x-kom hosting

Pokaż ukryte pliki...

BenQ702
utworzono
utworzono

Witam prośba do specjalistów portalu forumpc.pl

komputer nie pokazuje mi Ukrytych plików ,problem pojawił się nagle, ale uważam ze po tym jak podłączyłem pendrive kolegi

1.
[log]OTL Extras logfile created on: 2011-02-07 19:31:06 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 6,63 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 124,63 Gb Total Space | 8,27 Gb Free Space | 6,63% Space Free | Partition Type: NTFS

Computer Name: ADASIUUU | User Name: BenQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Gry\Call of Duty - Black Ops\BlackOps.exe" = D:\Gry\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps
"D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Programy\Garena\Garena.exe" = D:\Programy\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"D:\Programy\DC++\DCPlusPlus.exe" = D:\Programy\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- ()
"D:\steam\Steam.exe" = D:\steam\Steam.exe:*:Enabled:Steam
"D:\Gry\Counter-Strike\hl.exe" = D:\Gry\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Programy\vento305\Ventrilo.exe" = D:\Programy\vento305\Ventrilo.exe:*:Enabled:Ventrilo.exe
"D:\lol\League of Legends\air\LolClient.exe" = D:\lol\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\lol\League of Legends\game\League of Legends.exe" = D:\lol\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client
"D:\steam\steamapps\viruslms\counter-strike\hl.exe" = D:\steam\steamapps\viruslms\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
"D:\Tibia\NeoBot.exe" = D:\Tibia\NeoBot.exe:*:Enabled:NeoBot
"D:\Muttley_Bot_v0.14\MuttleyBot.exe" = D:\Muttley_Bot_v0.14\MuttleyBot.exe:*:Enabled:Muttley Bot
"D:\Programy\SonyVegasPro8+Crack\VegSrv80.exe" = D:\Programy\SonyVegasPro8+Crack\VegSrv80.exe:*:Enabled:Sony Vegas Network Render Service Control -- (Sony Pictures Digital Inc.)
"D:\Download\SilkRoad Online\srobot.exe" = D:\Download\SilkRoad Online\srobot.exe:*:Enabled:HookSrv
"D:\ChampionsOnlineF2P.exe" = D:\ChampionsOnlineF2P.exe:*:Enabled:ChampionsOnlineF2P -- ()
"D:\Twierdza\Stronghold.exe" = D:\Twierdza\Stronghold.exe:*:Enabled:Stronghold -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{60E2C8C9-6CF3-4B1A-9618-E304946C94E6}" = Python 2.4.4
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Champions Online" = Champions Online
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Gadu-Gadu 10" = Gadu-Gadu 10
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"L2 Smiles 2.00" = L2 Smiles 2.00
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"NAPI-PROJEKT SKIN_is1" = NAPI-PROJEKT - Elegant Black by eXo SKIN
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"NVIDIA Drivers" = NVIDIA Drivers
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"QuicktimeAlt_is1" = QuickTime Alternative 1.95
"Silkroad" = Silkroad
"SilkRoad Online_is1" = SilkRoad Online
"Stronghold_is1" = Twierdza
"Tibia Auto" = NSIS Example2
"Tibia_is1" = Tibia
"TibiaServer v2.70" = TibiaServer v2.70
"Usbfix" = Usbfix By C_XX & El Desaparecido
"VDOTool_is1" = VDOTool 5.3
"WIC" = Windows Imaging Component
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-12-12 11:03:30 | Computer Name = ADASIUUU | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 tibialoader.exe, P2 1.1.0.4, P3 49f18d49, P4
tibialoader, P5 1.1.0.4, P6 49f18d49, P7 d5, P8 1c9, P9 system.io.filenotfoundexception,
P10 NIL.

