Szooguun utworzono 4 lutego 2011 utworzono 4 lutego 2011 Tak jak w temacie, reklamy pojawiają się podczas korzystania z innej przeglądarki np. firefox, proszę o sprawdzenie logów: [u]OTL[/u] OTL.txt: [log]OTL logfile created on: 2011-02-04 13:08:15 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Quest\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 33,82 Gb Free Space | 34,63% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 5,33 Gb Free Space | 1,45% Space Free | Partition Type: NTFS Drive F: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KOMPUTER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - File not found -- PRC - [2011-02-04 13:04:39 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Quest\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-02-04 11:36:40 | 000,142,336 | ---- | M] (ComponentOne LLC) -- C:\WINDOWS\Gnegya.exe PRC - [2011-01-29 00:48:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-01-25 15:08:14 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2011-01-25 15:08:04 | 000,820,008 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2011-01-05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2011-01-04 21:37:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-12-09 11:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-03 20:58:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-11-26 03:32:42 | 000,614,400 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2010-10-16 13:24:31 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2010-10-16 13:24:31 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE PRC - [2010-10-16 13:24:31 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2010-10-16 13:24:31 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2010-10-16 13:24:31 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-10-16 13:24:31 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2010-10-16 13:24:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2010-10-16 13:24:31 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2010-10-16 13:24:31 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2010-10-16 13:24:31 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2010-10-16 13:24:31 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2010-10-16 13:24:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2010-10-07 12:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2010-09-28 14:02:58 | 000,220,128 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe PRC - [2010-09-15 11:20:52 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe PRC - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2010-08-12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2010-06-17 07:55:00 | 003,680,568 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-04-22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe PRC - [2009-04-16 17:34:22 | 001,225,728 | ---- | M] (KCI / ikari) -- D:\KCI_bot_6.6.91\kci.exe PRC - [2007-10-16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe PRC - [2007-10-16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe PRC - [2007-04-17 20:45:54 | 000,368,640 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe PRC - [2005-10-31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe PRC - [2004-08-22 17:05:02 | 000,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe PRC - [2004-08-04 07:56:58 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE PRC - [1999-12-13 02:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-04 13:04:39 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Quest\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-10-16 13:24:31 | 008,492,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-10-16 13:24:31 | 001,288,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2010-10-16 13:24:31 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-10-16 13:24:31 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2010-10-16 13:24:31 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2010-10-16 13:24:31 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2010-10-16 13:24:31 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-10-16 13:24:31 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2010-10-16 13:24:31 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-10-16 13:24:31 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2010-10-16 13:24:31 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2010-10-16 13:24:31 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2010-10-16 13:24:31 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2010-10-16 13:24:31 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2010-10-16 13:24:31 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2010-10-16 13:24:31 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2010-10-16 13:24:31 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2010-10-16 13:24:31 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2010-10-16 13:24:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2010-10-16 13:24:31 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2010-10-16 13:24:31 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2010-10-16 13:24:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2010-10-16 13:24:31 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2010-10-16 13:24:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2010-10-16 13:24:31 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2010-10-16 13:24:31 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2010-10-16 13:24:31 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2010-10-16 13:24:31 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2010-10-16 13:24:31 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2010-10-16 13:24:31 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2010-10-16 13:24:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-12-30 15:24:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-09-28 14:02:58 | 000,220,128 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService) SRV - [2010-08-12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2007-10-16 10:08:08 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2007-10-16 10:07:38 | 002,711,552 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-29 22:05:36 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-26 05:17:40 | 005,555,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010-10-16 13:24:31 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2010-09-28 14:03:22 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap) DRV - [2010-09-28 14:03:10 | 000,044,512 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psmounter.sys -- (PSMounter) DRV - [2010-08-04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-08-03 13:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2010-07-29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-05-03 07:49:18 | 000,225,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2005-07-07 09:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2005-01-10 11:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-01-10 11:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-789336058-1364589140-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-789336058-1364589140-682003330-1003\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) IE - HKU\S-1-5-21-789336058-1364589140-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-789336058-1364589140-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-02-02 15:51:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-02 15:51:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-12-29 21:40:51 | 000,000,000 | ---D | M] [2011-02-03 20:07:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-29 00:48:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-29 00:48:28 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-10-16 13:24:31 | 000,000,775 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SHOUTcast Loader) - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (SHOUTcast Radio Toolbar) - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) O3 - HKU\S-1-5-21-789336058-1364589140-682003330-1003\..\Toolbar\WebBrowser: (SHOUTcast Radio Toolbar) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-789336058-1364589140-682003330-1003..\Run: [CE8SIIFGSU] File not found O4 - HKU\S-1-5-21-789336058-1364589140-682003330-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-789336058-1364589140-682003330-1003..