BenQ702 utworzono 7 lutego 2011 utworzono 7 lutego 2011 Witam prośba do specjalistów portalu forumpc.pl komputer nie pokazuje mi Ukrytych plików ,problem pojawił się nagle, ale uważam ze po tym jak podłączyłem pendrive kolegi 1. [log]OTL Extras logfile created on: 2011-02-07 19:31:06 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 6,63 Gb Free Space | 27,18% Space Free | Partition Type: NTFS Drive D: | 124,63 Gb Total Space | 8,27 Gb Free Space | 6,63% Space Free | Partition Type: NTFS Computer Name: ADASIUUU | User Name: BenQ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Programy\firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Gry\Call of Duty - Black Ops\BlackOps.exe" = D:\Gry\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Programy\Garena\Garena.exe" = D:\Programy\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD) "D:\Programy\DC++\DCPlusPlus.exe" = D:\Programy\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- () "D:\steam\Steam.exe" = D:\steam\Steam.exe:*:Enabled:Steam "D:\Gry\Counter-Strike\hl.exe" = D:\Gry\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\Programy\vento305\Ventrilo.exe" = D:\Programy\vento305\Ventrilo.exe:*:Enabled:Ventrilo.exe "D:\lol\League of Legends\air\LolClient.exe" = D:\lol\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby "D:\lol\League of Legends\game\League of Legends.exe" = D:\lol\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client "D:\steam\steamapps\viruslms\counter-strike\hl.exe" = D:\steam\steamapps\viruslms\counter-strike\hl.exe:*:Enabled:Counter-Strike "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager "D:\Tibia\NeoBot.exe" = D:\Tibia\NeoBot.exe:*:Enabled:NeoBot "D:\Muttley_Bot_v0.14\MuttleyBot.exe" = D:\Muttley_Bot_v0.14\MuttleyBot.exe:*:Enabled:Muttley Bot "D:\Programy\SonyVegasPro8+Crack\VegSrv80.exe" = D:\Programy\SonyVegasPro8+Crack\VegSrv80.exe:*:Enabled:Sony Vegas Network Render Service Control -- (Sony Pictures Digital Inc.) "D:\Download\SilkRoad Online\srobot.exe" = D:\Download\SilkRoad Online\srobot.exe:*:Enabled:HookSrv "D:\ChampionsOnlineF2P.exe" = D:\ChampionsOnlineF2P.exe:*:Enabled:ChampionsOnlineF2P -- () "D:\Twierdza\Stronghold.exe" = D:\Twierdza\Stronghold.exe:*:Enabled:Stronghold -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{60E2C8C9-6CF3-4B1A-9618-E304946C94E6}" = Python 2.4.4 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Champions Online" = Champions Online "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "Gadu-Gadu 10" = Gadu-Gadu 10 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0 "L2 Smiles 2.00" = L2 Smiles 2.00 "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16) "NAPI-PROJEKT SKIN_is1" = NAPI-PROJEKT - Elegant Black by eXo SKIN "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Nero - Burning Rom!UninstallKey" = Nero 6 Demo "NVIDIA Drivers" = NVIDIA Drivers "Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0 "QuicktimeAlt_is1" = QuickTime Alternative 1.95 "Silkroad" = Silkroad "SilkRoad Online_is1" = SilkRoad Online "Stronghold_is1" = Twierdza "Tibia Auto" = NSIS Example2 "Tibia_is1" = Tibia "TibiaServer v2.70" = TibiaServer v2.70 "Usbfix" = Usbfix By C_XX & El Desaparecido "VDOTool_is1" = VDOTool 5.3 "WIC" = Windows Imaging Component "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-12-12 11:03:30 | Computer Name = ADASIUUU | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 tibialoader.exe, P2 1.1.0.4, P3 49f18d49, P4 tibialoader, P5 1.1.0.4, P6 49f18d49, P7 d5, P8 1c9, P9 system.io.filenotfoundexception, P10 NIL. Error - 2010-12-23 08:37:37 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: D:\patchjre.exe, command: -s "D:" Error - 2010-12-23 08:38:02 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: D:\patchjre.exe, command: -s "D:" Error - 2011-01-04 09:50:36 | Computer Name = ADASIUUU | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca setup.exe, wersja 9.0.21022.8, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-04 14:38:43 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11704 Description = Produkt: Microsoft .NET Framework 4 Client Profile -- Błąd 1704. Instalacja Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK jest w tej chwili wstrzymana. Przed kontynuacją musisz cofnąć zmiany dokonane przez tę instalację. Chcesz cofnąć zmiany? Error - 2011-01-04 14:51:07 | Computer Name = ADASIUUU | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca MuttleyBot.exe, wersja 0.3.6.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-01-05 14:23:08 | Computer Name = ADASIUUU | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.2180, moduł powodujący błąd ndparser.ax, wersja 3.0.0.4, adres błędu 0x00002fe6. [ System Events ] Error - 2011-02-07 07:43:49 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-02-07 07:44:05 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2011-02-07 07:44:05 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-02-07 13:03:56 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%3 Error - 2011-02-07 13:15:59 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%3 Error - 2011-02-07 13:16:01 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2011-02-07 13:31:56 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%3 Error - 2011-02-07 13:31:58 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 Error - 2011-02-07 14:24:30 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%3 Error - 2011-02-07 14:24:32 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183 < End of report > [/log] 2. [log]OTL logfile created on: 2011-02-07 19:31:06 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 6,63 Gb Free Space | 27,18% Space Free | Partition Type: NTFS Drive D: | 124,63 Gb Total Space | 8,27 Gb Free Space | 6,63% Space Free | Partition Type: NTFS Computer Name: ADASIUUU | User Name: BenQ | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-07 19:28:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2010-12-10 23:20:55 | 000,910,808 | ---- | M] (Mozilla Corporation) -- D:\Programy\firefox\firefox.exe PRC - [2010-10-16 12:05:52 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-06-26 14:58:14 | 002,165,272 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe PRC - [2007-01-30 11:54:36 | 016,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-07 19:28:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe MOD - [2010-11-11 12:42:04 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 012,826,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (JavaQuickStarterService) SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-11-11 13:10:38 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2010-11-11 13:09:04 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-11 12:27:16 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-10-22 07:23:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-23 19:04:42 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\L2 Smiles\system\npkcrypt.sys -- (npkcrypt) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2007-01-30 11:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.onet.