AveX utworzono 15 marca 2011 utworzono 15 marca 2011 Witam, Bardzo śpieszy mi się z rozwiązaniem problemu - czas mnie goni bo muszę coś wykonac. Ogólnie miałem tylko Ad-Aware jako cokolwiek przeciw wirusom, nigdy zapory nie miałem, żadnego antywirusa, no i generalnie z kompem sie dzieje wszystko - wyłacza się, jakieś błędy, znika samo miejsce na dysku pliki się ukrywają, "administrator" wyłacza menedżer zadań Skan [log] OTL logfile created on: 2011-03-15 20:59:12 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Mam też jeszcze jeden Nie wiem czy to coś da że mam jeszcze taki OTL Extras logfile created on: 2011-03-15 20:57:15 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,46 Gb Free Space | 2,99% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster "57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster "57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster "57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "56795:TCP" = 56795:TCP:*:Enabled:Pando Media Booster "56795:UDP" = 56795:UDP:*:Enabled:Pando Media Booster "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "20490:TCP" = 20490:TCP:*:Enabled:BitComet 20490 TCP "20490:UDP" = 20490:UDP:*:Enabled:BitComet 20490 UDP "25828:TCP" = 25828:TCP:*:Enabled:BitComet 25828 TCP "25828:UDP" = 25828:UDP:*:Enabled:BitComet 25828 UDP "57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster "57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster "7517:TCP" = 7517:TCP:*:Enabled:BitComet 7517 TCP "7517:UDP" = 7517:UDP:*:Enabled:BitComet 7517 UDP "27416:TCP" = 27416:TCP:*:Enabled:BitComet 27416 TCP "27416:UDP" = 27416:UDP:*:Enabled:BitComet 27416 UDP "57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster "57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster "7473:TCP" = 7473:TCP:*:Enabled:BitComet 7473 TCP "7473:UDP" = 7473:UDP:*:Enabled:BitComet 7473 UDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System -- ( ) "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe" = C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor -- () "C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio -- () "C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader "C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe" = C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software -- () "C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- () "C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe" = C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe:*:Enabled: "C:\WINDOWS\system32\lxdecfg.exe" = C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System -- ( ) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- () "C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- () "C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- () "C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade -- (IGN Entertainment Inc.) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- () "C:\Program Files\Xfire\xfire.exe" = C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "D:\Program Files\Gpotato\Flyff\Flyff.exe" = D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff -- () "C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.) "C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks) "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks) "E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- () "E:\Program Files\Cyanide\GameCenter\GameCenter.exe" = E:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter "E:\Program Files\Cyanide\Loki\Loki.exe" = E:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki "E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe" = E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe:*:Enabled:Loki - AutoRun "C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm" = C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm:Enabled:GameExe2 "C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe" = C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\GW Movie Arts\Combat Arms EU\NMService.exe" = E:\GW Movie Arts\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com) "C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe" = C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Więzy Krwi "E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe" = E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Character Creator "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "D:\Program Files\Dragon Age\bin_ship\daorigins.exe" = D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "D:\Program Files\Dragon Age\DAOriginsLauncher.exe" = D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "C:\Program Files\WarRock\WRLauncher.exe" = C:\Program Files\WarRock\WRLauncher.exe:*:Enabled:War Rock "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies) "E:\Program Files\Far Cry 2\bin\FarCry2.exe" = E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "E:\Program Files\Far Cry 2\bin\FC2Launcher.exe" = E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "E:\Program Files\Far Cry 2\bin\FC2Editor.exe" = E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment) "E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer "E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- () "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- () "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH) "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- () "C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- () "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Documents and Settings\start\Pulpit\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- () "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe:*:C:\WINDOWS\microsoft.exe "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe:*:C:\WINDOWS\microsoft.exe [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock "{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{049d411d-6564-4638-96d2-41a27817a181}" = Nero 9 Essentials "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{0D8E15E1-350B-4DF5-8D76-58E429157458}" = Lineage "{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17 "{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0 "{17145977-D875-4B1D-942F-9E5930823E02}_is1" = Gods - Kraina Nieskończoności "{17D60B8C-927A-06CE-9AC5-B1949964EF15}" = Catalyst Control Center Core Implementation "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7 "{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = Spellforce 2 - Czas Mrocznych Wojen "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{21BB0483-3D43-46A7-A63F-72C702701438}" = GameShadow "{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11 "{285139D9-633F-4674-8FA3-DB94B356FA82}_is1" = Mafia Tycoon "{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver "{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio "{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.3 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser "{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II "{46301B1E-8962-4672-B5A2-0636BA3C48F4}" = Melodyne 3.2 Demo "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1" = Wru! 1.0.4 "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Trust Webcam 14823 "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010 "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher "{66BA35B0-1911-47EF-B170-1DCFFDA362F1}" = AmpliTube Jimi Hendrix "{674FD2DC-B87D-D5B4-AF07-73AE91974301}" = Catalyst Control Center HydraVision Full "{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1" = Moyea Flash Video MX Pro Version: 5.0.9.0 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver "{7ADFF9AF-B9D8-FC53-0377-AFDDCBE8929E}" = Catalyst Control Center Graphics Full New "{7D979C05-1742-1AE1-E61A-25A33449AF44}" = Catalyst Control Center Graphics Previews Common "{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2 "{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0520.1 "{828B0E1B-C6B0-42E5-B2A3-C50E7820C077}" = IPSwitcher Basic "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8396DF41-E71D-7170-A03A-A0A2D8633B57}" = Catalyst Control Center Graphics Full Existing "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{93543036-BAD7-4B53-B45E-306B21202727}" = Piraci Nowego Świata 2 - Dwa skarby "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9811DA63-C6B4-426E-859E-12A2393DDB31}" = LanSpeed2 v3.0.7 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C6F9C01-FE98-90B4-36BD-5CCC4A8A1AA8}" = ccc-core-preinstall "{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}" = AmpliTube Metal "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B6685367-A8AD-4414-A2A3-10B40EC5CF30}" = SharpKeys "{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.8.7 "{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BF605A48-663D-AA9A-F128-95ED7F2C6413}" = Skins "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C28FC5E5-86EE-B4B5-044A-E484E78F9C7B}" = CCC Help English "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio "{C6752201-DC16-C30F-478C-36EC595BEFDB}" = ccc-core-static "{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2 "{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4 "{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}" = AmpliTube2 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX "{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0 "{D0A85D80-425F-CBB2-B35A-69EFD283DF39}" = ccc-utility "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D52D5D70-6F8F-4690-8559-18D5EAC8B19F}" = XIII "{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA "{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64 "{E397F6F0-AEE4-4236-BB05-1351350F8365}" = War Rock "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{E5CFDA19-A86E-4276-AB8E-5165E2FC98B8}" = Hero_Online "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EC9A0711-9823-4DD2-83C4-039886A3ECF6}" = Melodyne 3.2 Demo "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = StarCam Sports Football 300K "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam "{F7D689BA-E7DE-4727-9F8D-936B6C30A53A}" = Rapidshare Auto Downloader 3.6.2 "{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1" = Call of Juarez SP Demo "{FE6FD041-F8D2-1323-178C-7C71C1980C51}" = Catalyst Control Center Graphics Light "{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Acoustica Beatcraft" = Acoustica Beatcraft "Acoustica Effects Pack" = Acoustica Effects Pack "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AirRivals_EN_is1" = AirRivals_EN 1.0.0.35 "Aiseesoft DVD to MP4 Converter_is1" = Aiseesoft DVD to MP4 Converter "All ATI Software" = ATI - Software Uninstall Utility "Any Video Converter_is1" = Any Video Converter 3.1.7 "AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02 "AP Tuner 3.08" = AP Tuner 3.08 "AQQ" = WapSter AQQ "Arial Sound Recorder_is1" = Arial Sound Recorder version 1.7.5 "ASIO4ALL" = ASIO4ALL "ATI Display Driver" = ATI Display Driver "Audacity_is1" = Audacity 1.2.6 "AV Voice Changer Software 3.0" = AV Voice Changer Software 3.0 "AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0 "AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0 "AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0 "Avidemux 2.5" = Avidemux 2.5 "AviSynth" = AviSynth 2.5 "BitComet" = BitComet 1.22 "BrainWave Generator" = BrainWave Generator "CasinoEuroPoker" = CasinoEuroPoker (remove only) "CDex" = CDex extraction audio "cFosSpeed" = cFosSpeed v5.12 "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Combat Arms EU" = Combat Arms EU "conduitEngine" = Conduit Engine "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32 "Cpukiller3_is1" = Cpukiller3 v1.0.5 "CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1 "Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.1.2.43 "DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3 "Drumtronic" = Drumtronic "DVD To AVI Converter_is1" = DVD To AVI Converter 1.00 "E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1) "EarMaster Essential 5_is1" = EarMaster Essential 5 "Easy Video Splitter_is1" = Easy Video Splitter 1.28 "easyCALL_is1" = easyCALL "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "ESET Online Scanner" = ESET Online Scanner v3 "ET3DEMO" = English Translator 3 Demo "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "ExpressBurn" = Express Burn "ExpressRip" = Express Rip "F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3) "FlightGear_is1" = FlightGear v0.9.10 "Fraps" = Fraps (remove only) "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Booster_is1" = Game Booster "GameCenter" = GameCenter "GamersFirst LIVE!" = GamersFirst LIVE! "GamersFirst War Rock" = War Rock "GameTracker Lite" = GameTracker Lite "Gates of Troy_is1" = Gates of Troy "Guild Wars" = Guild Wars "Guitar FX BOX 2.8" = Guitar FX BOX 2.8 "Guitar Pro 5_is1" = Guitar Pro 5.2 "GuitarSpeedTrainer_is1" = GST 2.3.8.4 "Gunz" = ijji - Gunz "Hamachi" = Hamachi 1.0.2.5 "Hitman: Kontrakty" = Hitman: Kontrakty "Hydrogen" = Hydrogen "Icy Tower v1.3.1_is1" = Icy Tower v1.3.1 "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam "InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi "Internet Download Manager" = Internet Download Manager "ipla" = ipla 2.2 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "KeyFinder_is1" = Magical Jelly Bean KeyFinder "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Lexmark 4800 Series" = Lexmark 4800 Series "Lexmark Fax Solutions" = Oprogramowanie faksowe Lexmark "Line 6 Uninstaller" = Line 6 Uninstaller "Lineage 2 Frintezza Full" = Lineage 2 Frintezza Full 1.2 "Loki_is1" = Loki "Magic Mirror_is1" = Magic Mirror 3.0 "Magic Video Batch Converter_is1" = Magic Video Batch Converter 3.