Gość utworzono 10 lutego 2011 utworzono 10 lutego 2011 (edytowane) Witam. Od kilku dni zauważyłem dziwne zachowanie komputera typu : 1.Prędkość internetu (download) wacha się od 9mb/s do 15mb/s upload 2mb/s ,lecz ping w grach (typu counter strike) był maksymalny 40ms. Teraz "skacze" co chwile od 30ms do 400ms. Nie zależnie od serwerowni. 2.Często zauważam dziwne reakcje na otwarcie nowej karty w Operze. Całkowicie sie blokuje na jakąś minute. Cały komputer nie,lecz tylko przeglądarka. Wiem,że jest opcja przejścia na inną pleglądarke typu Mozilla lub Google Chrome,lecz jestem bardzo przyzwyczajony do interfejsu Opery i bardzo przyjemnie mi się na niej pracuje. 3.Jak próbuje wejść w [b]START[/b]> [b]URUCHOM[/b]> [b]netstat[/b] Pojawia się wiersz polecenia,coś bardzo szybko zrobi, i się wyłącza. Tak jak napisałem na początku,problem pojawił się od kilku dni. Wcześniej wszystko dobrze działało. Sprzęt : Procesor : Athlon 64 3000+ Socket 939(venice) Grafika : Geforce 9500GT 1024mb Pci-e. RAM : 3x 512mb DDR1 (firma kingstone) Dysk : 500GB Seagate SATA Płyta główna : Gigabye GA-K8NF-9 Zasilacz : 400W Oprogramowanie : System : Windows XP Professional SP3 Antyvirus : Kaspersky Internet Security 2011 (11.0.2.556) Log z HiJackThis-a : http://wklej.to/WPdry P.S : Internet jest dzielony przez Ruter na dwa komputery.
Tomek01 komentarz 10 lutego 2011 komentarz 10 lutego 2011 Log z HJT to trochę za mało. Wkej logi z OTL, info poniżej:
Gość komentarz 10 lutego 2011 komentarz 10 lutego 2011 (edytowane) OTL http://wklej.to/iWpC3 http://wklej.to/mOEWd RSIT http://wklej.to/6L6eG http://wklej.to/BOJhB
Tomek01 komentarz 10 lutego 2011 komentarz 10 lutego 2011 Póki co, przenoszę do działu bezpieczeństwo. W OTL, w oknie Custom scan/fixes wklej: [code]:Files C:\WINDOWS\System32\secustat.dat C:\WINDOWS\System32\secushr.dat C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection C:\WINDOWS\Sys6547SettingsDB.sys :Commands [emptytemp] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT (Logi wstaw w tagi, tak jak w opisie).
Gość komentarz 10 lutego 2011 komentarz 10 lutego 2011 USUWANIE : [log]All processes killed ========== OTL ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 41206437 bytes ->Temporary Internet Files folder emptied: 721120 bytes ->Java cache emptied: 160160 bytes ->Google Chrome cache emptied: 7662075 bytes ->Opera cache emptied: 60024790 bytes ->Flash cache emptied: 3769 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134153 bytes %systemroot%\System32 .tmp files removed: 3870756 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 24192 bytes Windows Temp folder emptied: 311178 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 111,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02102011_234741 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\kls898B.tmp not found! Registry entries deleted on Reboot... [/log] OTL : 1. [log]OTL logfile created on: 2011-02-10 23:52:13 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 56,30 Gb Free Space | 48,46% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp) DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev) DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl) DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService) DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [Software Informer] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted [2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2011-02-10 15:31:07 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll [2011-02-10 15:31:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll [2011-02-10 15:31:07 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll [2011-02-10 15:31:07 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll [2011-02-10 15:31:07 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll [2011-02-10 15:31:07 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll [2011-02-10 15:31:07 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll [2011-02-10 15:31:07 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll [2011-02-10 15:31:07 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll [2011-02-10 15:31:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2011-02-10 15:31:07 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll [2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2011-02-10 15:31:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll [2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2011-02-10 15:31:07 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll [2011-02-10 15:31:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll [2011-02-10 15:31:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll [2011-02-10 15:31:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll [2011-02-10 15:31:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll [2011-02-10 15:31:07 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll [2011-02-10 15:31:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2011-02-10 15:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll [2011-02-10 15:31:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll [2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys [2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys [2011-02-10 15:31:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll [2011-02-10 15:31:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll [2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2011-02-10 15:31:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll [2011-02-10 15:31:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll [2011-02-10 15:31:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll [2011-02-10 15:31:07 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2011-02-10 15:31:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll [2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax [2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax [2011-02-10 15:31:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys [2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys [2011-02-10 15:31:07 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2011-02-10 15:31:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax [2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys [2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys [2011-02-10 15:31:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2011-02-10 15:31:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys [2011-02-10 15:31:07 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2011-02-10 15:31:07 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2011-02-10 15:31:06 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll [2011-02-10 15:31:06 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll [2011-02-10 15:31:06 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe [2011-02-10 15:31:06 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll [2011-02-10 15:31:06 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll [2011-02-10 15:31:06 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll [2011-02-10 15:31:06 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll [2011-02-10 15:31:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll [2011-02-10 15:31:06 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll [2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll [2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll [2011-02-10 15:31:06 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll [2011-02-10 15:31:06 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll [2011-02-10 15:31:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll [2011-02-10 15:31:06 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl [2011-02-10 15:31:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll [2011-02-10 15:31:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll [2011-02-10 15:31:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe [2011-02-10 15:31:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll [2011-02-10 15:31:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll [2011-02-10 15:31:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll [2011-02-10 15:31:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe [2011-02-10 15:31:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll [2011-02-10 15:31:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll [2011-02-10 15:31:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll [2011-02-10 15:31:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe [2011-02-10 15:31:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll [2011-02-10 15:31:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll [2011-02-10 15:31:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe [2011-02-10 15:31:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll [2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll [2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll [2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2 [2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager [2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager [2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011 [2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011 [2011-02-10 11:30:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011 [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files [2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag [2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne [2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing [2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache [2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome [2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis [2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP [2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get [2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta [2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios [2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt [2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17 [2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader [2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader [2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner [2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online [2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine [2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster [2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp [2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE [2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty [2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel [2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz [2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz [2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails [2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6 [2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP [2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager [2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys [2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer [2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update [2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software [2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield [2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2010-12-18 12:08:24 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys [2010-12-18 12:02:24 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll [2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys [2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys [2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys [2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys [2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys [2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-12-17 15:13:07 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-10 23:52:00 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job [2011-02-10 23:49:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-10 23:49:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2011-02-10 23:49:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2011-02-10 23:48:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-10 11:39:31 | 000,000,020 | -HS- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection [2011-02-10 11:39:31 | 000,000,020 | -HS- | M] () -- C:\WINDOWS\Sys6547SettingsDB.sys [2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini [2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-08 01:52:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job [2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:19:02 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat [2011-02-07 22:09:37 | 000,000,305 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat [2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-12-31 15:04:12 | 001,855,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2010-12-21 00:52:42 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010-12-21 00:52:42 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010-12-21 00:52:42 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010-12-21 00:52:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2010-12-21 00:52:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010-12-21 00:52:41 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010-12-21 00:52:41 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010-12-21 00:52:41 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll [2010-12-20 13:55:37 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2010-12-20 13:55:37 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI [2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf [2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-12-13 17:03:50 | 000,028,496 | ---- | M] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2011-02-10 11:39:31 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection [2011-02-10 11:39:31 | 000,000,020 | -HS- | C] () -- C:\WINDOWS\Sys6547SettingsDB.sys [2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk [2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-08 01:47:00 | 000,001,164 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job [2011-02-08 01:47:00 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job [2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:19:02 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat [2011-02-07 22:09:37 | 000,000,305 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat [2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-24 01:53:57 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011-01-24 01:42:45 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI [2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc [2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll [2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll [2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [color=#E56717]========== LOP Check ==========[/color] [2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems [2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2011-02-06 00:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog [2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo [2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy [2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung [2011-02-10 21:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-10 23:49:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job [2011-02-10 23:49:06 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-02-10 23:48:56 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C < End of report > [/log] [log]OTL Extras logfile created on: 2011-02-10 23:52:13 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 56,30 Gb Free Space | 48,46% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.) "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare) "E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare) "C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola) "D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- () "C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment) "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET "D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) "D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios) "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite "{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12 "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752 "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AQQ" = WapSter AQQ "AruaROSE_is1" = AruaROSE "Call of Duty" = Call of Duty "CCleaner" = CCleaner "Free Download Manager_is1" = Free Download Manager 3.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "JDownloader" = JDownloader "jv16 PowerTools 2011" = jv16 PowerTools 2011 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MTA:SA" = MTA:SA v1.0.4 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Opera 11.01.1190" = Opera 11.01 "Steam App 10" = Counter-Strike "Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes "Steam App 80" = Counter-Strike: Condition Zero "Stronghold_is1" = Twierdza "uTorrent" = µTorrent "VideoGet_is1" = Nuclear Coffee - VideoGet "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ System Events ] Error - 2011-02-07 16:55:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-07 20:18:31 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7031 Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2011-02-07 20:20:31 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7032 Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error - 2011-02-08 07:02:15 | Computer Name = FLIPER | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} Error - 2011-02-08 07:02:18 | Computer Name = FLIPER | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} Error - 2011-02-08 07:02:19 | Computer Name = FLIPER | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} Error - 2011-02-10 18:47:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:47:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:47:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:49:16 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde < End of report > [/log] 2.RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Administrator at 2011-02-10 23:57:43 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 58 GB (48%) free of 119 GB Total RAM: 1535 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:57:49, on 2011-02-10 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Opera\opera.exe C:\Program Files\WapSter\WapSter AQQ\AQQ.exe C:\Documents and Settings\Administrator\Pulpit\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5277 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Game_Booster_Startup.