kali4 utworzono 4 lutego 2011 utworzono 4 lutego 2011 Witam wyskakuje mi błąd explorer.exe Przeskanowałem OTL i oto logi: Extras: [log] OTL Extras logfile created on: 2011-02-05 20:18:20 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\programosy\otl Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 76,44 Gb Free Space | 78,28% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 35,53 Gb Free Space | 15,26% Space Free | Partition Type: NTFS Drive E: | 102,77 Gb Total Space | 57,00 Gb Free Space | 55,46% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 97,46 Gb Free Space | 99,80% Space Free | Partition Type: NTFS Computer Name: DOM-44020C071AE | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1409082233-796845957-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\programosy\Mozilla\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\programosy\gg\Gadu-Gadu 10\gg.exe" = C:\programosy\gg\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "E:\gta4\Rockstar Games Social Club\RGSCLauncher.exe" = E:\gta4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club "C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\programosy\utorrent\utorrent.exe" = C:\programosy\utorrent\utorrent.exe:*:Enabled:µTorrent "C:\Documents and Settings\Karol\Pulpit\utorrent.exe" = C:\Documents and Settings\Karol\Pulpit\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "E:\medal zainst\MP\mohmpgame.exe" = E:\medal zainst\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer "E:\medal zainst\Binaries\moh.exe" = E:\medal zainst\Binaries\moh.exe:*:Enabled:Medal of Honor™ "E:\med zains\MP\mohmpgame.exe" = E:\med zains\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer "C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.) "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft) "E:\assasin\zainst\AssassinsCreedIIGame.exe" = E:\assasin\zainst\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II "E:\assasin\zainst\AssassinsCreedII.exe" = E:\assasin\zainst\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update "E:\assasin\zainst\UPlayBrowser.exe" = E:\assasin\zainst\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM) "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90280415-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional z programem FrontPage "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game "{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIMP2" = AIMP2 "avast5" = avast! Free Antivirus "Codec_is1" = Codec 8.3p "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "FormatFactory" = FormatFactory 2.60 "Gadu-Gadu 10" = Gadu-Gadu 10 "GOM Player" = GOM Player "Handbrake" = Handbrake 0.9.4 "InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies "ipla" = ipla 2.2.1 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full) "Mafia II_is1" = Mafia II "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "mv61xxDriver" = marvell 61xx "MyFreeCodec" = MyFreeCodec "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Ocena Opisowa N" = Librus Ocena Opisowa "OpenAL" = OpenAL "uTorrent" = µTorrent "WIC" = Windows Imaging Component "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "XP Codec Pack" = XP Codec Pack "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1409082233-796845957-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-10 14:39:42 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-11 00:50:36 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-11 10:18:26 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-12 05:36:32 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-12 10:57:20 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-13 01:39:20 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-13 08:01:59 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-13 12:31:17 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-14 00:05:19 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-01-14 00:05:24 | Computer Name = DOM-44020C071AE | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2011-02-05 00:21:10 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 00:21:10 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 03:57:57 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 03:57:57 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 07:31:49 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 07:31:49 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 08:23:22 | Computer Name = DOM-44020C071AE | Source = W32Time | ID = 39452706 Description = Usługa czas wykryła, że trzeba zmienić czas systemowy o -73597 s. Usługa czasu nie zmieni czasu systemowego o więcej niż -54000 s. Sprawdź, czy czas i strefa czasowa są poprawne i czy źródło czasu time.windows.com (ntp.m|0x1|192.168.16.100:123->207.46.232.182:123) działa poprawnie. Error - 2011-02-05 11:39:35 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 11:39:35 | Computer Name = DOM-44020C071AE | Source = Ntfs | ID = 262199 Description = Struktura systemu plików na dysku jest uszkodzona i nie do użytku. Uruchom narzędzie chkdsk na woluminie E:. Error - 2011-02-05 11:39:55 | Computer Name = DOM-44020C071AE | Source = W32Time | ID = 39452706 Description = Usługa czas wykryła, że trzeba zmienić czas systemowy o -73612 s. Usługa czasu nie zmieni czasu systemowego o więcej niż -54000 s. Sprawdź, czy czas i strefa czasowa są poprawne i czy źródło czasu time.windows.com (ntp.m|0x1|192.168.16.100:123->207.46.232.182:123) działa poprawnie. < End of report > [/log] OTL: [log] OTL logfile created on: 2011-02-05 20:18:20 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\programosy\otl Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 76,44 Gb Free Space | 78,28% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 35,53 Gb Free Space | 15,26% Space Free | Partition Type: NTFS Drive E: | 102,77 Gb Total Space | 57,00 Gb Free Space | 55,46% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 97,46 Gb Free Space | 99,80% Space Free | Partition Type: NTFS Computer Name: DOM-44020C071AE | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-05 20:16:22 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\programosy\otl\OTL.exe PRC - [2011-01-23 10:12:07 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011-01-23 10:12:06 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-12-28 16:47:13 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-12-13 20:56:23 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\programosy\Mozilla\firefox.exe PRC - [2010-11-05 19:49:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-10-25 13:37:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe PRC - [2010-10-25 13:33:52 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2010-10-16 12:05:52 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-10-07 12:35:02 | 000,537,184 | ---- | M] () -- C:\programosy\gg\Gadu-Gadu 10\open-fm.