Error - 2010-12-23 08:37:37 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor. Action patchjre,
location: D:\patchjre.exe, command: -s "D:"

Error - 2010-12-23 08:38:02 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor. Action patchjre,
location: D:\patchjre.exe, command: -s "D:"

Error - 2011-01-04 09:50:36 | Computer Name = ADASIUUU | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca setup.exe, wersja 9.0.21022.8, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-01-04 14:38:43 | Computer Name = ADASIUUU | Source = MsiInstaller | ID = 11704
Description = Produkt: Microsoft .NET Framework 4 Client Profile -- Błąd 1704. Instalacja
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK jest w tej chwili
wstrzymana. Przed kontynuacją musisz cofnąć zmiany dokonane przez tę instalację.
Chcesz cofnąć zmiany?

Error - 2011-01-04 14:51:07 | Computer Name = ADASIUUU | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca MuttleyBot.exe, wersja 0.3.6.0, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-01-05 14:23:08 | Computer Name = ADASIUUU | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.2180, moduł
powodujący błąd ndparser.ax, wersja 3.0.0.4, adres błędu 0x00002fe6.

[ System Events ]
Error - 2011-02-07 07:43:49 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-07 07:44:05 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2011-02-07 07:44:05 | Computer Name = ADASIUUU | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego
czasu.

Error - 2011-02-07 13:03:56 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%3

Error - 2011-02-07 13:15:59 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%3

Error - 2011-02-07 13:16:01 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183

Error - 2011-02-07 13:31:56 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%3

Error - 2011-02-07 13:31:58 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183

Error - 2011-02-07 14:24:30 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego
błędu: %%3

Error - 2011-02-07 14:24:32 | Computer Name = ADASIUUU | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Cardex z powodu następującego błędu: %%183


< End of report >
[/log]

2.
[log]OTL logfile created on: 2011-02-07 19:31:06 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 6,63 Gb Free Space | 27,18% Space Free | Partition Type: NTFS
Drive D: | 124,63 Gb Total Space | 8,27 Gb Free Space | 6,63% Space Free | Partition Type: NTFS

Computer Name: ADASIUUU | User Name: BenQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-07 19:28:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-12-10 23:20:55 | 000,910,808 | ---- | M] (Mozilla Corporation) -- D:\Programy\firefox\firefox.exe
PRC - [2010-10-16 12:05:52 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-06-26 14:58:14 | 002,165,272 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe
PRC - [2007-01-30 11:54:36 | 016,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-03 23:44:30 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-03 23:44:20 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-03 23:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-07 19:28:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2010-11-11 12:42:04 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-03 23:44:12 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-03 23:44:10 | 012,826,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-03 23:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (JavaQuickStarterService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-11-11 13:10:38 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2010-11-11 13:09:04 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-11-11 12:27:16 | 000,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-10-22 07:23:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-06-23 19:04:42 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\L2 Smiles\system\npkcrypt.sys -- (npkcrypt)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2007-01-30 11:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-11-27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-11-27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-10-18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-06-18 23:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\lib\deploy\jqs\ff
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: D:\Programy\firefox\components [2011-01-25 10:57:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: D:\Programy\firefox\plugins [2011-01-23 17:19:31 | 000,000,000 | ---D | M]