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job C:\WINDOWS\tasks\SmartDefrag_Startup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods] C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2010-10-05 228024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=60 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game" "E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL" "D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP" "C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz" "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike" "C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp" "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET" "D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher" "D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3" "C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3" "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero" "D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2" "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2011-02-10 23:41:16 ----D---- C:\rsit 2011-02-10 23:36:12 ----D---- C:\_OTL 2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys 2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2011-02-10 14:29:16 ----D---- C:\Downloads 2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager 2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG 2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager 2011-02-10 11:39:31 ----ASH---- C:\WINDOWS\Sys6547SettingsDB.sys 2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011 2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab 2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys 2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy 2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$ 2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$ 2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$ 2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$ 2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$ 2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$ 2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$ 2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini 2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe 2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe 2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe 2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache 2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar 2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton 2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller 2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro 2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit 2011-02-07 22:24:35 ----D---- C:\Program Files\DAP 2011-02-07 22:16:07 ----D---- C:\flash get 2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI 2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS 2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet 2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO 2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com 2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader 2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader 2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap 2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys 2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit 2011-01-24 01:42:34 ----D---- C:\Program Files\IObit 2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner 2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP 2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks 2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData 2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$ ======List of files/folders modified in the last 1 months====== 2011-02-10 23:49:19 ----D---- C:\WINDOWS\Temp 2011-02-10 23:48:49 ----D---- C:\WINDOWS 2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32\drivers 2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32 2011-02-10 23:41:24 ----D---- C:\WINDOWS\Prefetch 2011-02-10 21:31:49 ----D---- C:\Program Files\Opera 2011-02-10 21:31:47 ----SHD---- C:\WINDOWS\Installer 2011-02-10 21:14:08 ----D---- C:\Program Files\Steam 2011-02-10 21:12:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2011-02-10 15:48:51 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly 2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf 2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX 2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-02-10 15:29:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp 2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information 2011-02-10 14:23:53 ----RD---- C:\Program Files 2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config 2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug 2011-02-10 10:56:40 ----SHD---- C:\System Volume Information 2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files 2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe 2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer 2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$ 2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2011-02-08 01:47:00 ----SD---- C:\WINDOWS\Tasks 2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox 2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration 2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory 2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS 2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0 2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager 2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM 2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache 2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt 2011-02-06 00:41:13 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog 2011-02-02 08:34:28 ----SH---- C:\boot.ini 2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini 2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini 2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield 2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader 2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem 2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll 2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair 2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184] R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 acprv0me;acprv0me; C:\WINDOWS\system32\drivers\acprv0me.sys [] S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016] S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712] S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936] S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400] S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552] S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136] -----------------EOF----------------- [/log]
Tomek01 komentarz 11 lutego 2011 komentarz 11 lutego 2011 Przepraszam, wkradł się mały błąd. Wykonaj jeszcze raz wszystko, skrypt jest zmodyfikowany.
Gość komentarz 11 lutego 2011 komentarz 11 lutego 2011 (edytowane) USUWANIE : [log]All processes killed ========== FILES ========== C:\WINDOWS\System32\secustat.dat moved successfully. C:\WINDOWS\System32\secushr.dat moved successfully. C:\Documents and Settings\Administrator\Dane aplikacji\System7777DataCollection moved successfully. C:\WINDOWS\Sys6547SettingsDB.sys moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 2653886 bytes ->Temporary Internet Files folder emptied: 388888 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 819568 bytes ->Opera cache emptied: 8551042 bytes ->Flash cache emptied: 1065 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 202137 bytes RecycleBin emptied: 209738 bytes Total Files Cleaned = 12,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02112011_111637 Files\Folders moved on Reboot... C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\auth.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\burnlib.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\dsp_sps.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_aacplus.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_flac.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_lame.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_vorbis.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_wav.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\enc_wma.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_classicart.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_crasher.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_ff.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_find_on_disk.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_hotkeys.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_jumpex.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_ml.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_nopro.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_orgler.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_skinmanager.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_timerestore.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_tray.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\gen_undo.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_avi.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_cdda.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_dshow.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_flac.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_flv.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_linein.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_midi.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mkv.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mod.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mp3.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_mp4.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_nsv.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_swf.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_vorbis.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wav.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wave.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wm.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\in_wv.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_addons.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_autotag.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_bookmarks.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_devices.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_disc.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_downloads.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_enqplay.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_history.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_impex.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_local.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_nowplaying.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_online.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_orb.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_playlists.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_plg.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_pmp.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_rg.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_transcode.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ml_wire.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\ombrowser.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_disk.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_ds.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\out_wave.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\playlist.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_activesync.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_android.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_ipod.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_njb.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_p4s.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_usb.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\pmp_wifi.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\tagz.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_avs.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_milk2.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\vis_nsfs.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\winamp.lng moved successfully. C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLZ204C.tmp\winampa.lng moved successfully. File\Folder C:\WINDOWS\temp\klsCB3.tmp not found! File\Folder C:\WINDOWS\temp\Perflib_Perfdata_384.dat not found! Registry entries deleted on Reboot... [/log] OTL : [log]OTL logfile created on: 2011-02-11 11:19:41 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 56,32 Gb Free Space | 48,47% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp) DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev) DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl) DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService) DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [Software Informer] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted [2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2011-02-10 15:31:07 | 001,962,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll [2011-02-10 15:31:07 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll [2011-02-10 15:31:07 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll [2011-02-10 15:31:07 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll [2011-02-10 15:31:07 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll [2011-02-10 15:31:07 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll [2011-02-10 15:31:07 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll [2011-02-10 15:31:07 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll [2011-02-10 15:31:07 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll [2011-02-10 15:31:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2011-02-10 15:31:07 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll [2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2011-02-10 15:31:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2011-02-10 15:31:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll [2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2011-02-10 15:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2011-02-10 15:31:07 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll [2011-02-10 15:31:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll [2011-02-10 15:31:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll [2011-02-10 15:31:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll [2011-02-10 15:31:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll [2011-02-10 15:31:07 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll [2011-02-10 15:31:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2011-02-10 15:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll [2011-02-10 15:31:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll [2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys [2011-02-10 15:31:07 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys [2011-02-10 15:31:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll [2011-02-10 15:31:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll [2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2011-02-10 15:31:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2011-02-10 15:31:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll [2011-02-10 15:31:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll [2011-02-10 15:31:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll [2011-02-10 15:31:07 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2011-02-10 15:31:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll [2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax [2011-02-10 15:31:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax [2011-02-10 15:31:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys [2011-02-10 15:31:07 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys [2011-02-10 15:31:07 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2011-02-10 15:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2011-02-10 15:31:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax [2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys [2011-02-10 15:31:07 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys [2011-02-10 15:31:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2011-02-10 15:31:07 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys [2011-02-10 15:31:07 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2011-02-10 15:31:07 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2011-02-10 15:31:06 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll [2011-02-10 15:31:06 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll [2011-02-10 15:31:06 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe [2011-02-10 15:31:06 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll [2011-02-10 15:31:06 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll [2011-02-10 15:31:06 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll [2011-02-10 15:31:06 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll [2011-02-10 15:31:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll [2011-02-10 15:31:06 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll [2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll [2011-02-10 15:31:06 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll [2011-02-10 15:31:06 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll [2011-02-10 15:31:06 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll [2011-02-10 15:31:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll [2011-02-10 