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\Quest\Menu Start\Programy\Autostart\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2011-01-16 16:59:53 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2011-01-16 16:59:53 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2011-01-16 16:59:53 | 000,000,000 | ---D | M] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-789336058-1364589140-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-789336058-1364589140-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-29 20:56:33 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-03-24 00:54:52 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-04 13:06:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2011-02-04 13:06:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2011-02-04 13:06:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2011-02-04 13:06:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2011-02-04 13:06:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2011-02-04 13:06:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2011-02-04 13:06:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2011-02-04 13:06:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2011-02-04 13:06:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies [2011-02-04 13:06:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2011-02-04 13:06:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2011-02-04 13:06:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent [2011-02-04 13:06:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2011-02-04 13:06:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2011-02-04 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ulubione [2011-02-04 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2011-02-04 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2011-02-04 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2011-02-04 11:36:47 | 000,142,336 | ---- | C] (ComponentOne LLC) -- C:\WINDOWS\Gnegya.exe [2011-02-04 11:36:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2011-02-02 19:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-02-02 15:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Apple Computer [2011-02-02 15:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iTunes [2011-02-02 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011-02-02 15:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011-02-02 15:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011-02-02 15:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime [2011-02-02 15:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011-02-02 15:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2011-02-02 15:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2011-02-02 15:50:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011-02-02 15:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2011-02-02 15:49:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple [2011-02-01 10:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2011-01-31 20:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2011-01-31 20:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2011-01-31 20:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2011-01-31 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft [2011-01-31 20:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2011-01-31 20:06:41 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011-01-29 00:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2011-01-29 00:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-01-29 00:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011-01-23 18:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-01-18 19:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 6 [2011-01-18 19:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2011-01-17 13:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011-01-14 23:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-01-14 23:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack [2011-01-14 23:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2011-01-14 23:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ipla [2011-01-14 23:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2011-01-14 20:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office [2011-01-14 20:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011-01-11 15:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2011-01-11 15:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2011-01-11 15:49:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2011-01-11 15:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2011-01-11 15:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2011-01-11 13:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow [2011-01-11 13:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ffdshow [2011-01-10 22:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Real Alternative [2011-01-10 22:50:18 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2011-01-10 22:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2011-01-10 22:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2011-01-10 22:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2011-01-10 22:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2011-01-09 14:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2011-01-07 12:42:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011-01-06 21:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2011-01-06 21:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Xvid [2011-01-04 21:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam [2011-01-04 21:34:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2011-01-04 20:09:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2011-01-04 20:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\City Interactive [2011-01-04 20:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive [2011-01-04 20:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\EA Play [2011-01-04 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Play [2011-01-03 21:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Wirtualna Polska [2011-01-03 21:30:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pasjanse [2011-01-03 21:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ganymede [2011-01-03 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Metropolis Software [2011-01-02 16:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\GoldWave [2011-01-01 19:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2011-01-01 18:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011-01-01 18:01:36 | 000,000,000 | ---D | C] -- C:\Mafia 2 [2010-12-31 18:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NPCC3 [2010-12-31 18:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\NPCC3 [2010-12-31 14:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Sony Image Data Suite [2010-12-31 13:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Sony Picture Utility [2010-12-31 13:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010-12-30 15:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ALM [2010-12-30 15:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010-12-30 15:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2010-12-30 15:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2010-12-29 23:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-12-29 23:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-12-29 22:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\SHOUTcast Radio Toolbar [2010-12-29 22:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar [2010-12-29 22:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer [2010-12-29 22:39:29 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\WINDOWS\System32\iconv.dll [2010-12-29 22:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2010-12-29 22:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Macrium [2010-12-29 22:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-12-29 22:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2010-12-29 22:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe [2010-12-29 22:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010-12-29 22:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-12-29 22:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-12-29 22:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-12-29 22:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp [2010-12-29 22:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-12-29 22:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-12-29 22:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\SpacialAudio [2010-12-29 22:17:31 | 000,442,368 | ---- | C] (FirebirdSQL Project) -- C:\WINDOWS\System32\GDS32.DLL [2010-12-29 22:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firebird 2.1 (Win32) [2010-12-29 22:17:30 | 000,458,752 | ---- | C] (IBPhoenix) -- C:\WINDOWS\System32\Firebird2Control.cpl [2010-12-29 22:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird [2010-12-29 22:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\Macrium [2010-12-29 22:13:37 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys [2010-12-29 22:13:37 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys [2010-12-29 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\D-Tools [2010-12-29 22:13:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2010-12-29 21:57:19 | 000,000,000 | ---D | C] -- C:\Kopia systemu [2010-12-29 21:56:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010-12-29 21:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative [2010-12-29 21:50:38 | 000,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information [2010-12-29 21:49:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Data [2010-12-29 21:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Creative [2010-12-29 21:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\Creative [2010-12-29 21:41:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-12-29 21:41:28 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2010-12-29 21:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2010-12-29 21:41:24 | 000,000,000 | R--D | C] -- C:\Program Files [2010-12-29 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2010-12-29 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2010-12-29 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2010-12-29 21:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-12-29 21:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET [2010-12-29 21:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-12-29 21:40:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2010-12-29 21:40:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2010-12-29 21:40:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2010-12-29 21:40:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2010-12-29 21:40:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2010-12-29 21:40:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2010-12-29 21:39:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-12-29 21:38:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2010-12-29 21:38:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2010-12-29 21:38:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-12-29 21:38:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2010-12-29 21:37:58 | 000,000,000 | ---D | C] -- C:\totalcmd [2010-12-29 21:37:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2010-12-29 21:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2010-12-29 21:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-12-29 21:34:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010-12-29 21:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox [2010-12-29 21:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010-12-29 21:32:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Offline Web Pages [2010-12-29 21:32:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2010-12-29 21:32:29 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2010-12-29 21:32:29 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2010-12-29 21:32:29 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2010-12-29 21:32:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2010-12-29 21:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2010-12-29 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2010-12-29 21:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ATI Stream SDK v2 [2010-12-29 21:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Stream [2010-12-29 21:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Catalyst Control Center [2010-12-29 21:14:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2010-12-29 21:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010-12-29 21:13:20 | 000,000,000 | ---D | C] -- C:\ATI [2010-12-29 21:11:21 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2010-12-29 21:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2010-12-29 21:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010-12-29 21:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010-12-29 21:04:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010-12-29 21:02:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2010-12-29 21:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-12-29 21:01:05 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2010-12-29 21:01:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-12-29 21:01:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-12-29 21:01:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-12-29 20:59:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-12-29 20:59:41 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-12-29 20:58:36 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010-12-29 20:58:36 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010-12-29 20:58:35 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010-12-29 20:57:44 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010-12-29 20:57:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010-12-29 20:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2010-12-29 20:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2010-12-29 20:56:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2010-12-29 20:56:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2010-12-29 20:55:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2010-12-29 20:55:49 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2010-12-29 20:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2010-12-29 20:55:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2010-12-29 20:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2010-12-29 20:54:55 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2010-12-29 20:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2010-12-29 20:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2010-12-29 20:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2010-12-29 20:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2010-12-29 20:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2010-12-29 20:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2010-12-29 20:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2010-12-29 20:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2010-12-29 20:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2010-12-29 20:53:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-12-29 20:53:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2010-12-29 20:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2010-12-29 20:53:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2010-12-29 20:53:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2010-12-29 20:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2010-12-29 20:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2010-12-29 20:52:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2010-12-29 20:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2010-12-29 20:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2010-12-29 20:51:29 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2010-12-29 20:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2010-12-29 20:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2010-12-29 20:51:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2010-12-29 20:51:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2010-12-29 20:50:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [2010-12-07 12:14:06 | 000,051,200 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2002-04-11 02:41:06 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-04 13:10:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-02-04 13:06:07 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-02-04 12:41:04 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-02-04 12:30:05 | 000,558,728 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-02-04 12:30:05 | 000,496,208 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-02-04 12:30:05 | 000,105,694 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-02-04 12:30:05 | 000,084,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-02-04 12:25:46 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\Othbv.job [2011-02-04 12:25:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-04 11:36:40 | 000,142,336 | ---- | M] (ComponentOne LLC) -- C:\WINDOWS\Gnegya.exe [2011-02-04 11:36:39 | 000,135,168 | RHS- | M] () -- C:\WINDOWS\System32\command0.dll [2011-02-03 22:13:48 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2011-02-02 15:52:27 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2011-02-02 15:51:21 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk [2011-02-02 