AX Object\spunst.exe" Internet Explorer Security Plugin 2006-->"C:\Program Files\Video ActiveX Object\iesuninst.exe" Internet Security Add-On-->"C:\Program Files\Video ActiveX Object\isunst.exe" Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} MalwareSweeper 2.1.0.2-->"C:\Program Files\MalwareSweeper.com\Malware Sweeper\unins000.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.1.7)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe Nero 7-->MsiExec.exe /I{88561496-997E-46E6-B481-AE254E7F1045} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI OpenOffice.org 3.1-->MsiExec.exe /I{D2D3D146-67BC-43D0-9015-2E7BAC2E032B} Opera 9.02-->MsiExec.exe /X{738179D8-3D76-4AFF-A7BE-AEF3B4370CB4} PC VGA Camer@ Plus -->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{73C2BB36-ABE5-4E02-A043-E6C0F91A3E2C} /l1033 PCI Audio Driver-->cmuninst.exe Public Messenger ver 2.03-->"C:\Program Files\Video ActiveX Object\pmunst.exe" Real Alternative 1.51-->"C:\Program Files\Real Alternative\unins000.exe" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x15 REMOVE Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0415 -removeonly Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A} Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x0015 -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0015 -removeonly SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe Security Messenger-->"C:\Program Files\Video AX Object\smunst.exe" Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} System Alert Popup-->C:\DOCUME~1\krs\USTAWI~1\Temp\laf3B.tmp /del Video Access ActiveX Object 2.07-->C:\Program Files\Video Access ActiveX Object\uninst.exe Video ActiveX Object 2.07-->C:\Program Files\Video ActiveX Object\uninst.exe Video AX Object 2.07-->C:\Program Files\Video AX Object\uninst.exe Winamp (remove only)-->"C:\Documents and Settings\krs\Moje dokumenty\Winamp\UninstWA.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Safety Alert-->C:\DOCUME~1\krs\USTAWI~1\Temp\laf113.tmp /del ======Hosts File====== 127.0.0.1 vip.towalker.com 127.0.0.1 vip1.towalker.com 127.0.0.1 vip2.towalker.com 127.0.0.1 vip3.towalker.com 127.0.0.1 vip4.towalker.com 127.0.0.1 vip5.towalker.com 127.0.0.1 vip6.towalker.com 127.0.0.1 vip7.towalker.com ======System event log====== Computer Name: KOMP Event Code: 7035 Message: Do usługi avast! Web Scanner został pomyślnie wysłany kod sterowania uruchom. Record Number: 14396 Source Name: Service Control Manager Time Written: 20110125213156.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 7035 Message: Do usługi avast! Mail Scanner został pomyślnie wysłany kod sterowania uruchom. Record Number: 14395 Source Name: Service Control Manager Time Written: 20110125213156.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 7035 Message: Do usługi hpqcxs08 został pomyślnie wysłany kod sterowania uruchom. Record Number: 14394 Source Name: Service Control Manager Time Written: 20110125213156.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 7035 Message: Do usługi Usługa COM nagrywania dysków CD IMAPI został pomyślnie wysłany kod sterowania uruchom. Record Number: 14393 Source Name: Service Control Manager Time Written: 20110125213156.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 7036 Message: Usługa Zgodność szybkiego przełączania użytkowników weszła w stan uruchomienia. Record Number: 14392 Source Name: Service Control Manager Time Written: 20110125213153.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: KOMP Event Code: 0 Message: Record Number: 331 Source Name: NMIndexingService Time Written: 20070426183434.000000+120 Event Type: informacje User: Computer Name: KOMP Event Code: 1517 Message: System Windows zapisał rejestr użytkownika KOMP\krs, kiedy aplikacja lub usługa nadal użytkowała rejestr podczas wylogowania. Pamięć używana przez rejestr użytkownika nie została zwolniona. Rejestr zostanie zwolniony, kiedy nie będzie używany. Najczęstszą tego przyczyną są usługi uruchamiane z konta użytkownika. Próbuj skonfigurować te usługi, aby były uruchamiane z konta LocalService lub NetworkService. Record Number: 330 Source Name: Userenv Time Written: 20070423184807.000000+120 Event Type: ostrzeżenie User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 0 Message: Record Number: 329 Source Name: NMIndexingService Time Written: 20070423164826.000000+120 Event Type: informacje User: Computer Name: KOMP Event Code: 1517 Message: System Windows zapisał rejestr użytkownika KOMP\krs, kiedy aplikacja lub usługa nadal użytkowała rejestr podczas wylogowania. Pamięć używana przez rejestr użytkownika nie została zwolniona. Rejestr zostanie zwolniony, kiedy nie będzie używany. Najczęstszą tego przyczyną są usługi uruchamiane z konta użytkownika. Próbuj skonfigurować te usługi, aby były uruchamiane z konta LocalService lub NetworkService. Record Number: 328 Source Name: Userenv Time Written: 20070423095304.000000+120 Event Type: ostrzeżenie User: ZARZĄDZANIE NT\SYSTEM Computer Name: KOMP Event Code: 0 Message: Record Number: 327 Source Name: NMIndexingService Time Written: 20070423092938.000000+120 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log]
Tomek01 komentarz 2 lutego 2011 komentarz 2 lutego 2011 Aktualizuj Adobe Reader do wersji 9. Przeskanuj jeszcze na virustotal poniższe pliki: C:\WINDOWS\system32\higehsg.dll C:\WINDOWS\system32\ygjun.dll C:\WINDOWS\system32\ilmpjy.dll
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.