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-03-09 15:54:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\programosy\avast\AvastUI.exe PRC - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\programosy\avast\AvastSvc.exe PRC - [2008-06-03 01:06:34 | 005,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe PRC - [2008-05-16 11:09:00 | 016,862,720 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2001-10-26 22:00:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-05 20:16:22 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\programosy\otl\OTL.exe MOD - [2010-10-16 12:05:54 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2010-08-26 00:14:42 | 000,301,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSPL.dll MOD - [2010-08-26 00:12:24 | 002,459,240 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-01-23 10:12:06 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-10-25 13:37:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc) SRV - [2010-10-25 13:33:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Antivirus) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-03 13:35:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-12-03 13:35:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010-11-08 13:17:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-10-25 13:37:48 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010-10-25 13:33:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-10-22 10:53:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-08-27 09:02:18 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-08-27 09:02:18 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd) DRV - [2010-08-27 09:02:18 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2010-08-27 09:02:18 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2010-03-09 15:42:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-03-09 15:42:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-03-09 15:39:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-03-09 15:38:41 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-03-09 15:38:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-03-09 15:38:15 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-06-25 21:17:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008-06-24 02:51:48 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx) DRV - [2008-05-20 14:23:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-12-17 13:44:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2004-08-13 15:26:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-796845957-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\programosy\Mozilla\components [2010-12-17 23:20:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\programosy\Mozilla\plugins [2010-12-13 20:56:30 | 000,000,000 | ---D | M] [2010-11-05 09:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Extensions [2011-02-05 12:34:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions [2010-11-05 15:57:24 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} [2010-11-05 10:04:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-11-08 13:17:46 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\DTToolbar@toolbarnet.com [2010-11-05 15:49:51 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\fastdial@telega.phpnet.us [2010-11-08 13:17:42 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\searchplugins\daemon-search.xml [2010-11-05 19:49:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-12-22 22:54:44 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAMOSY\MOZILLA\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} [2010-11-05 19:49:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMOSY\MOZILLA\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} O1 HOSTS File: ([2011-01-17 14:26:35 | 000,001,054 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1409082233-796845957-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\programosy\adobe rader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast5] C:\programosy\avast\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe () O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe () O4 - HKU\S-1-5-21-1409082233-796845957-725345543-1003..\Run: [KiesTrayAgent] File not found O4 - HKU\S-1-5-21-1409082233-796845957-725345543-1003..\Run: [RGSC] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O4 - Startup: C:\Documents and Settings\Karol\Menu Start\Programy\Autostart\FreeRapid 0.83u1.lnk = File not found O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-796845957-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 192.168.16.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-03 21:36:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-04 14:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Pulpit\fizyka [2011-01-31 17:35:08 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-01-23 10:12:27 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011-01-23 10:12:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-01-23 10:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Sunbelt Software [2011-01-23 10:09:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavasoft [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2011-01-23 10:04:31 | 130,359,064 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Karol\Pulpit\Ad-Aware9Install-[www.programosy.pl].exe [2011-01-17 14:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2011-01-16 16:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Menu Start\Programy\FormatFactory [2011-01-16 16:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\TGTSoft [2011-01-15 20:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2011-01-15 20:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\2K Games [2011-01-13 11:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Identities [2011-01-07 20:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2011-01-07 20:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2011-01-06 18:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\Grażyna [2011-01-06 18:11:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Librus Świadectwa [2011-01-06 18:09:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ocena Opisowa [2011-01-06 18:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\Librus [2010-12-28 13:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\NFS Undercover [2010-12-28 13:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\Leadertech [2010-12-28 13:44:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010-12-28 13:44:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA Games [2010-12-28 13:32:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\SecuROM [2010-12-27 00:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\music [2010-12-22 23:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\skypePM [2010-12-22 22:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-12-22 22:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2010-12-22 22:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-12-22 22:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\Skype [2010-12-22 22:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-12-20 13:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia Microsoft Office [2010-12-20 13:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer [2010-12-20 13:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2010-12-20 13:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-12-16 18:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\NVIDIA [2010-12-15 20:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2010-12-15 20:42:34 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-12-15 20:42:33 | 002,932,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2010-12-15 20:42:33 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2010-12-15 20:42:33 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2010-12-15 20:42:33 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll [2010-12-15 20:42:32 | 013,012,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2010-12-15 20:41:57 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010-12-13 15:14:55 | 118,093,960 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Karol\Moje dokumenty\260.99_desktop_winxp_32bit_international_whql.exe [2010-12-11 14:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\HandBrake [2010-12-11 14:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\HandBrake [2010-12-11 14:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Menu Start\Programy\Handbrake [2010-12-08 16:41:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\Moje wideo [2010-12-08 16:41:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\SelfMV [2010-12-08 16:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MyFree Codec [2010-12-08 16:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec [2010-12-07 21:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Moje dokumenty\Samsung [2010-12-07 21:49:51 | 000,217,088 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe [2010-12-07 21:49:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Samsung [2010-12-07 21:49:07 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys [2010-12-07 21:49:07 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bserd.sys [2010-12-07 21:49:07 | 000,098,432 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys [2010-12-07 21:49:07 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys [2010-12-07 21:49:07 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys [2010-12-07 21:49:07 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys [2010-12-07 21:49:07 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys [2010-12-07 21:49:07 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys [2010-12-07 21:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010-12-07 21:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Dane aplikacji\Samsung [2010-12-07 21:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2010-12-07 21:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny [2010-12-07 21:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2010-12-07 21:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Samsung [2004-11-24 23:55:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-05 20:09:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-05 16:15:04 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-02-05 15:58:37 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-04 18:26:24 | 000,037,031 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\fiza1.rtf [2011-01-31 18:04:09 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-01-30 00:36:16 | 021,255,282 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Film0015.mp4 [2011-01-23 10:13:46 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-01-23 10:12:21 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-01-23 10:12:21 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2011-01-23 10:09:32 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-01-23 10:06:52 | 130,359,064 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Karol\Pulpit\Ad-Aware9Install-[www.programosy.pl].exe [2011-01-18 23:14:56 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Karol\Pulpit\~$wy Dokument programu Microsoft Word.doc [2011-01-17 14:37:21 | 032,325,725 | ---- | M] () -- C:\Documents and Settings\Karol\Moje dokumenty\As54ysassin_s_Cre54y54ed_II_-_Skid34Row(1).rar [2011-01-17 14:26:35 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Karol\Moje dokumenty\hosts [2011-01-16 16:27:59 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Format Factory.lnk [2011-01-15 20:30:40 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mafia II.lnk [2011-01-14 22:03:02 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do frd.lnk [2011-01-06 18:09:44 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ocena Opisowa.lnk [2011-01-02 21:08:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-30 12:46:23 | 000,000,433 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do nfs.lnk [2010-12-29 12:41:08 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do AIMP2.lnk [2010-12-28 13:44:54 | 000,003,388 | ---- | M] () -- C:\WINDOWS\System32\ealregsnapshot1.reg [2010-12-22 23:18:07 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-12-22 23:15:58 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-12-20 16:32:57 | 000,117,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-20 13:07:24 | 000,000,427 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010-12-20 13:07:01 | 000,001,750 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk [2010-12-19 12:42:22 | 000,490,628 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-12-19 12:42:22 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-12-19 12:42:22 | 000,083,880 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-12-19 12:42:22 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-12-17 