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\lib\deploy\jqs\ff FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: D:\Programy\firefox\components [2011-01-25 10:57:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: D:\Programy\firefox\plugins [2011-01-23 17:19:31 | 000,000,000 | ---D | M] [2010-11-11 12:31:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Extensions [2011-02-06 14:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Firefox\Profiles\ki8hqw8o.default\extensions [2011-02-06 14:59:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Firefox\Profiles\ki8hqw8o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-05-08 16:06:36 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DAEMON Tools] D:\Programy\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKLM..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003..\Run: [Gadu-Gadu 10] D:\Programy\Gadu-Gadu 10\gg.exe (GG Network S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-11 12:08:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\AutoRun\command - "" = G:\wyskq6lt.exe O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\open\Command - "" = G:\wyskq6lt.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRunCD.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-07 18:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\DoctorWeb [2011-02-07 18:46:58 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-02-02 13:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight [2011-02-02 13:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2011-01-25 10:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Microsoft AppLocale [2011-01-25 10:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Astrum Online Entertainment [2011-01-24 23:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT [2011-01-23 17:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Apple Computer [2011-01-23 17:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2011-01-23 17:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative [2011-01-23 14:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\edxLabs [2011-01-23 10:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\teamspeak2 [2011-01-22 20:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2011-01-22 20:49:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\Moje wideo [2011-01-22 20:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Sony [2011-01-22 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins [2011-01-22 20:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2011-01-22 20:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2011-01-17 13:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Identities [2011-01-07 23:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2011-01-07 14:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bloodshed Dev-C++ [2011-01-07 14:26:56 | 000,000,000 | ---D | C] -- C:\Dev-Cpp [2011-01-06 14:35:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Tibia Auto [2011-01-06 14:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Python 2.4 [2011-01-05 19:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Dev-Cpp [2011-01-04 19:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\MuttleyTools [2011-01-04 19:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\MuttleyBot [2011-01-04 19:44:02 | 000,090,112 | ---- | C] (MuttleyTools) -- C:\WINDOWS\System32\MInstall.exe [2011-01-04 19:41:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL [2011-01-04 19:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2011-01-04 14:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\assembly [2011-01-04 13:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Help [2011-01-04 13:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Help [2011-01-02 22:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-01-02 09:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\NCSoft [2010-12-31 12:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero [2010-12-31 12:47:31 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll [2010-12-31 12:47:31 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll [2010-12-27 17:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Pulpit\magdy [2010-12-26 12:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Tibia [2010-12-26 10:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Joymax [2010-12-25 20:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Electronic Arts [2010-12-25 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData [2010-12-22 19:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Pandion [2010-12-21 21:48:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\My Games [2010-12-21 21:46:16 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010-12-21 21:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2010-12-21 21:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2010-12-19 20:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Publish Providers [2010-12-19 20:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Sony [2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony [2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\My Videos [2010-12-19 20:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2010-12-19 20:38:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2010-12-19 20:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us [2010-12-19 20:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2010-12-19 20:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony Setup [2010-12-13 21:03:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Notes [2010-12-12 15:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Virtual DJ [2010-12-12 15:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\VirtualDJ [2010-12-09 21:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Ahead [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-07 19:29:09 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI [2011-02-07 19:28:21 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\FIX.reg [2011-02-07 19:24:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-02-07 