15:31:06 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl [2011-02-10 15:31:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll [2011-02-10 15:31:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll [2011-02-10 15:31:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe [2011-02-10 15:31:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll [2011-02-10 15:31:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll [2011-02-10 15:31:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll [2011-02-10 15:31:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe [2011-02-10 15:31:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll [2011-02-10 15:31:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll [2011-02-10 15:31:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll [2011-02-10 15:31:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe [2011-02-10 15:31:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll [2011-02-10 15:31:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll [2011-02-10 15:31:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe [2011-02-10 15:31:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll [2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll [2011-02-10 15:31:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll [2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2 [2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager [2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager [2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011 [2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011 [2011-02-10 11:30:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011 [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files [2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag [2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne [2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing [2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache [2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome [2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis [2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP [2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get [2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta [2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios [2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt [2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17 [2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader [2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader [2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner [2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online [2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine [2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster [2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp [2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE [2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty [2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel [2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz [2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz [2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails [2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6 [2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP [2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager [2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys [2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer [2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update [2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software [2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield [2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2010-12-18 12:08:24 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys [2010-12-18 12:02:24 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll [2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys [2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys [2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys [2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys [2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys [2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-12-17 15:13:07 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys [2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-11 11:18:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-11 11:18:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2011-02-11 11:18:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2011-02-11 11:17:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-11 00:52:07 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job [2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini [2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-08 01:52:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job [2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-12-31 15:04:12 | 001,855,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2010-12-21 00:52:42 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010-12-21 00:52:42 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010-12-21 00:52:42 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010-12-21 00:52:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2010-12-21 00:52:42 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010-12-21 00:52:41 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010-12-21 00:52:41 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010-12-21 00:52:41 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010-12-20 18:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll [2010-12-20 13:55:37 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2010-12-20 13:55:37 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI [2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf [2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-12-13 17:03:50 | 000,028,496 | ---- | M] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk [2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-08 01:47:00 | 000,001,164 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job [2011-02-08 01:47:00 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job [2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-24 01:53:57 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job [2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011-01-24 01:42:45 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI [2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc [2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll [2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll [2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [color=#E56717]========== LOP Check ==========[/color] [2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems [2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2011-02-06 00:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog [2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo [2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy [2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung [2011-02-10 21:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-11 11:18:01 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job [2011-02-11 11:18:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-02-11 11:17:49 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C < End of report >[/log] [log]OTL Extras logfile created on: 2011-02-11 11:19:41 - Run 4 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 56,32 Gb Free Space | 48,47% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 109,08 Gb Free Space | 74,46% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 68,65 Gb Free Space | 55,38% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.) "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare) "E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare) "C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola) "D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- () "C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment) "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET "D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) "D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios) "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite "{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12 "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752 "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AQQ" = WapSter AQQ "AruaROSE_is1" = AruaROSE "Call of Duty" = Call of Duty "CCleaner" = CCleaner "Free Download Manager_is1" = Free Download Manager 3.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "JDownloader" = JDownloader "jv16 PowerTools 2011" = jv16 PowerTools 2011 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MTA:SA" = MTA:SA v1.0.4 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Opera 11.01.1190" = Opera 11.01 "Steam App 10" = Counter-Strike "Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes "Steam App 80" = Counter-Strike: Condition Zero "Stronghold_is1" = Twierdza "uTorrent" = µTorrent "VideoGet_is1" = Nuclear Coffee - VideoGet "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ System Events ] Error - 2011-02-08 07:02:19 | Computer Name = FLIPER | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi helpsvc z argumentami „” w celu uruchomienia serwera: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} Error - 2011-02-10 18:47:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:47:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:47:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-10 18:49:16 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-11 06:04:42 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-11 06:16:37 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:16:38 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:16:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:18:14 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde < End of report > [/log] RSIT : [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Administrator at 2011-02-11 11:24:01 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 58 GB (48%) free of 119 GB Total RAM: 1535 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:24:06, on 2011-02-11 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Opera\opera.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\WapSter\WapSter AQQ\AQQ.exe C:\Documents and Settings\Administrator\Pulpit\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5313 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Game_Booster_Startup.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job C:\WINDOWS\tasks\SmartDefrag_Startup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods] C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2010-10-05 228024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=60 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game" "E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL" "D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP" "C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz" "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike" "C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp" "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET" "D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher" "D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3" "C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3" "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero" "D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2" "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2011-02-10 23:41:16 ----D---- C:\rsit 2011-02-10 23:36:12 ----D---- C:\_OTL 2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys 2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2011-02-10 14:29:16 ----D---- C:\Downloads 2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager 2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG 2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager 2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011 2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab 2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys 2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy 2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$ 2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$ 2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$ 2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$ 2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$ 2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$ 2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$ 2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini 2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe 2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe 2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe 2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache 2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar 2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton 2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller 2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro 2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit 2011-02-07 22:24:35 ----D---- C:\Program Files\DAP 2011-02-07 22:16:07 ----D---- C:\flash get 2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI 2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS 2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet 2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO 2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com 2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader 2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader 2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap 2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys 2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit 2011-01-24 01:42:34 ----D---- C:\Program Files\IObit 2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner 2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP 2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks 2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData 2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$ ======List of files/folders modified in the last 1 months====== 2011-02-11 11:18:15 ----D---- C:\WINDOWS\Temp 2011-02-11 11:16:38 ----D---- C:\WINDOWS\system32 2011-02-11 11:16:38 ----D---- C:\WINDOWS 2011-02-11 00:27:36 ----D---- C:\Program Files\Steam 2011-02-11 00:23:59 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-10 23:47:49 ----D---- C:\WINDOWS\system32\drivers 2011-02-10 23:41:24 ----D---- C:\WINDOWS\Prefetch 2011-02-10 21:31:49 ----D---- C:\Program Files\Opera 2011-02-10 21:31:47 ----SHD---- C:\WINDOWS\Installer 2011-02-10 21:12:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly 2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf 2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX 2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-02-10 15:29:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp 2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information 2011-02-10 14:23:53 ----RD---- C:\Program Files 2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config 2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug 2011-02-10 10:56:40 ----SHD---- C:\System Volume Information 2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files 2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe 2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer 2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$ 2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2011-02-08 01:47:00 ----SD---- C:\WINDOWS\Tasks 2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox 2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration 2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory 2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS 2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0 2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager 2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM 2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache 2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt 2011-02-06 00:41:13 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog 2011-02-02 08:34:28 ----SH---- C:\boot.ini 2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini 2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini 2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield 2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader 2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem 2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll 2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair 2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184] R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928] R3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 a2tf7vt5;a2tf7vt5; C:\WINDOWS\system32\drivers\a2tf7vt5.sys [] S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016] S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712] S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936] S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400] S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552] S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136] -----------------EOF----------------- [/log] @EDYCJA Dodam iż,coś zaczeło "skakać" Choke w grze counter strike 1.6 tak gdzieś z 0 do 60 a ping jak narazie sie uspokoił.
Tomek01 komentarz 11 lutego 2011 komentarz 11 lutego 2011 Jeszcze nie wszystko. W OTL, w oknie Custom scan/fixes wklej: [code]:OTL O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm () C:\Program Files\Common Files\AskToolbarInstaller.exe@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C :Files C:\WINDOWS\tasks\Game_Booster_Startup.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job C:\WINDOWS\tasks\SmartDefrag_Startup.job C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp C:\Program Files\Common Files\Spigot\Search Settings C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog :Reg [ -HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods] [ -HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach. Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.