12:11:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-01 10:58:21 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2011-01-31 20:15:56 | 004,760,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-18 19:00:11 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-01-14 23:36:25 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2011-01-14 20:30:59 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2011-01-09 22:19:49 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk [2011-01-07 12:42:25 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-01-04 21:40:56 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2011-01-04 20:02:45 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Create™.lnk [2011-01-03 21:30:41 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\AMD Phenom(tm) II X2 550 Processor_V1_V1.bin [2011-01-03 16:13:21 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Lightroom 3.2.lnk [2011-01-01 02:00:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOMPUTER-Quest.job [2010-12-31 14:04:40 | 000,000,165 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Product Registration.url [2010-12-31 14:03:13 | 000,002,013 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Image Data Converter SR Ver. 2.lnk [2010-12-31 14:03:13 | 000,001,948 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Image Data Lightbox SR.lnk [2010-12-31 13:54:17 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Picture Motion Browser Guide.lnk [2010-12-31 13:54:15 | 000,001,683 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Picture Motion Browser.lnk [2010-12-29 22:05:36 | 000,685,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-12-29 21:54:28 | 000,000,584 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm [2010-12-29 21:54:28 | 000,000,584 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm [2010-12-29 21:45:27 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010-12-29 21:34:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-12-29 21:14:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2010-12-29 20:59:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2010-12-29 20:58:58 | 000,004,438 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-12-29 20:58:55 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-12-29 20:56:33 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-12-29 20:56:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-12-29 20:56:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-12-29 20:56:33 | 000,000,000 | -H-- | M] () -- C:\CONFIG.SYS [2010-12-29 20:56:33 | 000,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT [2010-12-29 20:56:29 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-12-29 20:56:29 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-12-29 20:56:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-12-29 20:56:22 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010-12-29 20:53:26 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-12-21 23:41:30 | 000,080,896 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-12-21 23:35:00 | 000,050,688 | ---- | M] () -- C:\WINDOWS\System32\ff_acm.acm [2010-12-07 12:14:06 | 000,051,200 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-04 13:06:56 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2011-02-04 13:06:56 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2011-02-04 11:36:50 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-02-04 11:36:47 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-02-04 11:36:43 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-02-04 11:36:40 | 000,000,310 | -HS- | C] () -- C:\WINDOWS\tasks\Othbv.job [2011-02-04 11:36:39 | 000,135,168 | RHS- | C] () -- C:\WINDOWS\System32\command0.dll [2011-02-02 15:52:27 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2011-02-02 15:51:21 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk [2011-02-02 15:51:00 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk [2011-02-01 10:58:21 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2011-01-18 19:00:11 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-01-17 13:29:53 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-01-14 23:36:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-01-14 23:36:25 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2011-01-14 20:30:59 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-01-12 14:05:37 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash [2011-01-11 15:50:04 | 000,108,600 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-01-11 13:30:54 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-01-11 13:30:54 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\ff_acm.acm [2011-01-09 22:19:48 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 8.lnk [2011-01-09 22:19:48 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 8.lnk [2011-01-09 14:12:33 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft ActiveSync.lnk [2011-01-06 21:13:14 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-06 21:13:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax [2011-01-04 21:37:03 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2011-01-04 20:02:45 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Create™.lnk [2011-01-03 21:30:41 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\AMD Phenom(tm) II X2 550 Processor_V1_V1.bin [2011-01-03 16:13:21 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Lightroom 3.2.lnk [2011-01-03 16:13:21 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop Lightroom 3.2.lnk [2010-12-31 14:04:40 | 000,000,165 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Product Registration.url [2010-12-31 14:03:13 | 000,002,013 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Image Data Converter SR Ver. 2.lnk [2010-12-31 14:03:13 | 000,001,948 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Image Data Lightbox SR.lnk [2010-12-31 13:54:17 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Picture Motion Browser Guide.lnk [2010-12-31 13:54:15 | 000,001,683 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Picture Motion Browser.lnk [2010-12-30 15:31:55 | 000,000,342 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOMPUTER-Quest.job [2010-12-30 15:30:02 | 000,001,233 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Illustrator CS3.lnk [2010-12-30 15:28:03 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Stock Photos CS3.lnk [2010-12-30 15:27:05 | 000,001,100 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit 2.lnk [2010-12-30 15:26:56 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Device Central CS3.lnk [2010-12-30 15:25:22 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS3.lnk [2010-12-29 23:01:42 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk [2010-12-29 22:39:29 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-12-29 22:39:29 | 000,675,840 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax [2010-12-29 22:30:19 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop CS5.lnk [2010-12-29 22:29:37 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Bridge CS5.lnk [2010-12-29 22:29:21 | 000,000,909 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Device Central CS5.lnk [2010-12-29 22:28:19 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Extension Manager CS5.lnk [2010-12-29 22:28:13 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ExtendScript Toolkit CS5.lnk [2010-12-29 22:27:34 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Help.lnk [2010-12-29 22:05:35 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-12-29 21:54:26 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm [2010-12-29 21:54:26 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm [2010-12-29 21:53:13 | 000,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd [2010-12-29 21:49:11 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2010-12-29 21:49:11 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2010-12-29 21:48:44 | 007,572,224 | ---- | C] () -- C:\WINDOWS\System32\CT8MGM.SF2 [2010-12-29 21:48:42 | 004,174,814 | ---- | C] () -- C:\WINDOWS\System32\CT4MGM.SF2 [2010-12-29 21:48:41 | 002,167,684 | R--- | C] () -- C:\WINDOWS\System32\ct2mgm.sf2 [2010-12-29 21:45:27 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF [2010-12-29 21:41:30 | 000,004,438 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-12-29 21:41:28 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-12-29 21:41:26 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2010-12-29 21:41:26 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2010-12-29 21:41:25 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2010-12-29 21:41:25 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2010-12-29 