09:47:27 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Karol\Menu Start\Programy\Autostart\FreeRapid 0.83u1.lnk [2010-12-15 20:42:53 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-12-15 20:42:53 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-12-15 20:42:51 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-12-15 20:42:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2010-12-15 19:20:00 | 000,182,441 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-12-13 15:44:39 | 118,093,960 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Karol\Moje dokumenty\260.99_desktop_winxp_32bit_international_whql.exe [2010-12-08 16:35:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-12-07 21:49:29 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung Kies.lnk [2010-12-07 21:47:48 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-04 18:26:24 | 000,037,031 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\fiza1.rtf [2011-02-01 00:01:18 | 021,255,282 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Film0015.mp4 [2011-01-23 10:18:53 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011-01-23 10:12:44 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-01-23 10:09:32 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-01-18 23:14:56 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Karol\Pulpit\~$wy Dokument programu Microsoft Word.doc [2011-01-17 14:26:21 | 000,001,054 | ---- | C] () -- C:\Documents and Settings\Karol\Moje dokumenty\hosts [2011-01-17 14:25:40 | 032,325,725 | ---- | C] () -- C:\Documents and Settings\Karol\Moje dokumenty\As54ysassin_s_Cre54y54ed_II_-_Skid34Row(1).rar [2011-01-16 16:27:59 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Format Factory.lnk [2011-01-16 16:24:03 | 000,000,211 | -HS- | C] () -- C:\BOOT.BKK [2011-01-15 20:30:40 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mafia II.lnk [2011-01-14 22:03:02 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do frd.lnk [2011-01-06 18:13:13 | 000,103,659 | ---- | C] () -- C:\Documents and Settings\Karol\Moje dokumenty\Kształcenie zintegrowane 1-3.smt [2011-01-06 18:09:44 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ocena Opisowa.lnk [2010-12-30 12:46:24 | 000,000,433 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do nfs.lnk [2010-12-29 12:41:08 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do AIMP2.lnk [2010-12-28 13:48:23 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-28 13:48:22 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-12-28 13:48:15 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-12-28 13:44:54 | 000,003,388 | ---- | C] () -- C:\WINDOWS\System32\ealregsnapshot1.reg [2010-12-22 23:15:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-12-22 22:54:31 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-12-20 13:07:23 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-12-20 13:07:01 | 000,002,531 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk [2010-12-20 13:07:01 | 000,002,092 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Excel.lnk [2010-12-20 13:07:01 | 000,002,086 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Outlook.lnk [2010-12-20 13:07:01 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft FrontPage.lnk [2010-12-20 13:07:01 | 000,002,032 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft PowerPoint.lnk [2010-12-20 13:07:01 | 000,002,010 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Access.lnk [2010-12-20 13:07:01 | 000,001,750 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk [2010-12-17 09:47:20 | 000,001,809 | ---- | C] () -- C:\Documents and Settings\Karol\Menu Start\Programy\FreeRapid 0.83u1.lnk [2010-12-17 09:46:22 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Karol\Menu Start\Programy\Autostart\FreeRapid 0.83u1.lnk [2010-12-15 20:42:53 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-12-15 20:42:51 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-12-15 20:42:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-12-15 20:42:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2010-12-15 20:42:33 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-12-15 20:42:32 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2010-12-07 21:49:51 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-12-07 21:49:51 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-12-07 21:49:29 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung Kies.lnk [2010-12-07 21:47:09 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp [2010-11-20 15:09:57 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-11-08 22:47:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini [2010-11-08 13:17:41 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-06 16:26:31 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-11-05 18:54:28 | 004,265,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-05 16:43:10 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-05 16:42:38 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-11-05 16:42:38 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-11-05 16:42:33 | 000,887,296 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-11-05 16:42:33 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-11-04 23:36:55 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2010-11-04 23:36:55 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2010-11-04 23:36:53 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2010-11-04 23:36:53 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2010-11-04 23:20:59 | 000,037,628 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-11-04 23:20:38 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-11-04 23:20:32 | 000,037,237 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-11-04 23:20:32 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-11-04 02:44:13 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll [2010-11-04 02:44:06 | 000,258,048 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll [2010-11-04 02:44:06 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll [2010-11-04 02:44:05 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll [2010-11-03 22:18:10 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-10-25 13:39:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2010-10-25 13:39:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2010-10-25 13:39:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2010-10-25 13:39:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-12-19 19:45:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 