Gość komentarz 20 lutego 2011 komentarz 20 lutego 2011 (edytowane) USUWANIE : [log]All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载\ deleted successfully. C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetUrl.htm moved successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接\ deleted successfully. C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO\GetAllUrl.htm moved successfully. ========== FILES ========== C:\WINDOWS\tasks\Game_Booster_Startup.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500Core.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1767777339-839522115-500UA.job moved successfully. C:\WINDOWS\tasks\SmartDefrag_Startup.job moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WPDNSE folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml\xui\browser folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml\xui folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\xml folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\window\menu folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\window folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\shade folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern\player folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Winamp Modern folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Big Bento\window folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Big Bento folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Bento\window folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform\Bento folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp\freeform folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\WLZ7486.tmp folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\hsperfdata_Administrator folder moved successfully. C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp folder moved successfully. File\Folder C:\Program Files\Common Files\Spigot\Search Settings not found. C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog folder moved successfully. ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1732119 bytes ->Java cache emptied: 272681 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 4550705 bytes ->Flash cache emptied: 1468 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 294772 bytes RecycleBin emptied: 103844 bytes Total Files Cleaned = 7,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02112011_200753 Files\Folders moved on Reboot... C:\WINDOWS\temp\klsA7BF.tmp moved successfully. Registry entries deleted on Reboot... [/log] OTL : [log] OTL Extras logfile created on: 2011-02-11 20:15:55 - Run 5 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 53,45 Gb Free Space | 46,01% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 106,23 Gb Free Space | 72,52% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 67,50 Gb Free Space | 54,45% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.) "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare) "E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare) "C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola) "D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- () "C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment) "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET "D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) "D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios) "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon) "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite "{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12 "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752 "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AQQ" = WapSter AQQ "AruaROSE_is1" = AruaROSE "Call of Duty" = Call of Duty "CCleaner" = CCleaner "Combat Arms EU" = Combat Arms EU "Free Download Manager_is1" = Free Download Manager 3.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "JDownloader" = JDownloader "jv16 PowerTools 2011" = jv16 PowerTools 2011 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MTA:SA" = MTA:SA v1.0.4 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Opera 11.01.1190" = Opera 11.01 "Steam App 10" = Counter-Strike "Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes "Steam App 80" = Counter-Strike: Condition Zero "Stronghold_is1" = Twierdza "uTorrent" = µTorrent "VideoGet_is1" = Nuclear Coffee - VideoGet "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ System Events ] Error - 2011-02-11 06:16:37 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:16:38 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:16:43 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 06:18:14 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-11 08:57:50 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-11 10:37:35 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-11 15:07:54 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 15:07:54 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 15:07:55 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-11 15:10:45 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde < End of report > [/log] [log] OTL logfile created on: 2011-02-11 20:15:55 - Run 5 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 53,45 Gb Free Space | 46,01% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 106,23 Gb Free Space | 72,52% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 67,50 Gb Free Space | 54,45% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp) DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev) DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl) DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService) DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKCU..\Run: [Software Informer] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) MsConfig - StartUpReg: [b]facemoods[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SearchSettings[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-11 20:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes [2011-02-11 20:16:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-02-11 20:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2011-02-11 20:16:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-02-11 20:16:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-02-11 20:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-02-11 19:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-02-11 16:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nexon [2011-02-11 16:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2011-02-11 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011-02-11 15:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\SystemRequirementsLab [2011-02-11 15:47:53 | 000,000,000 | ---D | C] -- C:\Nexon [2011-02-11 15:47:47 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2011-02-11 12:42:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-10 23:25:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted [2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2 [2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager [2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager [2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011 [2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011 [2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011 [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files [2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag [2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne [2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing [2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache [2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome [2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis [2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP [2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get [2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta [2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios [2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt [2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17 [2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader [2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader [2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner [2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online [2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine [2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster [2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-12-29 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-12-29 13:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Detektor Winampa [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp [2010-12-22 22:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-22 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET [2010-12-20 17:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\AruaROSE [2010-12-19 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Call of Duty [2010-12-19 14:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Duel [2010-12-19 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EliteGunz [2010-12-19 14:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\EliteGunz [2010-12-19 12:20:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2010-12-18 23:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails [2010-12-18 23:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\gegl-0.0 [2010-12-18 23:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gimp-2.6 [2010-12-18 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP [2010-12-18 23:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010-12-18 23:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2010-12-18 22:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-12-18 22:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager [2010-12-18 22:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager [2010-12-18 21:17:58 | 000,023,552 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Motousbnet.sys [2010-12-18 21:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Driver Installer [2010-12-18 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update [2010-12-18 21:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\BVRP Software [2010-12-18 21:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Phone Tools [2010-12-18 21:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-12-18 21:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield [2010-12-18 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2010-12-18 12:02:25 | 000,006,016 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motfilt.sys [2010-12-18 12:02:24 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys [2010-12-18 12:02:24 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys [2010-12-18 12:02:24 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys [2010-12-18 12:02:24 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys [2010-12-18 12:02:19 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys [2010-12-18 12:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010-12-17 20:05:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2010-12-17 19:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-12-17 19:48:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-12-17 19:47:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-12-17 15:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-12-17 15:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-11 20:16:43 | 000,246,740 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2011-02-11 20:16:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-02-11 20:10:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-11 20:10:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-11 19:47:46 | 000,019,438 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ScreenHunter_01 Feb. 11 19.47.jpg [2011-02-11 16:17:14 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk [2011-02-11 15:47:53 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2011-02-11 15:47:48 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2011-02-10 23:40:45 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 23:25:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2011-02-10 21:31:49 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:21:50 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-09 22:30:28 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini [2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-19 20:41:23 | 000,000,745 | ---- | M] () -- C:\WINDOWS\CoD.INI [2010-12-18 22:58:44 | 000,000,476 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\lul.rtf [2010-12-18 21:12:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-11 20:16:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-02-11 20:16:13 | 000,246,740 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\launch.exe [2011-02-11 19:47:46 | 000,019,438 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ScreenHunter_01 Feb. 11 19.47.jpg [2011-02-11 16:17:14 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Combat Arms EU.lnk [2011-02-11 15:47:53 | 000,000,235 | ---- | C] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2011-02-10 23:40:45 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\RSIT.exe [2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-02-10 21:31:49 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk [2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2011-02-06 18:30:43 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-22 17:57:37 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI [2010-12-18 21:12:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf [2010-12-18 12:37:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motfilt_01007.Wdf [2010-12-18 12:08:51 | 000,002,503 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\RSD Lite.lnk [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010-12-18 12:08:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010-12-18 12:08:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc [2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll [2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d.dll [2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [color=#E56717]========== LOP Check ==========[/color] [2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems [2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2011-02-07 22:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-11 20:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo [2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2011-02-07 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy [2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung [2011-02-11 15:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-02 08:34:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-02-11 20:10:18 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C < End of report > [/log] RSIT : [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Administrator at 2011-02-11 20:21:03 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 55 GB (46%) free of 119 GB Total RAM: 1535 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:21:14, on 2011-02-11 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\Administrator\Pulpit\RSIT.exe C:\Program Files\trend micro\Administrator.