[2010-11-11 12:31:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Extensions
[2011-02-06 14:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Firefox\Profiles\ki8hqw8o.default\extensions
[2011-02-06 14:59:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\BenQ\Dane aplikacji\Mozilla\Firefox\Profiles\ki8hqw8o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-05-08 16:06:36 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DAEMON Tools] D:\Programy\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003..\Run: [Gadu-Gadu 10] D:\Programy\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-2147010089-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-11 12:08:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\AutoRun\command - "" = G:\wyskq6lt.exe
O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\open\Command - "" = G:\wyskq6lt.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRunCD.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-02-07 18:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\DoctorWeb
[2011-02-07 18:46:58 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-02-02 13:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
[2011-02-02 13:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011-01-25 10:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Microsoft AppLocale
[2011-01-25 10:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Astrum Online Entertainment
[2011-01-24 23:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT
[2011-01-23 17:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2011-01-23 17:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2011-01-23 17:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative
[2011-01-23 14:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\edxLabs
[2011-01-23 10:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\teamspeak2
[2011-01-22 20:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2011-01-22 20:49:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\Moje wideo
[2011-01-22 20:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Sony
[2011-01-22 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2011-01-22 20:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2011-01-22 20:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011-01-17 13:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Identities
[2011-01-07 23:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011-01-07 14:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Bloodshed Dev-C++
[2011-01-07 14:26:56 | 000,000,000 | ---D | C] -- C:\Dev-Cpp
[2011-01-06 14:35:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Tibia Auto
[2011-01-06 14:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Python 2.4
[2011-01-05 19:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Dev-Cpp
[2011-01-04 19:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\MuttleyTools
[2011-01-04 19:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\MuttleyBot
[2011-01-04 19:44:02 | 000,090,112 | ---- | C] (MuttleyTools) -- C:\WINDOWS\System32\MInstall.exe
[2011-01-04 19:41:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-PL
[2011-01-04 19:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011-01-04 14:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\assembly
[2011-01-04 13:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Help
[2011-01-04 13:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Help
[2011-01-02 22:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki
[2011-01-02 09:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\NCSoft
[2010-12-31 12:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero
[2010-12-31 12:47:31 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2010-12-31 12:47:31 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2010-12-27 17:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Pulpit\magdy
[2010-12-26 12:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Tibia
[2010-12-26 10:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Joymax
[2010-12-25 20:39:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Electronic Arts
[2010-12-25 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData
[2010-12-22 19:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Pandion
[2010-12-21 21:48:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\My Games
[2010-12-21 21:46:16 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-12-21 21:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-12-21 21:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2010-12-19 20:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Publish Providers
[2010-12-19 20:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Sony
[2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony
[2010-12-19 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\My Videos
[2010-12-19 20:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010-12-19 20:38:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-12-19 20:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010-12-19 20:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-12-19 20:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony Setup
[2010-12-13 21:03:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Notes
[2010-12-12 15:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Menu Start\Programy\Virtual DJ
[2010-12-12 15:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Moje dokumenty\VirtualDJ
[2010-12-09 21:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\Ahead
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-02-07 19:29:09 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2011-02-07 19:28:21 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\FIX.reg
[2011-02-07 19:24:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-02-07 19:24:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-07 19:23:38 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\BenQ\NTUSER.DAT
[2011-02-07 19:23:28 | 005,315,996 | -H-- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2011-02-07 18:33:08 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\naprawa.reg
[2011-02-07 18:31:48 | 000,124,928 | RHS- | M] () -- C:\WINDOWS\System32\arking0.dll
[2011-02-07 14:14:16 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-07 14:11:32 | 000,192,000 | RHS- | M] () -- C:\WINDOWS\System32\arking.exe
[2011-02-07 13:56:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-02-06 21:40:52 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\BenQ\ntuser.ini
[2011-02-01 11:02:28 | 000,000,313 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\pot_config.ini
[2011-01-30 15:35:37 | 000,500,730 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\f33b1cb4202f.gif
[2011-01-28 15:36:58 | 000,030,779 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\a5e2a880b607.jpg
[2011-01-27 17:13:14 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Champions Online.lnk
[2011-01-26 20:59:59 | 000,002,616 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\gitara2.gif
[2011-01-26 20:59:13 | 000,009,396 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\gitara.gif
[2011-01-26 11:21:37 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\retro.lnk
[2011-01-26 11:21:00 | 000,013,480 | ---- | M] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-01-26 11:20:35 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-01-26 11:19:39 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-01-25 10:15:04 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\rusro.lnk
[2011-01-24 23:09:48 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\NapiProjekt.lnk
[2011-01-22 21:39:37 | 018,083,480 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Akro & Shinai Freestyle.wmv
[2011-01-22 20:26:59 | 000,001,645 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Pro 8.0.lnk
[2011-01-22 11:41:55 | 000,598,313 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\925ec481a353.jpg
[2011-01-13 17:18:12 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Nowy Dokument sformatowany.rtf
[2011-01-09 00:25:33 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Cheat Engine.lnk
[2011-01-04 19:44:02 | 000,090,112 | ---- | M] (MuttleyTools) -- C:\WINDOWS\System32\MInstall.exe
[2011-01-04 19:42:00 | 001,207,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-01-04 19:42:00 | 000,555,724 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-01-04 19:42:00 | 000,493,440 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-04 19:42:00 | 000,104,658 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-01-04 19:42:00 | 000,083,858 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-04 14:53:05 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-01-02 22:10:35 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\BenQ\Pulpit\Twierdza.lnk