21:40:54 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010-12-29 21:38:38 | 002,033,887 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010-12-29 21:38:38 | 001,246,357 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010-12-29 21:38:38 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010-12-29 21:38:38 | 000,634,012 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010-12-29 21:38:38 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-12-29 21:38:38 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010-12-29 21:38:38 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010-12-29 21:38:38 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010-12-29 21:38:38 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010-12-29 21:38:38 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010-12-29 21:38:38 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010-12-29 21:38:38 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-12-29 21:38:38 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010-12-29 21:38:38 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010-12-29 21:38:38 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-12-29 21:38:38 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010-12-29 21:38:38 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF [2010-12-29 21:37:58 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF [2010-12-29 21:37:54 | 004,760,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-29 21:37:14 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2010-12-29 21:37:11 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2010-12-29 21:34:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-12-29 21:14:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010-12-29 21:14:41 | 000,121,776 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010-12-29 21:04:24 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-12-29 20:59:44 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2010-12-29 20:58:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-12-29 20:58:32 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-12-29 20:58:22 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-12-29 20:58:17 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010-12-29 20:58:16 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010-12-29 20:58:14 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010-12-29 20:58:02 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-12-29 20:57:57 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010-12-29 20:57:54 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010-12-29 20:57:46 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010-12-29 20:56:33 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2010-12-29 20:56:33 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-12-29 20:56:33 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-12-29 20:56:33 | 000,000,000 | -H-- | C] () -- C:\CONFIG.SYS [2010-12-29 20:56:33 | 000,000,000 | -H-- | C] () -- C:\AUTOEXEC.BAT [2010-12-29 20:56:29 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2010-12-29 20:56:29 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010-12-29 20:56:28 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-12-29 20:55:48 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2010-12-29 20:55:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2010-12-29 20:55:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2010-12-29 20:55:10 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2010-12-29 20:55:02 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2010-12-29 20:54:08 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2010-12-29 20:53:31 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2010-12-29 20:53:26 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-12-29 20:51:42 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2010-12-29 20:51:42 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2010-12-29 20:51:42 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2010-12-29 20:51:42 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2010-12-29 20:51:42 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2010-12-29 20:51:42 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2010-12-29 20:51:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2010-12-29 20:51:42 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2010-12-29 20:51:42 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2010-12-29 20:51:41 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2010-12-29 20:51:41 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2010-12-29 20:51:38 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2010-12-29 20:51:38 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010-12-29 20:51:36 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2010-12-29 20:51:30 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2010-12-14 12:50:27 | 000,022,305 | ---- | C] () -- C:\WINDOWS\atiogl.xml [2010-12-14 12:50:27 | 000,007,167 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml [2010-12-14 12:50:21 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2010-12-14 12:50:21 | 000,539,392 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap [2010-12-14 12:50:21 | 000,224,001 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010-12-14 12:50:21 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2005-05-03 12:38:42 | 000,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll [2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll [2003-10-02 11:48:18 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll [color=#E56717]========== LOP Check ==========[/color] [2010-12-29 21:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-12-29 23:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-01-14 23:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-12-29 22:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Macrium [2011-02-02 19:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-12-30 15:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2010-12-29 22:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar [2011-01-29 23:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-02 15:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011-01-28 19:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-01-11 10:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\Gadu-Gadu 10 [2010-12-30 16:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\GHISLER [2011-01-21 23:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\ipla [2011-02-02 19:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\OpenFM [2011-01-17 13:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\Opera [2011-01-14 23:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\RDRM [2011-01-18 19:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\TeamViewer [2011-02-03 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Dane aplikacji\uTorrent [2011-02-04 12:25:46 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\Tasks\Othbv.job [2011-02-04 13:10:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-02-04 13:06:07 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-02-04 12:41:04 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1C422577 < End of report >[/log] Extras.txt [log]OTL Extras logfile created on: 2011-02-04 13:08:15 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Quest\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 33,82 Gb Free Space | 34,63% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 5,33 Gb Free Space | 1,45% Space Free | Partition Type: NTFS Drive F: | 647,99 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: KOMPUTER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-789336058-1364589140-682003330-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 -- [2011-01-16 16:59:53 | 000,000,000 | ---D | M] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 -- [2011-01-16 16:59:53 | 000,000,000 | ---D | M] "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC -- () "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\EA Play\Create\pc\Create.exe" = C:\Program Files\EA Play\Create\pc\Create.exe:*:Enabled:Create™ -- (Electronic Arts (C)) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation) "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Steam\steamapps\rossex\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\rossex\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0ED98038-0885-F902-C419-669ADE471A46}" = ATI Stream SDK v2 Developer "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy "{1E99F8BD-85B0-4660-B756-1559E1BED376}" = Create™ "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3C2C70B1-4441-4A76-B5E2-C339C24C63F3}" = Adobe