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5490 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun [] "KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2011-02-11 438272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods] C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2010-10-05 228024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=60 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game" "E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL" "D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP" "C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz" "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike" "C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp" "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET" "D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher" "D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3" "C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3" "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero" "D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2" "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe" "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike" "D:\Combat Arms EU\NMService.exe"="D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" ======List of files/folders created in the last 1 months====== 2011-02-11 20:16:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes 2011-02-11 20:16:29 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2011-02-11 20:16:28 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2011-02-11 20:16:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-02-11 20:16:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2011-02-11 19:19:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nexon 2011-02-11 16:13:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU 2011-02-11 15:49:00 ----D---- C:\Program Files\SystemRequirementsLab 2011-02-11 15:47:53 ----D---- C:\Nexon 2011-02-11 15:47:53 ----A---- C:\WINDOWS\system32\nxEuUninstall.bat 2011-02-11 15:47:47 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe 2011-02-10 23:41:16 ----D---- C:\rsit 2011-02-10 23:36:12 ----D---- C:\_OTL 2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys 2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2011-02-10 14:29:16 ----D---- C:\Downloads 2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager 2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG 2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager 2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011 2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab 2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys 2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy 2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$ 2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$ 2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$ 2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$ 2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$ 2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$ 2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$ 2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini 2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe 2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe 2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe 2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache 2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar 2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton 2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller 2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro 2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit 2011-02-07 22:24:35 ----D---- C:\Program Files\DAP 2011-02-07 22:16:07 ----D---- C:\flash get 2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI 2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS 2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet 2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO 2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com 2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader 2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader 2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap 2011-01-29 13:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys 2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit 2011-01-24 01:42:34 ----D---- C:\Program Files\IObit 2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner 2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP 2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks 2011-01-17 17:09:01 ----D---- C:\WINDOWS\system32\NtmsData 2011-01-12 18:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$ ======List of files/folders modified in the last 1 months====== 2011-02-11 20:16:51 ----D---- C:\WINDOWS\Prefetch 2011-02-11 20:16:29 ----D---- C:\WINDOWS\system32\drivers 2011-02-11 20:16:24 ----RD---- C:\Program Files 2011-02-11 20:10:50 ----D---- C:\WINDOWS\Temp 2011-02-11 20:07:55 ----SD---- C:\WINDOWS\Tasks 2011-02-11 20:01:26 ----D---- C:\WINDOWS 2011-02-11 19:15:11 ----D---- C:\Program Files\Steam 2011-02-11 18:54:22 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-11 15:49:11 ----D---- C:\Program Files\Opera 2011-02-11 15:49:01 ----SHD---- C:\WINDOWS\Installer 2011-02-11 15:47:53 ----D---- C:\WINDOWS\system32 2011-02-11 15:47:52 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2011-02-11 13:10:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Winamp 2011-02-10 15:40:13 ----RSD---- C:\WINDOWS\assembly 2011-02-10 15:40:06 ----HD---- C:\WINDOWS\inf 2011-02-10 15:39:39 ----D---- C:\WINDOWS\system32\DirectX 2011-02-10 15:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-02-10 15:07:07 ----HD---- C:\Program Files\InstallShield Installation Information 2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config 2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug 2011-02-10 10:56:40 ----SHD---- C:\System Volume Information 2011-02-10 10:56:40 ----D---- C:\Program Files\Common Files 2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe 2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer 2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$ 2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox 2011-02-07 22:58:09 ----D---- C:\WINDOWS\Registration 2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory 2011-02-07 22:47:45 ----D---- C:\WINDOWS\WinSxS 2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0 2011-02-07 22:03:52 ----D---- C:\Program Files\Internet Download Manager 2011-02-07 22:03:02 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM 2011-02-07 22:02:48 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache 2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt 2011-02-02 08:34:28 ----SH---- C:\boot.ini 2011-02-02 08:34:28 ----A---- C:\WINDOWS\win.ini 2011-02-02 08:34:27 ----A---- C:\WINDOWS\system.ini 2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield 2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader 2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem 2011-01-22 15:56:28 ----D---- C:\WINDOWS\system32\Restore 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shimgvw.dll 2011-01-21 15:44:11 ----A---- C:\WINDOWS\system32\shell32.dll 2011-01-17 17:09:01 ----D---- C:\WINDOWS\repair 2011-01-16 15:00:45 ----D---- C:\Program Files\uTorrent ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184] R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 af53g448;af53g448; C:\WINDOWS\system32\drivers\af53g448.sys [] S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016] S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [] S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712] S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936] S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400] S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552] S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424] S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136] -----------------EOF----------------- [/log] @EDYCJA : MALWAREBYTES Anti-Malwe : [log]Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Wersja bazy: 5742 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2011-02-11 21:34:26 mbam-log-2011-02-11 (21-34-23).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowano obiektów: 274959 Upłynęło: 51 minut(y), 41 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 1 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 2 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken. Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: e:\instalki dominik\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> No action taken. c:\WINDOWS\system32\d3dx10d.dll (Trojan.FakeAlert) -> No action taken. [/log] @edit2 dr web nic nie wykryl.refresh@
Tomek01 komentarz 20 lutego 2011 komentarz 20 lutego 2011 Wklej do OTL: [code]:Files C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe :Reg [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Przeskanuj na virustotal poniższy plik: C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
Gość komentarz 21 lutego 2011 komentarz 21 lutego 2011 (edytowane) [log]All processes killed ========== FILES ========== File\Folder C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\RGI2.tmp not found. File\Folder C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 21266452 bytes ->Temporary Internet Files folder emptied: 1140342 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 161731607 bytes ->Opera cache emptied: 15530408 bytes ->Flash cache emptied: 2059 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 866532058 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1 017,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02212011_223531 Files\Folders moved on Reboot... C:\WINDOWS\temp\kls8D4A.tmp moved successfully. Registry entries deleted on Reboot... [/log] Wynik virus total 0/42 http://www.virustotal.com/file-scan/report.html?id=fdf6a15e87b9028f6c38620a77e5cc5f82582d3dd0c09e81dabb8d35621c0b61-1288029949 otl ; [log]OTL logfile created on: 2011-02-21 22:41:47 - Run 6 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 29,16 Gb Free Space | 25,09% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 98,58 Gb Free Space | 67,30% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 43,28 Gb Free Space | 34,91% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe PRC - [2011-02-10 21:31:47 | 000,943,472 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-07 12:56:24 | 008,993,280 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-09 16:24:34 | 000,155,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-06-29 02:41:56 | 000,401,408 | R--- | M] () -- C:\WINDOWS\713xRMT.exe PRC - [2007-06-29 02:41:56 | 000,352,256 | R--- | M] () -- C:\WINDOWS\713xRMTMon.exe PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2005-08-25 10:30:14 | 000,307,200 | ---- | M] () -- C:\Program Files\honestech\honestech TVR\scheduleTV.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe MOD - [2011-01-21 15:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-12-09 16:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-11-27 13:45:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-26 18:02:54 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010-07-09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-05-07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010-04-27 03:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-04-27 03:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010-04-27 03:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-12-22 10:00:26 | 000,023,552 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2009-06-19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp) DRV - [2009-05-08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev) DRV - [2009-01-29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl) DRV - [2009-01-29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService) DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-11-02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService) DRV - [2007-06-29 02:42:02 | 000,279,552 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard) DRV - [2007-06-29 02:42:02 | 000,025,984 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WDMTuner.sys -- (WDMTVTuner) DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-796845957-1767777339-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2011-02-08 01:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-27 19:08:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-12-06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2010-11-29 07:39:38 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (Headlight Software, Inc.