19:24:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-07 19:23:38 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\BenQ\NTUSER.DAT [2011-02-07 19:23:28 | 005,315,996 | -H-- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () -- C:\autorun.inf [2011-02-07 18:33:08 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\naprawa.reg [2011-02-07 18:31:48 | 000,124,928 | RHS- | M] () -- C:\WINDOWS\System32\arking0.dll [2011-02-07 14:14:16 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-07 14:11:32 | 000,192,000 | RHS- | M] () -- C:\WINDOWS\System32\arking.exe [2011-02-07 13:56:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-02-06 21:40:52 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\BenQ\ntuser.ini [2011-02-01 11:02:28 | 000,000,313 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\pot_config.ini [2011-01-30 15:35:37 | 000,500,730 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\f33b1cb4202f.gif [2011-01-28 15:36:58 | 000,030,779 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\a5e2a880b607.jpg [2011-01-27 17:13:14 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Champions Online.lnk [2011-01-26 20:59:59 | 000,002,616 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\gitara2.gif [2011-01-26 20:59:13 | 000,009,396 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\gitara.gif [2011-01-26 11:21:37 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\retro.lnk [2011-01-26 11:21:00 | 000,013,480 | ---- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-01-26 11:20:35 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-26 11:19:39 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2011-01-25 10:15:04 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\rusro.lnk [2011-01-24 23:09:48 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\NapiProjekt.lnk [2011-01-22 21:39:37 | 018,083,480 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Akro & Shinai Freestyle.wmv [2011-01-22 20:26:59 | 000,001,645 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Pro 8.0.lnk [2011-01-22 11:41:55 | 000,598,313 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\925ec481a353.jpg [2011-01-13 17:18:12 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Nowy Dokument sformatowany.rtf [2011-01-09 00:25:33 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Cheat Engine.lnk [2011-01-04 19:44:02 | 000,090,112 | ---- | M] (MuttleyTools) -- C:\WINDOWS\System32\MInstall.exe [2011-01-04 19:42:00 | 001,207,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-01-04 19:42:00 | 000,555,724 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-04 19:42:00 | 000,493,440 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-04 19:42:00 | 000,104,658 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-04 19:42:00 | 000,083,858 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-04 14:53:05 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2011-01-02 22:10:35 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Twierdza.lnk [2010-12-31 12:47:54 | 000,001,132 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-12-21 21:48:32 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010-12-21 21:39:32 | 000,000,662 | ---- | M] () -- C:\WINDOWS\System32\ealregsnapshot1.reg [2010-12-19 20:48:52 | 000,009,728 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-07 19:28:05 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\FIX.reg [2011-02-07 18:30:20 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\naprawa.reg [2011-02-07 14:11:32 | 000,192,000 | RHS- | C] () -- C:\WINDOWS\System32\arking.exe [2011-02-07 14:11:32 | 000,124,928 | RHS- | C] () -- C:\WINDOWS\System32\arking0.dll [2011-02-07 14:11:20 | 000,126,976 | RHS- | C] () -- C:\wyskq6lt.exe [2011-02-07 14:11:20 | 000,000,063 | RHS- | C] () -- C:\autorun.inf [2011-02-02 21:44:46 | 000,129,085 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Zdjęcie157.jpg [2011-02-02 21:44:28 | 000,068,799 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Zdjęcie129.jpg [2011-01-30 15:35:37 | 000,500,730 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\f33b1cb4202f.gif [2011-01-30 00:29:20 | 000,083,088 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\General_Message3.wav [2011-01-28 15:36:57 | 000,030,779 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\a5e2a880b607.jpg [2011-01-27 17:13:14 | 000,000,519 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Champions Online.lnk [2011-01-26 20:59:59 | 000,002,616 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\gitara2.gif [2011-01-26 20:59:13 | 000,009,396 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\gitara.gif [2011-01-26 11:26:58 | 000,000,313 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\pot_config.ini [2011-01-26 11:26:34 | 000,265,531 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\private_server_autopot.exe [2011-01-26 11:21:40 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\retro.lnk [2011-01-25 10:15:04 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\rusro.lnk [2011-01-24 23:09:48 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\NapiProjekt.lnk [2011-01-22 21:39:00 | 018,083,480 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Akro & Shinai Freestyle.wmv [2011-01-22 20:26:59 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Pro 8.0.lnk [2011-01-22 11:41:54 | 000,598,313 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\925ec481a353.jpg [2011-01-21 18:47:01 | 000,052,808 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\General_Message1.wav [2011-01-13 17:18:12 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Nowy Dokument sformatowany.rtf [2011-01-09 00:25:33 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Cheat Engine.lnk [2011-01-09 00:25:32 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2011-01-02 22:10:35 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Twierdza.lnk [2010-12-31 12:47:54 | 000,001,132 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-12-21 21:39:32 | 000,000,662 | ---- | C] () -- C:\WINDOWS\System32\ealregsnapshot1.reg [2010-12-19 20:48:30 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-12-19 20:40:33 | 000,068,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-12-19 19:26:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-11-14 22:55:55 | 000,000,257 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2010-11-12 18:26:19 | 004,269,056 | ---- | C] () -- C:\WINDOWS\System32\system.dll [2010-11-12 16:39:27 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-11-12 16:39:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-11-12 