22:11:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 21:52:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 21:52:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 21:47:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 21:29:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-05-03 07:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-10-03 22:20:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [color=#E56717]========== LOP Check ==========[/color] [2010-11-05 10:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-11-08 22:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2010-11-08 13:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-12-01 16:42:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-11-05 10:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-18 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-02-05 15:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-12-07 21:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2010-11-17 19:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-01-23 10:09:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2010-11-18 13:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\DAEMON Tools Lite [2010-11-05 10:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\Gadu-Gadu 10 [2010-12-11 14:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\HandBrake [2011-01-14 22:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\ipla [2010-12-28 13:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\Leadertech [2010-11-05 15:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\OpenFM [2010-11-18 10:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\RDRM [2010-12-07 21:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\Samsung [2010-12-22 18:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\Ubisoft [2011-01-31 18:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\uTorrent [2010-11-05 19:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karol\Dane aplikacji\VitySoft [2011-01-23 10:13:46 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-05 20:09:12 | 000,010,524 | ---- | M] () -- C:\aaw7boot.log [2010-12-07 21:47:48 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [2010-11-03 21:36:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-11-03 21:31:04 | 000,000,211 | -HS- | M] () -- C:\BOOT.BKK [2010-11-03 21:31:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 02:43:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-03 21:36:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-03 21:36:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-03 21:36:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-04 02:08:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-11-13 13:56:19 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-02-05 20:09:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-11-04 23:32:37 | 000,000,581 | ---- | M] () -- C:\RHDSetup.log [2010-11-04 23:40:10 | 000,000,046 | -H-- | M] () -- C:\splash.idx [2008-07-09 12:07:10 | 000,005,552 | -H-- | M] () -- C:\version [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-24 14:35:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-01-24 14:35:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-04 02:29:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-18 02:17:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-18 02:17:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-24 14:35:50 | 016,733,141 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-04 02:29:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 04:13:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-04 02:44:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 04:14:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log]
Tomek01 komentarz 4 lutego 2011 komentarz 4 lutego 2011 Odinstaluj Deamon Tools Toolbar. W OTL, w oknie Custom scan/fixes wklej: [code]:OTL FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 [2010-11-08 13:17:46 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\DTToolbar@toolbarnet.com O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1409082233-796845957-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe () O4 - HKU\S-1-5-21-1409082233-796845957-725345543-1003..\Run: [RGSC] File not found :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
kali4 komentarz 4 lutego 2011 Autor komentarz 4 lutego 2011 (edytowane) Dzienki a o to logi po całej tej operacji [log] All processes killed ========== OTL ========== Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems Folder C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\DTToolbar@toolbarnet.com\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1409082233-796845957-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinSys2 not found. File C:\WINDOWS\system32\WinSys2.exe not found. Registry value HKEY_USERS\S-1-5-21-1409082233-796845957-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Karol ->Temp folder emptied: 621094 bytes ->Temporary Internet Files folder emptied: 829573 bytes ->Java cache emptied: 51976 bytes ->FireFox cache emptied: 52896535 bytes ->Flash cache emptied: 14231 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134153 bytes %systemroot%\System32 .tmp files removed: 1621716 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 344064 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 56,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02052011_212323 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Karol\Ustawienia lokalne\Temp\Perflib_Perfdata_6cc.dat not found! File\Folder C:\Documents and Settings\Karol\Ustawienia lokalne\Temp\Perflib_Perfdata_d8.dat not found! C:\Documents and Settings\Karol\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZJU5KSOB\channel[1].htm moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\XUL.mfl moved successfully. File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\Perflib_Perfdata_ae4.dat not found! Registry entries deleted on Reboot... [/log] a to log po zeskanowaniu [log] OTL logfile created on: 2011-02-05 21:32:53 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\programosy\otl Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 76,86 Gb Free Space | 78,71% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 35,53 Gb Free Space | 15,26% Space Free | Partition Type: NTFS Drive E: | 102,77 Gb Total Space | 57,00 Gb Free Space | 55,46% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 97,46 Gb Free Space | 99,80% Space Free | Partition Type: NTFS Computer Name: DOM-44020C071AE | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-02-05 20:16:22 