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-796845957-1767777339-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe () O4 - HKU\S-1-5-21-796845957-1767777339-839522115-500..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRDownload.htm () O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRBrowse.htm () O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]KPeerNexonEU[/b] - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () MsConfig - StartUpReg: [b]Pando Media Booster[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PCSpeedUp[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Software Informer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-02-21 22:35:08 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe [2011-02-21 16:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\TechSmith [2011-02-21 16:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Camtasia Studio [2011-02-21 16:04:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime [2011-02-21 16:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Camtasia Studio 7 [2011-02-21 16:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011-02-21 16:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared [2011-02-21 16:02:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2011-02-21 16:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith [2011-02-21 15:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer [2011-02-21 15:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT [2011-02-21 15:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer [2011-02-21 15:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony [2011-02-21 14:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GetRight [2011-02-21 14:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\GetRight [2011-02-21 13:42:50 | 000,000,000 | ---D | C] -- C:\Fraps [2011-02-20 14:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NFSMW (Black Edition 1.3) Mega Trainer [2011-02-20 14:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\vbNFSMWMegaTrainer [2011-02-20 12:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Nowy folder [2011-02-19 14:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog [2011-02-19 01:04:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2011-02-18 22:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\honestech [2011-02-18 22:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\honestech [2011-02-18 22:15:23 | 000,204,800 | ---- | C] (Items Technology Co., Ltd.) -- C:\WINDOWS\System32\713xTTXDecoder.ax [2011-02-18 22:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\MyInstall [2011-02-18 22:15:05 | 000,025,984 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\WDMTuner.sys [2011-02-18 22:14:51 | 000,069,632 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34TVCtrl.dll [2011-02-18 22:14:51 | 000,061,440 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\Prop713x.dll [2011-02-18 22:14:50 | 000,135,168 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34API.dll [2011-02-18 22:14:42 | 000,279,552 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\SAA713x.sys [2011-02-17 16:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Carbon [2011-02-17 11:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blue Byte [2011-02-17 11:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS [2011-02-17 11:28:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts [2011-02-16 13:19:06 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2011-02-16 13:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision [2011-02-16 12:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations [2011-02-16 12:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blur(TM) [2011-02-16 12:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Activision [2011-02-11 21:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\DoctorWeb [2011-02-11 20:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Download Manager [2011-02-11 20:16:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes [2011-02-11 20:16:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-02-11 20:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2011-02-11 20:16:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-02-11 20:16:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-02-11 20:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-02-11 19:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-02-11 16:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nexon [2011-02-11 16:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2011-02-11 15:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011-02-11 15:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\SystemRequirementsLab [2011-02-11 15:47:53 | 000,000,000 | ---D | C] -- C:\Nexon [2011-02-11 15:47:47 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2011-02-10 23:41:16 | 000,000,000 | ---D | C] -- C:\rsit [2011-02-10 23:36:12 | 000,000,000 | ---D | C] -- C:\_OTL [2011-02-10 16:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-02-10 15:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\NFS Most Wanted [2011-02-10 15:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA GAMES [2011-02-10 15:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2011-02-10 15:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 15:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Stronghold 2 [2011-02-10 14:29:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011-02-10 14:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2011-02-10 14:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Download Manager [2011-02-10 14:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-02-10 14:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager [2011-02-10 11:39:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\jv16 PowerTools 2011 [2011-02-10 11:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011 [2011-02-10 10:59:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Internet Security 2011 [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2011-02-10 10:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab [2011-02-10 10:58:43 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files [2011-02-10 10:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2011-02-08 11:51:12 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\PageDefrag [2011-02-08 02:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2011-02-08 02:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje książki elektroniczne [2011-02-08 02:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PrintMe Internet Printing [2011-02-08 02:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2011-02-08 02:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011-02-08 02:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-02-08 02:39:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache [2011-02-08 01:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Google Chrome [2011-02-08 01:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google [2011-02-08 01:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2011-02-08 01:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2011-02-08 01:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-02-07 22:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis [2011-02-07 22:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2011-02-07 22:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-07 22:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-07 22:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAP [2011-02-07 22:16:07 | 000,000,000 | ---D | C] -- C:\flash get [2011-02-07 22:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2011-02-07 22:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-07 22:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-02 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\obrazki z pejnta [2011-01-31 20:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios [2011-01-31 01:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pejnt [2011-01-30 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Team17 [2011-01-29 21:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-01-29 21:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader [2011-01-29 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2011-01-29 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2011-01-29 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\VDownloader [2011-01-29 21:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011-01-25 19:12:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2011-01-24 01:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-01-24 01:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2011-01-24 01:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner [2011-01-24 01:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\The Lord of the Rings Online [2011-01-23 21:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Lord of the Rings Online [2011-01-23 19:53:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Turbine [2011-01-23 17:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2011-01-23 17:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2011-01-23 17:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-01-22 16:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011-01-17 17:09:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011-01-06 22:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster [2011-01-06 21:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory [2010-12-29 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-11-28 15:14:25 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-02-21 22:37:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-02-21 22:36:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-02-21 22:35:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL_3.2.20.6(dobreprogramy.pl).exe [2011-02-21 16:52:48 | 000,021,262 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PlayList.mbl [2011-02-21 16:45:07 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-19 00:19:18 | 000,551,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-18 22:15:59 | 000,001,755 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk [2011-02-17 21:27:18 | 000,000,040 | ---- | M] () -- C:\WINDOWS\nfsc_patch.ini [2011-02-17 11:41:33 | 000,003,421 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-02-16 13:12:09 | 000,000,319 | ---- | M] () -- C:\WINDOWS\game.ini [2011-02-11 20:43:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-02-11 15:47:53 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2011-02-11 15:47:48 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2011-02-10 10:59:40 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:58:43 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011-02-10 10:47:22 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-08 11:51:51 | 000,000,063 | ---- | M] () -- C:\WINDOWS\wininit.ini [2011-02-08 11:51:12 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2011-02-08 02:38:14 | 000,144,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-07 23:08:24 | 000,000,365 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI [2011-01-31 14:28:24 | 000,042,905 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-23 17:58:12 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-23 17:57:55 | 000,499,510 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-23 17:57:55 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-23 17:57:55 | 000,088,816 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-23 17:57:55 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-06 22:13:49 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:23 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-21 16:52:48 | 000,021,262 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PlayList.mbl [2011-02-21 15:38:37 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-02-21 15:38:37 | 000,797,184 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax [2011-02-21 15:38:37 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-02-18 22:16:08 | 000,401,408 | R--- | C] () -- C:\WINDOWS\713xRMT.exe [2011-02-18 22:16:07 | 000,352,256 | R--- | C] () -- C:\WINDOWS\713xRMTMon.exe [2011-02-18 22:15:59 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Scheduler for OEM.lnk [2011-02-17 21:27:18 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini [2011-02-17 11:41:33 | 000,003,421 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011-02-16 13:12:09 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2011-02-11 15:47:53 | 000,000,235 | ---- | C] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2011-02-10 21:31:49 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-02-10 15:31:07 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-02-10 15:31:07 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2011-02-10 15:31:07 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2011-02-10 15:31:07 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2011-02-10 15:31:07 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2011-02-10 15:31:07 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2011-02-10 15:31:07 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2011-02-10 15:31:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2011-02-10 10:59:40 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2011-02-10 10:59:40 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2011-02-10 10:47:22 