Illustrator CS3 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6BD5BAAF-44F0-4D9B-88E7-4D1C54E689AC}" = ESET NOD32 Antivirus "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{790F6156-B231-F7D6-BAE4-741E7CB0ACB1}" = ccc-utility "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{810AD6B3-C830-A74C-300E-D14820CE1850}" = Catalyst Control Center InstallProxy "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90140000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 14 "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90170415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A36579B4-313E-DC6B-D817-41824D46EF5D}" = CCC Help English "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8DF1374-7E6B-448A-87BB-2DCE71874F2B}" = Macrium Reflect - Free Edition "{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes "{AC76BA86-7AD7-1045-7B44-A81000000003}" = Adobe Reader 8.1.0 - Polish "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B9060398-FB64-2A4C-C4E6-D1236447E026}" = ATI Catalyst Install Manager "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3BA6488-5C3E-A4EF-BA64-74C54ABCEE03}" = ccc-core-static "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EDD235BB-9FB4-4604-85ED-1B14A256F4E0}" = Adobe Photoshop Lightroom 3.2 "{EDD654B3-6FE9-67AC-CE7D-5FE3698439DB}" = Catalyst Control Center Graphics Previews Common "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX "{FB6E7BFE-4578-499F-90CD-F7B2525E838C}" = Adobe Setup "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_cd40c268fefdd8bfc54faa37df2ce97" = Adobe Illustrator CS3 "ALLPlayer_is1" = ALLPlayer V4.X "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Creative Software AutoUpdate" = Creative Software AutoUpdate "FBDBServer_2_0_is1" = Firebird 2.1.0.16780 (Win32) "ffdshow_is1" = ffdshow v1.1.3721 [2011-01-07] "Gadu-Gadu 10" = Gadu-Gadu 10 "GoldWave v5.25" = GoldWave v5.25 "ipla" = ipla 2.2.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NPCC 3_is1" = Natalia PolChat Client Application "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Opera 11.01.1190" = Opera 11.01 "Pasjanse" = Pasjanse "RealAlt_is1" = Real Alternative 1.7.5 "SAM3" = SAM Broadcaster (remove only) "SHOUTcast Radio Toolbar" = SHOUTcast Radio Toolbar "SHOUTcastDSP" = SHOUTcast Source DSP 1.9.1 (remove only) "SkanerOnline" = Skaner on-line mks_vir "Steam App 240" = Counter-Strike: Source "TeamViewer 6" = TeamViewer 6 "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "Winter Sports 2011/PL-Polish_is1" = Winter Sports 2011 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-789336058-1364589140-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-04 15:34:31 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports_stripped_dx9.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports_stripped_dx9.exe, wersja 0.0.0.0, adres błędu 0x00263a8f. Error - 2011-01-04 15:36:31 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports.exe, wersja 0.0.0.0, adres błędu 0x0025b6ef. Error - 2011-01-04 15:36:38 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports_stripped_dx9.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports_stripped_dx9.exe, wersja 0.0.0.0, adres błędu 0x00263a8f. Error - 2011-01-04 15:45:19 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports.exe, wersja 0.0.0.0, adres błędu 0x00263a8f. Error - 2011-01-04 15:57:36 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports.exe, wersja 0.0.0.0, adres błędu 0x0025b6ef. Error - 2011-01-04 16:02:25 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd wintersports.exe, wersja 0.0.0.0, moduł powodujący błąd wintersports.exe, wersja 0.0.0.0, adres błędu 0x0025b6ef. Error - 2011-01-07 05:14:37 | Computer Name = KOMPUTER | Source = SecurityCenter | ID = 1802 Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy. Error - 2011-01-11 15:31:07 | Computer Name = KOMPUTER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca explorer.exe, wersja 6.0.2900.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-15 17:20:21 | Computer Name = KOMPUTER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd npcc3.exe, wersja 3.0.0.96, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-01-20 16:21:03 | Computer Name = KOMPUTER | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca hl2.exe, wersja 0.0.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. < End of report >[/log] [u]RSIT[/u] info.txt: [log]info.txt logfile of random's system information tool 1.08 2011-02-04 13:19:23 ======Uninstall list====== -->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009 -->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W -->C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe -runfromtemp -l0x0009/cont -removeonly -->C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe -runfromtemp -l0x0009 -removeonly -->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C} Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE} Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Illustrator CS3-->C:\Program Files\Common Files\Adobe\Installers\cd40c268fefdd8bfc54faa37df2ce97\Setup.exe Adobe Illustrator CS3-->MsiExec.exe /I{3C2C70B1-4441-4A76-B5E2-C339C24C63F3} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}" Adobe Photoshop Lightroom 3.2-->MsiExec.exe /I{EDD235BB-9FB4-4604-85ED-1B14A256F4E0} Adobe Reader 8.1.0 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81000000003} Adobe Setup-->MsiExec.exe /I{FB6E7BFE-4578-499F-90CD-F7B2525E838C} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe" Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8} Apple Mobile Device Support-->MsiExec.exe /I{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B} ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} ATI Stream SDK v2 Developer-->MsiExec.exe /I{0ED98038-0885-F902-C419-669ADE471A46} Bonjour-->MsiExec.exe /X{2A981294-F14C-4F0F-9627-D793270922F8} Catalyst Control Center - Branding-->MsiExec.exe /I{6AB57823-3580-4CE0-9CF0-072E2A39460C} Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240 Create™-->MsiExec.exe /X{1E99F8BD-85B0-4660-B756-1559E1BED376} Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0} ffdshow v1.1.3721 [2011-01-07]-->"C:\Program Files\ffdshow\unins000.exe" Firebird 2.1.0.16780 (Win32)-->"C:\Program Files\Firebird\Firebird_2_1\unins000.exe" Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe GoldWave v5.25-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log" ipla 2.2.1-->C:\Program Files\ipla\uninst.exe iTunes-->MsiExec.exe /I{AAD47011-8518-4608-9656-951DA35B587B} Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF} K-Lite Codec Pack 6.2.0 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Macrium Reflect - Free Edition-->MsiExec.exe /I{A8DF1374-7E6B-448A-87BB-2DCE71874F2B} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{036FD544-AED6-3F33-856D-A2292D0CF471} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{7C77393F-8237-3825-A88A-AFAF3C69C072} Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783} Microsoft .NET Framework 3.5 Language Pack - plk-->MsiExec.exe /I{F31E509D-3597-324E-83CF-0C160B2320F0} Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft .NET Framework 4 Client Profile PLK Language Pack-->MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4} Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft .NET Framework 4 Extended PLK Language Pack-->MsiExec.exe /X{5C19E2DC-4CCF-3114-B40A-6E565987025F} Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702} Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE} Microsoft Office Access MUI (Polish) 2010-->MsiExec.exe /X{90140000-0015-0415-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2010-->MsiExec.exe /X{90140000-0016-0415-0000-0000000FF1CE} Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170415-6000-11D3-8CFE-0150048383C9} Microsoft Office Groove MUI (Polish) 2010-->MsiExec.exe /X{90140000-00BA-0415-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2010-->MsiExec.exe /X{90140000-0044-0415-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2010-->MsiExec.exe /X{90140000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2010-->MsiExec.exe /X{90140000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2010-->MsiExec.exe /X{90140000-0018-0415-0000-0000000FF1CE} Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2010-->MsiExec.exe /X{90140000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2010-->MsiExec.exe /X{90140000-002C-0415-0000-0000000FF1CE} Microsoft Office Publisher MUI (Polish) 2010-->MsiExec.exe /X{90140000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2010-->MsiExec.exe /X{90140000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2010-->MsiExec.exe /X{90140000-001B-0415-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Natalia