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\programosy\otl\OTL.exe PRC - [2011-01-23 10:12:07 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011-01-23 10:12:06 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010-12-13 20:56:23 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\programosy\Mozilla\firefox.exe PRC - [2010-10-25 13:37:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe PRC - [2010-10-25 13:33:52 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2010-09-23 04:47:04 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\programosy\adobe rader\Reader\reader_sl.exe PRC - [2010-03-09 15:54:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\programosy\avast\AvastUI.exe PRC - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\programosy\avast\AvastSvc.exe PRC - [2008-06-03 01:06:34 | 005,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-05 20:16:22 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\programosy\otl\OTL.exe MOD - [2010-10-16 12:05:54 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll MOD - [2010-08-26 00:14:42 | 000,301,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSPL.dll MOD - [2010-08-26 00:12:24 | 002,459,240 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-01-23 10:12:06 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010-10-25 13:37:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc) SRV - [2010-10-25 13:33:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-03-09 15:54:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\programosy\avast\AvastSvc.exe -- (avast! Antivirus) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-03 13:35:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010-12-03 13:35:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010-11-08 13:17:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-10-25 13:37:48 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010-10-25 13:33:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-10-22 10:53:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-08-27 09:02:18 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2010-08-27 09:02:18 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd) DRV - [2010-08-27 09:02:18 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2010-08-27 09:02:18 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2010-03-09 15:42:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-03-09 15:42:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-03-09 15:39:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-03-09 15:38:41 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-03-09 15:38:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-03-09 15:38:15 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-06-25 21:17:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008-06-24 02:51:48 | 000,150,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx) DRV - [2008-05-20 14:23:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-12-17 13:44:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2004-08-13 15:26:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\programosy\Mozilla\components [2010-12-17 23:20:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\programosy\Mozilla\plugins [2010-12-13 20:56:30 | 000,000,000 | ---D | M] [2010-11-05 09:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Extensions [2011-02-05 21:22:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions [2010-11-05 15:57:24 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} [2010-11-05 10:04:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-11-05 15:49:51 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\extensions\fastdial@telega.phpnet.us [2010-11-08 13:17:42 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\a4jjpo6c.default\searchplugins\daemon-search.xml [2010-11-05 19:49:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-12-22 22:54:44 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAMOSY\MOZILLA\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} [2010-11-05 19:49:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMOSY\MOZILLA\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} O1 HOSTS File: ([2011-01-17 14:26:35 | 000,001,054 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\programosy\adobe rader\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast5] C:\programosy\avast\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe () O4 - HKCU..\Run: [KiesTrayAgent] File not found O4 - Startup: C:\Documents and Settings\Karol\Menu Start\Programy\Autostart\FreeRapid 0.83u1.lnk = File not found O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 192.168.16.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-03 21:36:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-05 21:14:36 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-04 14:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Pulpit\fizyka [2011-01-31 17:35:08 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-01-23 10:12:27 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011-01-23 10:12:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-01-23 10:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Sunbelt Software [2011-01-23 10:09:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavasoft [2011-01-23 10:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2011-01-23 10:04:31 | 130,359,064 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Karol\Pulpit\Ad-Aware9Install-[www.programosy.pl].exe [2011-01-17 14:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2011-01-16 16:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Menu Start\Programy\FormatFactory [2011-01-16 16:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\TGTSoft [2011-01-15 20:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2011-01-15 20:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\2K Games [2011-01-13 11:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Identities [2011-01-07 20:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2011-01-07 20:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2004-11-24 23:55:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-05 21:27:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-05 20:49:05 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-02-05 15:58:37 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-04 18:26:24 | 000,037,031 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\fiza1.rtf [2011-01-31 18:04:09 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-01-30 00:36:16 | 021,255,282 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Film0015.mp4 [2011-01-23 10:13:46 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-01-23 10:12:21 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-01-23 10:12:21 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2011-01-23 10:09:32 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-01-23 10:06:52 | 130,359,064 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Karol\Pulpit\Ad-Aware9Install-[www.programosy.pl].exe [2011-01-17 14:37:21 | 032,325,725 | ---- | M] () -- C:\Documents and Settings\Karol\Moje dokumenty\As54ysassin_s_Cre54y54ed_II_-_Skid34Row(1).rar [2011-01-17 14:26:35 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Karol\Moje dokumenty\hosts [2011-01-16 16:27:59 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Format Factory.lnk [2011-01-15 20:30:40 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mafia II.lnk [2011-01-14 22:03:02 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do frd.