[2010-12-31 12:47:54 | 000,001,132 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-12-21 21:48:32 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-12-21 21:39:32 | 000,000,662 | ---- | M] () -- C:\WINDOWS\System32\ealregsnapshot1.reg
[2010-12-19 20:48:52 | 000,009,728 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-02-07 19:28:05 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\FIX.reg
[2011-02-07 18:30:20 | 000,000,208 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\naprawa.reg
[2011-02-07 14:11:32 | 000,192,000 | RHS- | C] () -- C:\WINDOWS\System32\arking.exe
[2011-02-07 14:11:32 | 000,124,928 | RHS- | C] () -- C:\WINDOWS\System32\arking0.dll
[2011-02-07 14:11:20 | 000,126,976 | RHS- | C] () -- C:\wyskq6lt.exe
[2011-02-07 14:11:20 | 000,000,063 | RHS- | C] () -- C:\autorun.inf
[2011-02-02 21:44:46 | 000,129,085 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Zdjęcie157.jpg
[2011-02-02 21:44:28 | 000,068,799 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Zdjęcie129.jpg
[2011-01-30 15:35:37 | 000,500,730 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\f33b1cb4202f.gif
[2011-01-30 00:29:20 | 000,083,088 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\General_Message3.wav
[2011-01-28 15:36:57 | 000,030,779 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\a5e2a880b607.jpg
[2011-01-27 17:13:14 | 000,000,519 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Champions Online.lnk
[2011-01-26 20:59:59 | 000,002,616 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\gitara2.gif
[2011-01-26 20:59:13 | 000,009,396 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\gitara.gif
[2011-01-26 11:26:58 | 000,000,313 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\pot_config.ini
[2011-01-26 11:26:34 | 000,265,531 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\private_server_autopot.exe
[2011-01-26 11:21:40 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\retro.lnk
[2011-01-25 10:15:04 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\rusro.lnk
[2011-01-24 23:09:48 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\NapiProjekt.lnk
[2011-01-22 21:39:00 | 018,083,480 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Akro & Shinai Freestyle.wmv
[2011-01-22 20:26:59 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Vegas Pro 8.0.lnk
[2011-01-22 11:41:54 | 000,598,313 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\925ec481a353.jpg
[2011-01-21 18:47:01 | 000,052,808 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\General_Message1.wav
[2011-01-13 17:18:12 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Nowy Dokument sformatowany.rtf
[2011-01-09 00:25:33 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Cheat Engine.lnk
[2011-01-09 00:25:32 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2011-01-02 22:10:35 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\BenQ\Pulpit\Twierdza.lnk
[2010-12-31 12:47:54 | 000,001,132 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-12-21 21:39:32 | 000,000,662 | ---- | C] () -- C:\WINDOWS\System32\ealregsnapshot1.reg
[2010-12-19 20:48:30 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-12-19 20:40:33 | 000,068,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-12-19 19:26:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-11-14 22:55:55 | 000,000,257 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010-11-12 18:26:19 | 004,269,056 | ---- | C] () -- C:\WINDOWS\System32\system.dll
[2010-11-12 16:39:27 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-11-12 16:39:27 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-11-12 16:39:26 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-11-12 16:39:26 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-11-12 16:39:26 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-11-12 16:39:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-11-11 13:10:38 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2010-11-11 13:09:04 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-11-11 13:09:04 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd9069.sys
[2010-11-11 12:57:05 | 001,207,204 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-11-11 12:57:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-11-11 12:56:24 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2010-11-11 12:30:12 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-11 12:19:43 | 000,013,480 | ---- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-11-11 12:19:09 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2010-11-11 12:17:59 | 005,315,996 | -H-- | C] () -- C:\Documents and Settings\BenQ\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-11-11 12:17:17 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010-11-11 12:17:17 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010-11-11 12:17:17 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010-11-11 12:17:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010-11-11 12:17:17 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2010-11-11 12:12:56 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\BenQ\Dane aplikacji\desktop.ini
[2010-11-11 12:08:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-11-11 12:03:26 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-11-11 12:03:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-11-11 12:02:28 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-11-11 12:02:25 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2004-08-03 23:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-03 23:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-08-03 23:43:58 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-03 23:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2004-08-03 23:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-03 23:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 21:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 21:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 21:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 21:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 21:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 21:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-07-17 10:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 16:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 16:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 16:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 16:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 15:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 15:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 15:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 15:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 14:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 14:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 14:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 14:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 14:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 14:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 14:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-17 20:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 20:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 20:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 20:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 20:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 20:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 20:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 18:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 01:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-21 21:16:20 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 21:15:52 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-21 21:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-11-11 13:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-12-01 11:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-01-22 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2011-01-22 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-02-07 18:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\DC++
[2011-01-07 14:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Dev-Cpp
[2011-01-23 14:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\edxLabs
[2010-11-11 13:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Gadu-Gadu 10
[2010-11-18 18:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\LolClient
[2011-01-04 19:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\MuttleyBot
[2010-12-01 11:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\OpenFM
[2010-12-22 19:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Pandion
[2011-01-22 21:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Publish Providers
[2010-12-19 20:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony
[2010-12-19 20:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Sony Setup
[2010-12-26 12:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BenQ\Dane aplikacji\Tibia