16:39:26 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-11-12 16:39:26 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-11-12 16:39:26 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-11-12 16:39:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-11-11 13:10:38 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys [2010-11-11 13:09:04 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-11 13:09:04 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd9069.sys [2010-11-11 12:57:05 | 001,207,204 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-11-11 12:57:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-11-11 12:56:24 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2010-11-11 12:30:12 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-11 12:19:43 | 000,013,480 | ---- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-11-11 12:19:09 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI [2010-11-11 12:17:59 | 005,315,996 | -H-- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-11-11 12:17:17 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2010-11-11 12:17:17 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2010-11-11 12:17:17 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2010-11-11 12:17:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2010-11-11 12:17:17 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2010-11-11 12:12:56 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\BenQ\Dane aplikacji\desktop.ini [2010-11-11 12:08:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2010-11-11 12:03:26 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2010-11-11 12:03:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2010-11-11 12:02:28 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2010-11-11 12:02:25 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-03 23:43:58 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-10-26 16:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-26 16:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-26 16:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-26 16:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-26 15:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-26 15:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-26 15:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-26 15:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-26 14:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-26 14:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-26 14:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-26 14:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-26 14:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-26 14:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-26 14:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-08-17 20:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-08-17 20:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-08-17 20:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-08-17 20:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-08-17 20:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-08-17 20:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-08-17 20:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-08-17 18:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-07-22 01:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-07-21 21:16:20 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 21:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-21 21:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [color=#E56717]========== LOP Check ==========[/color] [2010-11-11 13:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-12-01 11:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-01-22 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2011-01-22 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-07 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\DC++ [2011-01-07 14:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Dev-Cpp [2011-01-23 14:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\edxLabs [2010-11-11 13:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Gadu-Gadu 10 [2010-11-18 18:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\LolClient [2011-01-04 19:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\MuttleyBot [2010-12-01 11:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\OpenFM [2010-12-22 19:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Pandion [2011-01-22 21:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Publish Providers [2010-12-19 20:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony [2010-12-19 20:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony Setup [2010-12-26 12:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Tibia [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-11 12:08:06 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () -- C:\autorun.inf [2010-11-11 12:24:03 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-11 12:08:06 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-11 12:08:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-11 12:08:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-02-07 19:24:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-11-11 12:26:02 | 000,000,348 | ---- | M] () -- C:\RHDSetup.log [2011-02-07 18:47:42 | 000,000,757 | ---- | M] () -- C:\UsbFix.txt [2010-04-14 18:46:32 | 000,126,976 | RHS- | M] () -- C:\wyskq6lt.exe [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86 < End of report > [/log] [color="#FF0000"]//Logi wstawiamy w tagi //Poprawiam //Tom01[/color]
Tomek01 komentarz 7 lutego 2011 komentarz 7 lutego 2011 Co to za wpis do rejestru ?: C:\Documents and Settings\BenQ\Pulpit\FIX.reg Widzę również USBFix, ale nie widzę abyś go stosował. Użyj go z podpiętym pen'em używając opcję Vaccinate. W OTL, w oknie Custom scan/fixes wklej: [code] :OTL O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\AutoRun\command - "" = G:\wyskq6lt.exe O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\open\Command - "" = G:\wyskq6lt.exe @Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86 :Files C:\autorun.inf C:\WINDOWS\System32\arking0.dll C:\WINDOWS\System32\arking.exe C:\wyskq6lt.exe :Reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "SuperHidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Hidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "ShowSuperHidden"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] @="" :Services King_ar :Commands [emptytemp] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.