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2011-02-08 11:51:51 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011-02-08 02:41:27 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 6.0 CE.lnk [2011-02-08 02:38:14 | 000,144,631 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Regulamin_ESKA_Lubie_to.pdf [2011-02-07 23:08:24 | 000,000,365 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MUZYKA.lnk [2011-02-07 23:07:20 | 000,000,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\INSTALKI.lnk [2011-02-07 23:05:21 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\ZDJĘCIA.lnk [2011-02-07 23:03:17 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\GRY.lnk [2011-02-07 23:02:23 | 000,000,377 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\PROGRAMY.lnk [2011-02-07 22:08:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2011-01-31 14:28:23 | 000,042,905 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\default.htm [2011-01-24 01:43:39 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011-01-24 01:43:39 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011-01-23 17:58:12 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2011-01-06 22:13:50 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-01-06 22:13:45 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-01-06 22:13:23 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2011-01-06 22:13:17 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-22 17:57:37 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-19 20:20:33 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI [2010-11-28 15:14:26 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010-11-27 13:45:17 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-11-21 13:36:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010-11-21 13:36:41 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010-11-21 13:36:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc [2010-11-20 17:47:46 | 000,494,557 | ---- | C] () -- C:\WINDOWS\System32\dxgi.dll [2010-11-20 17:47:46 | 000,025,037 | ---- | C] () -- C:\WINDOWS\System32\Nucleus.dll [2010-11-20 17:47:44 | 000,519,912 | ---- | C] () -- C:\WINDOWS\System32\d3dx10d_33.dll [2010-11-20 17:47:43 | 000,566,624 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-11-20 15:56:48 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-11-20 15:56:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010-11-20 15:25:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [color=#E56717]========== LOP Check ==========[/color] [2010-12-11 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ACD Systems [2011-02-07 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BITS [2011-02-16 12:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations [2010-11-27 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite [2011-02-21 14:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2011-02-19 14:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog [2011-01-29 21:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com [2011-02-07 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet [2011-02-11 20:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO [2011-02-10 14:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager [2010-11-20 17:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GetRightToGo [2011-02-06 18:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 [2011-02-21 13:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-11-28 15:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenCandy [2010-11-20 15:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2010-11-21 13:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Samsung [2011-02-21 15:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sony [2011-02-21 19:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent [2011-01-29 21:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader [2010-12-11 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2010-12-18 21:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2010-11-27 13:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-10 15:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios [2011-02-10 14:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG [2011-01-24 01:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon [2011-02-11 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2010-11-21 13:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung [2011-02-07 22:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit [2011-02-21 16:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2011-02-07 22:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-11 20:43:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2002-09-28 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-11-20 14:53:29 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-11-20 14:53:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2010-11-27 22:48:25 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-02-21 22:36:43 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2002-09-28 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C < End of report > [/log] [log]OTL Extras logfile created on: 2011-02-21 22:41:47 - Run 6 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 116,19 Gb Total Space | 29,16 Gb Free Space | 25,09% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 98,58 Gb Free Space | 67,30% Space Free | Partition Type: NTFS Drive E: | 123,96 Gb Total Space | 43,28 Gb Free Space | 34,91% Space Free | Partition Type: NTFS Computer Name: FLIPER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.) "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "E:\Mass Effect\Binaries\MassEffect.exe" = E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game -- (BioWare) "E:\Mass Effect\MassEffectLauncher.exe" = E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher -- (BioWare) "C:\Program Files\Motorola\RSD Lite\SDL.exe" = C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL -- (Motorola) "D:\Program Files\Call of Duty\CoDMP.exe" = D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- () "C:\Program Files\EliteGunz\EliteGunz.exe" = C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz -- (MAIET entertainment) "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET "D:\COUNTER STrike NS\hl.exe" = D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "D:\The Lord of the Rings Online\lotroclient.exe" = D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.) "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\flash get\FlashGet\FlashGet3.exe" = C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 "D:\Stronghold 2\Stronghold2.exe" = D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios) "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "D:\Combat Arms EU\CombatArms.exe" = D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon) "D:\Combat Arms EU\Engine.exe" = D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon) "D:\Combat Arms EU\NMService.exe" = D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.) "C:\Program Files\Activision\Blur(TM)\Blur.exe" = C:\Program Files\Activision\Blur(TM)\Blur.exe:*:Enabled:Blur -- () "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- () "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7 "{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R) "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2 "{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A01E2BF5-2BA5-4846-B3DC-7F8866C0C5FA}" = RSDLite "{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12 "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752 "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™ v03.02.04.8010 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "AruaROSE_is1" = AruaROSE "Call of Duty" = Call of Duty "CCleaner" = CCleaner "Combat Arms EU" = Combat Arms EU "Free Download Manager_is1" = Free Download Manager 3.0 "GetRight Pro_is1" = GetRight "ie8" = Windows Internet Explorer 8 "InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "JDownloader" = JDownloader "jv16 PowerTools 2011" = jv16 PowerTools 2011 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MTA:SA" = MTA:SA v1.0.4 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Opera 11.01.1190" = Opera 11.01 "S3 Gold" = The Settlers III Gold Edition "ST6UNST #1" = Need For Speed Most Wanted (Black Edition 1.3) Mega Trainer "Steam App 10" = Counter-Strike "Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes "Steam App 80" = Counter-Strike: Condition Zero "Stronghold_is1" = Twierdza "uTorrent" = µTorrent "VideoGet_is1" = Nuclear Coffee - VideoGet "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = Archiwizator WinRAR "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-796845957-1767777339-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-02-16 07:36:26 | Computer Name = FLIPER | Source = MsiInstaller | ID = 1013 Description = Product: Activision(R) -- This installation cannot be run by directly launching the MSI package. You must run setup.exe. Error - 2011-02-16 07:57:53 | Computer Name = FLIPER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd blur.exe, wersja 0.0.0.0, moduł powodujący błąd blur.exe, wersja 0.0.0.0, adres błędu 0x004419a4. Error - 2011-02-17 06:16:59 | Computer Name = FLIPER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd nfs_inst.exe, wersja 0.0.0.0, moduł powodujący błąd nfs_inst.exe, wersja 0.0.0.0, adres błędu 0x00002850. Error - 2011-02-17 17:05:09 | Computer Name = FLIPER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd nfsc.exe, wersja 0.0.0.0, moduł powodujący błąd nfsc.exe, wersja 0.0.0.0, adres błędu 0x00200a7d. Error - 2011-02-17 18:05:29 | Computer Name = FLIPER | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd nfsc.exe, wersja 0.0.0.0, moduł powodujący błąd nfsc.exe, wersja 0.0.0.0, adres błędu 0x0029d26d. Error - 2011-02-20 09:29:54 | Computer Name = FLIPER | Source = | ID = 0 Description = Error - 2011-02-20 09:29:54 | Computer Name = FLIPER | Source = | ID = 0 Description = Error - 2011-02-20 09:31:19 | Computer Name = FLIPER | Source = | ID = 0 Description = Error - 2011-02-20 09:31:19 | Computer Name = FLIPER | Source = | ID = 0 Description = [ System Events ] Error - 2011-02-21 09:10:25 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-21 09:18:08 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-21 11:45:55 | Computer Name = FLIPER | Source = DCOM | ID = 10000 Description = Nie można uruchomić serwera DCOM: {46986115-84D6-459C-8F95-52DD653E532E}. Błąd: „%2” wystąpił podczas uruchamiania tego polecenia: "C:\Program Files\Winamp\winamp.exe" -Embedding Error - 2011-02-21 11:46:07 | Computer Name = FLIPER | Source = DCOM | ID = 10000 Description = Nie można uruchomić serwera DCOM: {46986115-84D6-459C-8F95-52DD653E532E}. Błąd: „%2” wystąpił podczas uruchamiania tego polecenia: "C:\Program Files\Winamp\winamp.exe" -Embedding Error - 2011-02-21 11:49:53 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-21 15:27:41 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde Error - 2011-02-21 17:35:32 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-21 17:35:32 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa FsUsbExService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-21 17:35:33 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-02-21 17:37:06 | Computer Name = FLIPER | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: atapi PCIIde < End of report > [/log] rsit ; [log] Logfile of random's system information tool 1.08 (written by random/random) Run by Administrator at 2011-02-21 22:46:10 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 30 GB (25%) free of 119 GB Total RAM: 1535 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:46:17, on 2011-02-21 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\713xRMTMon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\honestech\honestech TVR\scheduleTV.exe C:\WINDOWS\713xRMT.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Opera\opera.exe C:\Program Files\WapSter\WapSter AQQ\AQQ.exe E:\Programy\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Pobierz w Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5949 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31FF080D-12A3-439A-A2EF-4BA95A3148E8}] IE to GetRight Helper - C:\Program Files\GetRight\xx2gr.dll [2007-07-18 246848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05 68280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05 191160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] "TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMTMon.exe [2007-06-29 352256] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-02-08 1362944] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-08 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2011-02-11 438272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] C:\Program Files\Przyspiesz Komputer\PCSpeedUp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] C:\Program Files\Software Informer\softinfo.