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-11 12:08:06 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-11-11 12:24:03 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-11-11 12:08:06 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-11-11 12:08:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-11-11 12:08:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2011-02-07 19:24:14 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-11-11 12:26:02 | 000,000,348 | ---- | M] () -- C:\RHDSetup.log
[2011-02-07 18:47:42 | 000,000,757 | ---- | M] () -- C:\UsbFix.txt
[2010-04-14 18:46:32 | 000,126,976 | RHS- | M] () -- C:\wyskq6lt.exe


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86

< End of report >
[/log]

[color="#FF0000"]//Logi wstawiamy w tagi
//Poprawiam
//Tom01[/color]

Tomek01
komentarz
komentarz

Co to za wpis do rejestru ?: C:\Documents and Settings\BenQ\Pulpit\FIX.reg

Widzę również USBFix, ale nie widzę abyś go stosował.
Użyj go z podpiętym pen'em używając opcję Vaccinate.



W OTL, w oknie Custom scan/fixes wklej:
[code]
:OTL
O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-02-07 19:07:40 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\AutoRun\command - "" = G:\wyskq6lt.exe
O33 - MountPoints2\{4cbff6ad-1649-11e0-a9bb-000e2ed0258c}\Shell\open\Command - "" = G:\wyskq6lt.exe
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C8B8CEBD
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86

:Files
C:\autorun.inf
C:\WINDOWS\System32\arking0.dll
C:\WINDOWS\System32\arking.exe
C:\wyskq6lt.exe

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Services
King_ar

:Commands
[emptytemp]
[/code]
Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.