PolChat Client Application-->"C:\Program Files\NPCC3\unins000.exe" NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F} Opera 11.01-->"C:\Program Files\Opera\Opera.exe" /uninstall Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk\setup.exe Pasjanse-->C:\PROGRA~1\Ganymede\Pasjanse\UNWISE.EXE C:\PROGRA~1\Ganymede\Pasjanse\INSTALL.LOG PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ExtendedLP QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} Real Alternative 1.7.5-->"C:\Program Files\Real Alternative\unins000.exe" REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly SAM Broadcaster (remove only)-->"C:\Program Files\SpacialAudio\SAMBC\uninstall.exe" SHOUTcast Radio Toolbar-->"C:\Program Files\SHOUTcast Radio Toolbar\uninstall.exe" SHOUTcast Source DSP 1.9.1 (remove only)-->C:\Program Files\Winamp\uninst-dsp.exe Skaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe Sony Image Data Suite-->C:\Program Files\InstallShield Installation Information\{359FCAA7-B544-4147-AE3B-8C8A526E2427}\setup.exe -runfromtemp -l0x0009 -removeonly Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 /removeonly uninstall -removeonly Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x9 /remove Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3} Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Winter Sports 2011-->"C:\Program Files\City Interactive\Winter Sports 2011\unins000.exe" XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe" ======Hosts File====== 127.0.0.1 mpa.one.microsoft.com ======System event log====== Computer Name: KOMPUTER Event Code: 62464 Message: UVD Information Record Number: 7649 Source Name: ati2mtag Time Written: 20110126182851.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 62464 Message: UVD Information Record Number: 7648 Source Name: ati2mtag Time Written: 20110126182851.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 62464 Message: UVD Information Record Number: 7647 Source Name: ati2mtag Time Written: 20110126182851.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 62464 Message: UVD Information Record Number: 7646 Source Name: ati2mtag Time Written: 20110126182851.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 62464 Message: UVD Information Record Number: 7645 Source Name: ati2mtag Time Written: 20110126182851.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: KOMPUTER Event Code: 100 Message: wuauclt (2792) Aparat bazy danych 5.01.2600.5512 został uruchomiony. Record Number: 280 Source Name: ESENT Time Written: 20101230195851.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 251 Message: Record Number: 279 Source Name: FirebirdGuardianDefaultInstance Time Written: 20101230195806.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 278 Source Name: SecurityCenter Time Written: 20101230195805.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 1 Message: Record Number: 277 Source Name: Bonjour Service Time Written: 20101230195800.000000+060 Event Type: informacje User: Computer Name: KOMPUTER Event Code: 105 Message: The service was started. Record Number: 276 Source Name: Creative Service for CDROM Access Time Written: 20101230195800.000000+060 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\ATI Stream\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=x86 Family 16 Model 4 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0402 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "ATISTREAMSDKROOT"=C:\Program Files\ATI Stream\ "asl.log"=Destination=file "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------[/log] log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Quest at 2011-02-04 13:19:00 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 35 GB (35%) free of 100 GB Total RAM: 2045 MB (41% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:19:19, on 2011-02-04 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\DOCUME~1\Quest\USTAWI~1\Temp\Gve.exe C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe C:\WINDOWS\Gnegya.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe C:\Program Files\iPod\bin\iPodService.exe C:\totalcmd\TOTALCMD.EXE C:\Program Files\Mozilla Firefox\firefox.exe D:\KCI_bot_6.6.91\kci.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\Quest\USTAWI~1\Temp\Gvd.exe c:\Documents and Settings\Quest\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Quest.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [CE8SIIFGSU] C:\DOCUME~1\Quest\USTAWI~1\Temp\Gvd.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-789336058-1364589140-682003330-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Dane aplikacji\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 10113 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOMPUTER-Quest.job C:\WINDOWS\tasks\Othbv.job C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccec60fc-2608-4e58-9659-3ffc159e8ea9}] SHOUTcast Loader - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-29 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-29 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - SHOUTcast Radio Toolbar - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304] "ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064] "CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344] "P17Helper"=Rundll32 P17.dll,P17Helper [] "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] "DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-12-09 74752] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2010-10-16 15360] "Steam"=C:\Program Files\Steam\Steam.exe [2011-01-04 1242448] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000] "CE8SIIFGSU"=C:\DOCUME~1\Quest\USTAWI~1\Temp\Gvd.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888] C:\Documents and Settings\Quest\Menu Start\Programy\Autostart Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2010-11-26 159744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2010-10-16 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe"="C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\EA Play\Create\pc\Create.exe"="C:\Program Files\EA Play\Create\pc\Create.exe:*:Enabled:Create™" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service" "C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp" "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Steam\steamapps\rossex\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\rossex\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======List of files/folders created in the last 1 months====== 2011-02-04 13:19:03 ----D---- C:\Program Files\trend micro 2011-02-04 13:19:00 ----D---- C:\rsit 2011-02-04 11:36:47 ----A---- C:\WINDOWS\Gnegya.exe 2011-02-04 11:36:39 ----RASH---- C:\WINDOWS\system32\command0.dll 2011-02-04 11:36:07 ----D---- C:\WINDOWS\Sun 2011-02-02 19:47:59 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\OpenFM 2011-02-02 19:47:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2011-02-02 15:55:06 ----A---- C:\WINDOWS\system32\ptpusb.dll 2011-02-02 15:55:06 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys 2011-02-02 15:55:05 ----A---- C:\WINDOWS\system32\ptpusd.dll 2011-02-02 15:52:33 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Apple Computer 2011-02-02 15:52:26 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2011-02-02 15:52:26 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys 2011-02-02 15:51:40 ----D---- C:\Program Files\iPod 2011-02-02 15:51:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2011-02-02 15:51:37 ----D---- C:\Program Files\iTunes 2011-02-02 15:51:08 ----D---- C:\Program Files\QuickTime 2011-02-02 15:51:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer 2011-02-02 15:51:00 ----D---- C:\Program Files\Apple Software Update 2011-02-02 15:50:52 ----A---- C:\WINDOWS\system32\usbaaplrc.dll 2011-02-02 15:50:52 ----A---- C:\WINDOWS\system32\drivers\usbaapl.sys 2011-02-02 15:50:10 ----SHD---- C:\Config.Msi 2011-02-02 15:49:57 ----D---- C:\Program Files\Common Files\Apple 2011-02-02 15:49:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Apple 2011-02-01 10:58:21 ----D---- C:\Program Files\uTorrent 2011-02-01 10:57:23 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\uTorrent 2011-01-31 20:10:31 ----D---- C:\Program Files\Microsoft Synchronization Services 2011-01-31 20:10:30 ----D---- C:\Program Files\Common Files\DESIGNER 2011-01-31 20:10:13 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2011-01-31 20:06:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2011-01-31 20:06:41 ----RHD---- C:\MSOCache 2011-01-29 00:49:14 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Sun 2011-01-29 00:49:13 ----D---- C:\Program Files\Common Files\Java 2011-01-29 00:48:34 ----A---- C:\WINDOWS\system32\javaws.exe 