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-04 18:26:24 | 000,037,031 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\fiza1.rtf [2011-02-01 00:01:18 | 021,255,282 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Film0015.mp4 [2011-01-23 10:18:53 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011-01-23 10:12:44 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-01-23 10:09:32 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2011-01-17 14:26:21 | 000,001,054 | ---- | C] () -- C:\Documents and Settings\Karol\Moje dokumenty\hosts [2011-01-17 14:25:40 | 032,325,725 | ---- | C] () -- C:\Documents and Settings\Karol\Moje dokumenty\As54ysassin_s_Cre54y54ed_II_-_Skid34Row(1).rar [2011-01-16 16:27:59 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Format Factory.lnk [2011-01-16 16:24:03 | 000,000,211 | -HS- | C] () -- C:\BOOT.BKK [2011-01-15 20:30:40 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mafia II.lnk [2011-01-14 22:03:02 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Karol\Pulpit\Skrót do frd.lnk [2010-12-28 13:48:22 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-12-20 13:07:23 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-12-07 21:49:51 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-12-07 21:49:51 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-11-20 15:09:57 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-11-08 22:47:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini [2010-11-08 13:17:41 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-06 16:26:31 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-11-05 18:54:28 | 004,265,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-05 16:43:10 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-05 16:42:38 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-11-05 16:42:38 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-11-05 16:42:33 | 000,887,296 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-11-05 16:42:33 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-11-04 23:36:55 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2010-11-04 23:36:55 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2010-11-04 23:36:53 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2010-11-04 23:36:53 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2010-11-04 23:20:59 | 000,037,628 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-11-04 23:20:38 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-11-04 23:20:32 | 000,037,237 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-11-04 23:20:32 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-11-04 02:44:13 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll [2010-11-04 02:44:06 | 000,258,048 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll [2010-11-04 02:44:06 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll [2010-11-04 02:44:05 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll [2010-11-03 22:18:10 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-10-25 13:39:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2010-10-25 13:39:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2010-10-25 13:39:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2010-10-25 13:39:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-12-19 19:45:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 22:11:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 21:52:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 21:52:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 21:47:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 21:29:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-05-03 07:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-10-03 22:20:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll < End of report > [/log]
kali4 komentarz 5 lutego 2011 Autor komentarz 5 lutego 2011 oto log z RSIT: [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Karol at 2011-02-06 15:05:01 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 79 GB (79%) free of 100 GB Total RAM: 2047 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:05:03, on 2011-02-06 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20696) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\programosy\avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\PROGRA~2\avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\dgdersvc.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\programosy\Mozilla\firefox.exe C:\programosy\gg\Gadu-Gadu 10\open-fm.exe C:\programosy\otl\RSIT.exe C:\Program Files\trend micro\Karol.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [avast5] C:\PROGRA~2\avast\avastUI.exe /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\programosy\adobe rader\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: FreeRapid 0.83u1.lnk = C:\Documents and Settings\Karol\Moje dokumenty\Pobieranie\FreeRapid-0.83u1\frd.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - ALWIL Software - C:\programosy\avast\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\programosy\avast\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\programosy\avast\AvastSvc.exe O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\WINDOWS\system32\dgdersvc.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 7345 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-05 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-05 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800] "avast5"=C:\PROGRA~2\avast\avastUI.exe [2010-03-09 2769336] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=C:\programosy\adobe rader\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-26 1753192] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "KiesTrayAgent"= [] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE C:\Documents and Settings\Karol\Menu Start\Programy\Autostart FreeRapid 0.83u1.lnk - C:\Documents and Settings\Karol\Moje dokumenty\Pobieranie\FreeRapid-0.83u1\frd.