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2010-10-05 228024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=60 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "E:\Mass Effect\Binaries\MassEffect.exe"="E:\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game" "E:\Mass Effect\MassEffectLauncher.exe"="E:\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Enabled:SDL" "D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP" "C:\Program Files\EliteGunz\EliteGunz.exe"="C:\Program Files\EliteGunz\EliteGunz.exe:*:Enabled:Gunz" "C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\d3679774\counter-strike\hl.exe:*:Enabled:Counter-Strike" "C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp" "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET" "D:\COUNTER STrike NS\hl.exe"="D:\COUNTER STrike NS\hl.exe:*:Enabled:Half-Life Launcher" "D:\The Lord of the Rings Online\lotroclient.exe"="D:\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient" "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3" "C:\flash get\FlashGet\FlashGet3.exe"="C:\flash get\FlashGet\FlashGet3.exe:*:Enabled:Flashget3" "D:\Stronghold 2\Stronghold2.exe"="D:\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2" "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe" "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "D:\Combat Arms EU\NMService.exe"="D:\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core" "C:\Program Files\Activision\Blur(TM)\Blur.exe"="C:\Program Files\Activision\Blur(TM)\Blur.exe:*:Enabled:Blur" "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)" "C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\counter-strike\hl.exe:*:Enabled:Counter-Strike" "C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\pedobear1996\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" ======List of files/folders created in the last 1 months====== 2011-02-21 16:04:17 ----A---- C:\WINDOWS\system32\tsccvid.dll 2011-02-21 16:04:14 ----D---- C:\WINDOWS\system32\QuickTime 2011-02-21 16:03:30 ----D---- C:\Program Files\QuickTime 2011-02-21 16:02:49 ----D---- C:\Program Files\Common Files\TechSmith Shared 2011-02-21 16:02:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith 2011-02-21 16:02:36 ----D---- C:\Program Files\TechSmith 2011-02-21 15:38:46 ----D---- C:\Program Files\NAPI-PROJEKT 2011-02-21 15:38:37 ----A---- C:\WINDOWS\system32\xvidcore.dll 2011-02-21 15:38:37 ----A---- C:\WINDOWS\system32\libFLAC.dll 2011-02-21 15:38:21 ----D---- C:\Program Files\ALLPlayer 2011-02-21 15:29:04 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Sony 2011-02-21 14:14:51 ----D---- C:\Program Files\GetRight 2011-02-21 13:42:50 ----D---- C:\Fraps 2011-02-20 14:28:02 ----D---- C:\Program Files\vbNFSMWMegaTrainer 2011-02-20 14:27:41 ----N---- C:\WINDOWS\Setup1.exe 2011-02-20 14:27:40 ----A---- C:\WINDOWS\ST6UNST.EXE 2011-02-19 14:28:03 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog 2011-02-18 22:16:23 ----RA---- C:\WINDOWS\system32\wmv8dmod.dll 2011-02-18 22:16:21 ----RA---- C:\WINDOWS\system32\mpg4c32.dll 2011-02-18 22:16:08 ----RA---- C:\WINDOWS\713xRMT.exe 2011-02-18 22:16:07 ----RA---- C:\WINDOWS\713xRMTMon.exe 2011-02-18 22:15:49 ----D---- C:\Program Files\honestech 2011-02-18 22:15:21 ----D---- C:\WINDOWS\MyInstall 2011-02-18 22:15:05 ----RA---- C:\WINDOWS\system32\drivers\WDMTuner.sys 2011-02-18 22:14:51 ----RA---- C:\WINDOWS\system32\Prop713x.dll 2011-02-18 22:14:51 ----RA---- C:\WINDOWS\system32\34TVCtrl.dll 2011-02-18 22:14:50 ----RA---- C:\WINDOWS\system32\34API.dll 2011-02-18 22:14:42 ----RA---- C:\WINDOWS\system32\drivers\SAA713x.sys 2011-02-18 22:14:40 ----A---- C:\WINDOWS\system32\vfwwdm32.dll 2011-02-17 21:27:18 ----A---- C:\WINDOWS\nfsc_patch.ini 2011-02-17 11:41:33 ----A---- C:\WINDOWS\IsUninst.exe 2011-02-16 13:19:06 ----SHD---- C:\WINDOWS\ftpcache 2011-02-16 13:12:09 ----A---- C:\WINDOWS\game.ini 2011-02-16 12:51:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\bizarre creations 2011-02-16 12:36:52 ----D---- C:\Program Files\Activision 2011-02-11 20:16:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes 2011-02-11 20:16:29 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2011-02-11 20:16:28 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2011-02-11 20:16:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-02-11 20:16:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2011-02-11 19:19:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Nexon 2011-02-11 16:13:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU 2011-02-11 15:49:00 ----D---- C:\Program Files\SystemRequirementsLab 2011-02-11 15:47:53 ----D---- C:\Nexon 2011-02-11 15:47:53 ----A---- C:\WINDOWS\system32\nxEuUninstall.bat 2011-02-11 15:47:47 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe 2011-02-10 23:41:16 ----D---- C:\rsit 2011-02-10 23:36:12 ----D---- C:\_OTL 2011-02-10 15:31:35 ----D---- C:\WINDOWS\RegisteredPackages 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\psisdecd.dll 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\streamip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\slip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mstee.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\msdv.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\mpe.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys 2011-02-10 15:31:07 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys 2011-02-10 15:31:06 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2011-02-10 15:16:24 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2011-02-10 14:29:16 ----D---- C:\Downloads 2011-02-10 14:23:59 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Free Download Manager 2011-02-10 14:23:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG 2011-02-10 14:23:53 ----D---- C:\Program Files\Free Download Manager 2011-02-10 11:39:10 ----D---- C:\Program Files\jv16 PowerTools 2011 2011-02-10 10:58:51 ----D---- C:\Program Files\Kaspersky Lab 2011-02-10 10:58:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2011-02-10 10:58:43 ----A---- C:\WINDOWS\system32\drivers\klif.sys 2011-02-10 10:57:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2011-02-10 10:46:45 ----HD---- C:\WINDOWS\system32\GroupPolicy 2011-02-09 21:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$ 2011-02-09 21:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$ 2011-02-09 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$ 2011-02-09 21:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$ 2011-02-09 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$ 2011-02-09 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$ 2011-02-09 21:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$ 2011-02-08 11:51:51 ----A---- C:\WINDOWS\wininit.ini 2011-02-08 11:51:12 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe 2011-02-08 02:41:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-02-08 02:41:21 ----D---- C:\Program Files\Common Files\Adobe 2011-02-08 02:41:17 ----D---- C:\Program Files\Adobe 2011-02-08 02:39:27 ----D---- C:\WINDOWS\Cache 2011-02-08 01:14:16 ----D---- C:\Program Files\Windows Sidebar 2011-02-08 01:14:07 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton 2011-02-08 01:13:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller 2011-02-07 22:53:08 ----D---- C:\Program Files\Trend Micro 2011-02-07 22:24:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-02-07 22:24:38 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit 2011-02-07 22:24:35 ----D---- C:\Program Files\DAP 2011-02-07 22:16:07 ----D---- C:\flash get 2011-02-07 22:08:46 ----A---- C:\WINDOWS\libem.INI 2011-02-07 22:08:37 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\BITS 2011-02-07 22:08:36 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGet 2011-02-07 22:08:32 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\FlashGetBHO 2011-01-29 21:55:01 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\facemoods.com 2011-01-29 21:53:46 ----D---- C:\Program Files\JDownloader 2011-01-29 21:45:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\VDownloader 2011-01-29 21:45:27 ----D---- C:\Program Files\WinPcap 2011-01-29 13:06:19 ----N---- C:\WINDOWS\SchedLgU.Txt 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe 2011-01-24 01:43:39 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys 2011-01-24 01:42:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\IObit 2011-01-24 01:42:34 ----D---- C:\Program Files\IObit 2011-01-24 01:29:31 ----D---- C:\Program Files\CCleaner 2011-01-23 17:56:35 ----D---- C:\WINDOWS\system32\URTTEMP 2011-01-22 16:23:39 ----D---- C:\Program Files\Pando Networks ======List of files/folders modified in the last 1 months====== 2011-02-21 22:45:49 ----D---- C:\WINDOWS\Prefetch 2011-02-21 22:45:48 ----D---- C:\WINDOWS 2011-02-21 22:37:16 ----D---- C:\WINDOWS\Temp 2011-02-21 22:28:28 ----D---- C:\WINDOWS\system32\CatRoot2 2011-02-21 22:27:59 ----D---- C:\Program Files\Steam 2011-02-21 19:55:34 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2011-02-21 16:05:55 ----SHD---- C:\WINDOWS\Installer 2011-02-21 16:04:17 ----D---- C:\WINDOWS\system32 2011-02-21 16:03:30 ----RD---- C:\Program Files 2011-02-21 16:02:49 ----D---- C:\Program Files\Common Files 2011-02-21 15:40:19 ----D---- C:\Program Files\Winamp 2011-02-21 14:09:56 ----D---- C:\Program Files\Internet Download Manager 2011-02-21 14:07:56 ----D---- C:\WINDOWS\system32\drivers 2011-02-21 14:07:26 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache 2011-02-21 13:34:22 ----HD---- C:\WINDOWS\inf 2011-02-21 13:34:15 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\IDM 2011-02-18 22:15:52 ----HD---- C:\Program Files\InstallShield Installation Information 2011-02-18 22:15:10 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-02-17 11:19:03 ----D---- C:\WINDOWS\system32\DirectX 2011-02-17 11:19:01 ----RSD---- C:\WINDOWS\assembly 2011-02-16 12:49:24 ----D---- C:\WINDOWS\WinSxS 2011-02-11 21:35:40 ----D---- C:\WINDOWS\Registration 2011-02-11 20:43:04 ----SH---- C:\boot.ini 2011-02-11 20:43:04 ----A---- C:\WINDOWS\win.ini 2011-02-11 20:43:04 ----A---- C:\WINDOWS\system.ini 2011-02-11 20:22:50 ----SHD---- C:\System Volume Information 2011-02-11 20:22:50 ----D---- C:\WINDOWS\system32\Restore 2011-02-11 20:07:55 ----SD---- C:\WINDOWS\Tasks 2011-02-11 15:49:11 ----D---- C:\Program Files\Opera 2011-02-10 12:12:24 ----D---- C:\WINDOWS\system32\config 2011-02-10 11:30:45 ----D---- C:\WINDOWS\Debug 2011-02-10 10:55:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-02-09 21:57:17 ----A---- C:\WINDOWS\system32\MRT.exe 2011-02-09 21:57:08 ----D---- C:\Program Files\Internet Explorer 2011-02-09 21:56:55 ----HD---- C:\WINDOWS\$hf_mig$ 2011-02-08 11:39:47 ----SD---- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft 2011-02-08 02:42:22 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2011-02-08 01:46:39 ----D---- C:\Program Files\Mozilla Firefox 2011-02-07 22:58:48 ----D---- C:\WINDOWS\system32\NtmsData 2011-02-07 22:47:58 ----D---- C:\Program Files\Wolfenstein - Enemy Territory 2011-02-07 22:16:05 ----D---- C:\Program Files\GIMP-2.0 2011-02-06 21:09:10 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2011-02-06 20:15:39 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\skypePM 2011-02-06 18:30:43 ----D---- C:\Documents and Settings\Administrator\Dane aplikacji\gtk-2.0 2011-02-06 18:25:24 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem #2.txt 2011-01-30 13:20:55 ----D---- C:\Program Files\Common Files\InstallShield 2011-01-29 21:45:40 ----D---- C:\Program Files\VDownloader 2011-01-23 17:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-01-22 15:57:24 ----D---- C:\WINDOWS\system32\wbem ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2010-06-09 132184] R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 kl2;kl2; C:\WINDOWS\system32\DRIVERS\kl2.sys [2010-06-09 11352] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-02-10 475736] R2 713xTVCard;SAA7130 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2007-06-29 279552] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704] R2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2007-06-29 25984] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2010-05-07 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-28 12160] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 ahy1yjap;ahy1yjap; C:\WINDOWS\system32\drivers\ahy1yjap.sys [] S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys [2009-01-29 6016] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384] S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [] S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys [2009-06-19 19712] S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys [2009-05-08 42752] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936] S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys [2007-11-02 6400] S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880] S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976] S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-02 365336] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Usługa udostępniania portów Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-06 75136] -----------------EOF----------------- [/log]
Tomek01 komentarz 21 lutego 2011 komentarz 21 lutego 2011 Jeszcze resztki. [code] :Files C:\Program Files\Common Files\AskToolbarInstaller.exe C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog :OTL @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C :Commands [emptytemp][/code] Po tej operacji w OTL użyj funkcji Clean Up.
Gość komentarz 22 lutego 2011 komentarz 22 lutego 2011 (edytowane) [log]All processes killed ========== FILES ========== C:\Program Files\Common Files\AskToolbarInstaller.exe moved successfully. C:\Documents and Settings\Administrator\Dane aplikacji\EurekaLog folder moved successfully. ========== OTL ========== ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:010ADD2C deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 744683 bytes ->Temporary Internet Files folder emptied: 660606 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 136032009 bytes ->Opera cache emptied: 16915821 bytes ->Flash cache emptied: 1314 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 235085 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 147,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02222011_151219 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\klsAFA9.tmp not found! Registry entries deleted on Reboot... [/log] Dzieki za pomoc,problemy zniknely
Tomek01 komentarz 23 lutego 2011 komentarz 23 lutego 2011 Jest ok. W OTL użyj funkcji Clean Up. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.