2011-01-29 00:48:34 ----A---- C:\WINDOWS\system32\javaw.exe 2011-01-29 00:48:34 ----A---- C:\WINDOWS\system32\java.exe 2011-01-29 00:48:34 ----A---- C:\WINDOWS\system32\deployJava1.dll 2011-01-29 00:48:25 ----D---- C:\Program Files\Java 2011-01-29 00:48:04 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Sun 2011-01-28 19:38:20 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2011-01-23 18:17:26 ----D---- C:\Program Files\SkanerOnline 2011-01-18 19:00:14 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\TeamViewer 2011-01-18 19:00:09 ----D---- C:\Program Files\TeamViewer 2011-01-17 13:29:53 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Opera 2011-01-17 13:29:50 ----D---- C:\Program Files\Opera 2011-01-14 23:36:39 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\RDRM 2011-01-14 23:36:38 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\ipla 2011-01-14 23:36:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ipla 2011-01-14 23:36:33 ----A---- C:\WINDOWS\system32\unrar.dll 2011-01-14 23:36:31 ----D---- C:\Program Files\K-Lite Codec Pack 2011-01-14 23:36:07 ----D---- C:\Program Files\ipla 2011-01-14 23:36:03 ----A---- C:\WINDOWS\system32\msvcr71.dll 2011-01-14 23:36:03 ----A---- C:\WINDOWS\system32\mfc71.dll 2011-01-14 23:36:03 ----A---- C:\WINDOWS\system32\gdiplus.dll 2011-01-14 20:30:59 ----A---- C:\WINDOWS\ODBC.INI 2011-01-14 20:30:11 ----D---- C:\Program Files\Microsoft Office 2011-01-11 15:55:45 ----D---- C:\Program Files\Microsoft.NET 2011-01-11 15:50:59 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$ 2011-01-11 15:49:48 ----D---- C:\Program Files\MSBuild 2011-01-11 15:49:47 ----D---- C:\WINDOWS\system32\XPSViewer 2011-01-11 15:49:44 ----D---- C:\WINDOWS\system32\en-us 2011-01-11 15:49:43 ----D---- C:\Program Files\Reference Assemblies 2011-01-11 15:49:27 ----N---- C:\WINDOWS\system32\spmsg2.dll 2011-01-11 13:30:54 ----D---- C:\Program Files\ffdshow 2011-01-11 13:30:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2011-01-11 13:30:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2011-01-11 11:18:04 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2011-01-10 22:54:29 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Media Player Classic 2011-01-10 22:50:18 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2011-01-10 22:50:18 ----A---- C:\WINDOWS\system32\pndx5032.dll 2011-01-10 22:50:18 ----A---- C:\WINDOWS\system32\pndx5016.dll 2011-01-10 22:50:18 ----A---- C:\WINDOWS\system32\pncrt.dll 2011-01-10 22:50:17 ----D---- C:\Program Files\Real Alternative 2011-01-10 22:50:17 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Real 2011-01-10 22:50:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Real 2011-01-10 22:28:52 ----D---- C:\Program Files\Microsoft Silverlight 2011-01-09 14:12:49 ----A---- C:\WINDOWS\system32\drivers\usb8023x.sys 2011-01-09 14:12:49 ----A---- C:\WINDOWS\system32\drivers\rndismpx.sys 2011-01-09 14:12:31 ----D---- C:\Program Files\Microsoft ActiveSync 2011-01-07 12:42:12 ----D---- C:\WINDOWS\pss 2011-01-06 21:13:14 ----D---- C:\Program Files\Xvid 2011-01-06 21:13:14 ----A---- C:\WINDOWS\system32\xvidvfw.dll ======List of files/folders modified in the last 1 months====== 2011-02-04 13:19:08 ----D---- C:\WINDOWS\Prefetch 2011-02-04 13:19:04 ----D---- C:\WINDOWS\Temp 2011-02-04 13:19:03 ----RD---- C:\Program Files 2011-02-04 13:17:05 ----SD---- C:\WINDOWS\Tasks 2011-02-04 13:06:55 ----D---- C:\Documents and Settings 2011-02-04 12:30:05 ----D---- C:\WINDOWS\system32 2011-02-04 12:30:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-02-04 12:26:23 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-04 12:26:06 ----SHD---- C:\System Volume Information 2011-02-04 12:26:06 ----D---- C:\WINDOWS\system32\Restore 2011-02-04 12:25:47 ----D---- C:\Program Files\Steam 2011-02-04 12:24:46 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-02-04 11:36:47 ----D---- C:\WINDOWS 2011-02-03 22:20:48 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Winamp 2011-02-02 16:07:39 ----SD---- C:\Documents and Settings\Quest\Dane aplikacji\Microsoft 2011-02-02 15:55:11 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-02-02 15:55:06 ----D---- C:\WINDOWS\system32\drivers 2011-02-02 15:54:57 ----HD---- C:\WINDOWS\inf 2011-02-02 15:52:37 ----SHD---- C:\WINDOWS\Installer 2011-02-02 15:52:26 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-02-02 15:51:25 ----D---- C:\Program Files\Internet Explorer 2011-02-02 15:50:13 ----D---- C:\Program Files\Bonjour 2011-02-02 15:49:57 ----D---- C:\Program Files\Common Files 2011-02-01 19:06:09 ----D---- C:\WINDOWS\system32\wbem 2011-01-31 21:20:10 ----RSD---- C:\WINDOWS\assembly 2011-01-31 21:19:39 ----D---- C:\WINDOWS\Microsoft.NET 2011-01-31 20:11:30 ----D---- C:\WINDOWS\system32\config 2011-01-31 20:11:18 ----RSD---- C:\WINDOWS\Fonts 2011-01-31 20:11:07 ----D---- C:\Program Files\Common Files\Microsoft Shared 2011-01-31 20:10:31 ----D---- C:\WINDOWS\WinSxS 2011-01-31 20:08:19 ----A---- C:\WINDOWS\win.ini 2011-01-31 20:08:08 ----D---- C:\Program Files\Common Files\System 2011-01-30 21:20:45 ----D---- C:\Program Files\Gadu-Gadu 10 2011-01-30 00:04:16 ----D---- C:\Program Files\NPCC3 2011-01-29 23:09:28 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-01-23 18:17:27 ----SD---- C:\WINDOWS\Downloaded Program Files 2011-01-14 20:29:51 ----D---- C:\WINDOWS\system 2011-01-11 15:58:32 ----D---- C:\WINDOWS\system32\pl-pl 2011-01-11 15:50:39 ----D---- C:\WINDOWS\system32\mui 2011-01-11 15:49:32 ----D---- C:\WINDOWS\system32\spool 2011-01-11 10:27:35 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Gadu-Gadu 10 2011-01-09 22:21:56 ----D---- C:\Documents and Settings\Quest\Dane aplikacji\Adobe 2011-01-09 22:20:00 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-01-09 22:19:47 ----D---- C:\Program Files\Common Files\Adobe 2011-01-09 22:19:37 ----D---- C:\Program Files\Adobe 2011-01-09 14:12:32 ----D---- C:\WINDOWS\Help 2011-01-07 12:42:25 ----SH---- C:\boot.ini 2011-01-07 12:42:25 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136] R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2010-10-16 61696] R0 pssnap;Paramount Software Snapshot Filter; C:\WINDOWS\system32\DRIVERS\pssnap.sys [2010-09-28 15328] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-17 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-12-29 685816] R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2010-10-16 14720] R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2010-10-16 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-11-26 5555712] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2010-10-16 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2010-10-16 10368] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2010-10-16 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2010-10-16 61824] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496] R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-05-03 225232] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2010-10-16 32128] S3 PSMounter;Macrium Reflect Image Explorer Service; \??\C:\WINDOWS\system32\drivers\psmounter.sys [] S3 usb_rndisx;Karta USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-12-14 41984] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-10-16 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-10-16 82944] S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-11-26 614400] R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376] R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144] R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-29 153376] R2 ReflectService;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2010-09-28 220128] R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552] R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-30 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 918016] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-10-16 14336] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------[/log]
Tomek01 komentarz 4 lutego 2011 komentarz 4 lutego 2011 W OTL, w oknie Custom scan/fixes wklej: [code]:OTL PRC - [2011-02-04 11:36:40 | 000,142,336 | ---- | M] (ComponentOne LLC) -- C:\WINDOWS\Gnegya.exe O4 - HKU\S-1-5-21-789336058-1364589140-682003330-1003..\Run: [CE8SIIFGSU] File not found O32 - AutoRun File - [2010-03-24 00:54:52 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ] @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1C422577 :Files C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job C:\WINDOWS\tasks\Othbv.job C:\WINDOWS\System32\command0.dll C:\DOCUME~1\Quest\USTAWI~1\Temp\Gve.exe C:\DOCUME~1\Quest\USTAWI~1\Temp\Gvd.exe :Commands [emptytemp] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.