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-01-24 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\programosy\gg\Gadu-Gadu 10\gg.exe"="C:\programosy\gg\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "E:\gta4\Rockstar Games Social Club\RGSCLauncher.exe"="E:\gta4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club" "C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary" "C:\programosy\utorrent\utorrent.exe"="C:\programosy\utorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Documents and Settings\Karol\Pulpit\utorrent.exe"="C:\Documents and Settings\Karol\Pulpit\utorrent.exe:*:Enabled:µTorrent" "E:\medal zainst\MP\mohmpgame.exe"="E:\medal zainst\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer" "E:\medal zainst\Binaries\moh.exe"="E:\medal zainst\Binaries\moh.exe:*:Enabled:Medal of Honor™" "E:\med zains\MP\mohmpgame.exe"="E:\med zains\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer" "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher" "E:\assasin\zainst\AssassinsCreedIIGame.exe"="E:\assasin\zainst\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II" "E:\assasin\zainst\AssassinsCreedII.exe"="E:\assasin\zainst\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update" "E:\assasin\zainst\UPlayBrowser.exe"="E:\assasin\zainst\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2011-02-06 15:04:20 ----D---- C:\Program Files\trend micro 2011-02-06 15:04:19 ----D---- C:\rsit 2011-02-05 21:14:36 ----D---- C:\_OTL 2011-01-31 17:35:08 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2011-01-23 10:18:53 ----A---- C:\WINDOWS\system32\lsdelete.exe 2011-01-23 10:12:27 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys 2011-01-23 10:12:23 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys 2011-01-23 10:09:32 ----HDC---- C:\Documents and Settings\All Users\Dane aplikacji\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} 2011-01-23 10:09:24 ----D---- C:\Program Files\Lavasoft 2011-01-23 10:09:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft 2011-01-16 16:20:54 ----D---- C:\Program Files\TGTSoft 2011-01-15 20:32:01 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2011-01-07 20:52:28 ----D---- C:\Program Files\Microsoft Silverlight ======List of files/folders modified in the last 1 months====== 2011-02-06 15:04:28 ----D---- C:\WINDOWS\Prefetch 2011-02-06 15:04:20 ----RD---- C:\Program Files 2011-02-06 14:59:23 ----D---- C:\WINDOWS\Temp 2011-02-06 14:58:19 ----D---- C:\Documents and Settings\Karol\Dane aplikacji\Skype 2011-02-06 14:58:06 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-06 14:57:27 ----D---- C:\Documents and Settings\Karol\Dane aplikacji\skypePM 2011-02-06 00:14:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-02-05 21:41:08 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2011-02-05 21:23:26 ----D---- C:\WINDOWS\system32 2011-02-05 21:23:26 ----D---- C:\WINDOWS 2011-02-05 21:14:49 ----D---- C:\Program Files\DAEMON Tools Toolbar 2011-02-05 20:48:58 ----A---- C:\WINDOWS\system32\PnkBstrB.exe 2011-02-05 20:16:19 ----D---- C:\programosy 2011-01-31 18:13:51 ----HD---- C:\Program Files\InstallShield Installation Information 2011-01-31 18:13:43 ----D---- C:\Documents and Settings\Karol\Dane aplikacji\uTorrent 2011-01-31 17:34:52 ----SHD---- C:\WINDOWS\Installer 2011-01-31 17:34:44 ----D---- C:\WINDOWS\system32\DirectX 2011-01-31 17:34:43 ----HD---- C:\WINDOWS\inf 2011-01-31 17:34:23 ----RSD---- C:\WINDOWS\assembly 2011-01-28 22:34:34 ----HD---- C:\ASUS.000 2011-01-23 10:12:43 ----A---- C:\WINDOWS\system32\userinit.exe 2011-01-23 10:12:29 ----D---- C:\WINDOWS\system32\drivers 2011-01-23 10:12:27 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-01-23 10:09:20 ----D---- C:\WINDOWS\WinSxS 2011-01-16 16:21:09 ----D---- C:\WINDOWS\Resources 2011-01-15 20:32:01 ----D---- C:\Program Files\Common Files 2011-01-14 22:48:00 ----D---- C:\Documents and Settings\Karol\Dane aplikacji\ipla 2011-01-13 11:29:50 ----SD---- C:\Documents and Settings\Karol\Dane aplikacji\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-12-03 64288] R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2008-06-24 150568] R0 ohci1394;Kontroler hosta IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-08 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-24 77568] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880] R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024] R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376] R3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2010-10-25 18120] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000] R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-06-25 36864] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-08-27 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-08-27 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-08-27 123648] S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2010-08-27 100224] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-01-24 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-24 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\programosy\avast\AvastSvc.exe [2010-03-09 40384] R2 dgdersvc;Device Error Recovery Service; C:\WINDOWS\system32\dgdersvc.exe [2010-10-25 95568] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-10-25 217088] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-05 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-23 1402272] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-12-28 66872] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\programosy\avast\AvastSvc.exe [2010-03-09 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\programosy\avast\AvastSvc.exe [2010-03-09 40384] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log]
Tomek01 komentarz 6 lutego 2011 komentarz 6 lutego 2011 Usuń ręcznie C:\Program Files\DAEMON Tools Toolbar W OTL wciśnij CleanUp. To wszystko, nic tu więcej nie widzę
kali4 komentarz 7 lutego 2011 Autor komentarz 7 lutego 2011 Dalej to samo jak otwieram plik z filmami to wyskakuje ten błąd explorer.exe
Tomek01 komentarz 7 lutego 2011 komentarz 7 lutego 2011 Spróbuj naprawy exporera http://www.forumpc.pl/index.php?showtopic=151776
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.