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser "MojDzwonek.com" = MojDzwonek.com - konwerter dzwonków TrueTone "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "MP3 CD Doctor Lite_is1" = MP3 CD Doctor "MP3 Encoder" = LS MP3 Encoder "MPEG4 Direct Maker" = MPEG4 Direct Maker "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MyWebSearch bar Uninstall" = My Web Search (Smiley Central) "Native Instruments Controller Editor" = Native Instruments Controller Editor "Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3 "Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4 "Native Instruments Guitar Rig Session IO Driver" = Native Instruments Guitar Rig Session IO Driver "Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver "Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver "Native Instruments Service Center" = Native Instruments Service Center "Native Instruments Session IO Driver" = Native Instruments Session IO Driver "Neffy" = Neffy 1,3,29,0 "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "Nero7Lite_is1" = Nero 7 Lite 7.10.1.0 "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Orb" = Winamp Remote "Pacific Warriors" = Pacific Warriors "PingPlotter Standard" = PingPlotter Standard 3.30.1s "Pool of Radiance" = Pool of Radiance "Postal 2 Demo" = Postal 2 Demo "Postal 2 Share The Pain" = Postal 2 Share The Pain "Postal 2 STP - Free Multiplayer Edition" = Postal 2 STP - Free Multiplayer Edition "Przyspiesz Komputer_is1" = Przyspiesz Komputer "PunkBusterSvc" = PunkBuster Services "QuickPar" = QuickPar 0.9 "rayman2" = rayman2 "RealPlayer 6.0" = RealPlayer "REAPER" = REAPER "ReValver" = ReValver "ReValver Mk II_is1" = ReValver Mk II "Rohan_USA" = Rohan_USA "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SeaDogs" = SeaDogs "SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only) "Silkroad" = Silkroad "SkanerOnline" = Skaner on-line mks_vir "SMS Pilot_is1" = SMS Pilot 1.06 build 003 "SnadBoy's Revelation v2" = SnadBoy's Revelation v2 "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Spartan_is1" = Spartan "SpeedBit Video Accelerator" = SpeedBit Video Accelerator "SpeedBit Video Downloader" = SpeedBit Video Downloader "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 630" = Alien Swarm "Tactical Ops" = Tactical Ops "TallStick TS-AudioToMIDI 3.30" = TallStick TS-AudioToMIDI 3.30 (remove only) "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Tengwar Scribe" = Tengwar Scribe "The Witcher - Doppler's Essence Mod_is1" = EoD ver 1.0.0.0 "Tibia_is1" = Tibia "Tomb Raider: Underworld Demo" = Tomb Raider: Underworld Demo 1.0 "Tunatic" = Tunatic "Ultra MP4 Video Converter_is1" = Ultra MP4 Video Converter 5.2.0603 "Videora iPod Converter" = Videora iPod Converter 4.07 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VS Online_is1" = VS Online 1.54 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WheelMouse" = Smart-X7 7.80 "WIC" = Windows Imaging Component "Winamp Toolbar" = Winamp Toolbar "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinGimp-2.0_is1" = GIMP 2.4.1 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "Xfire" = Xfire (remove only) "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "YouTube Downloader App" = YouTube Downloader App 1.02 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "2a4f70b48f669acd" = AA3Deploy "BitTorrent" = BitTorrent 6.0 "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome "TeamSpeak 3 Client" = TeamSpeak 3 Client "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. [ System Events ] Error - 2011-03-13 17:07:22 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa COM nagrywania dysków CD IMAPI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-13 17:17:30 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-13 17:42:37 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023 Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-03-13 17:47:20 | Computer Name = SUKINSYNA | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 10.10.0.2 dla karty sieciowej o adresie 001FD0890F66 został zabroniony przez serwer DHCP 10.10.0.1 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-03-13 17:51:42 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa McAfee Security Scan Component Host Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023 Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi My Web Search Service z powodu następującego błędu: %%2 Error - 2011-03-15 15:23:24 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-15 15:53:02 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Fips intelppm StarOpen Error - 2011-03-15 15:53:08 | Computer Name = SUKINSYNA | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} < End of report > Pozdrawiam, licze na szybką pomoc. Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,46 Gb Free Space | 2,99% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe PRC - [2010-04-02 01:39:57 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-06-29 15:26:55 | 000,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer) SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService) SRV - [2010-09-02 21:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService) SRV - [2010-05-31 12:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Stopped] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-04-27 23:33:00 | 003,547,376 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2010-03-11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-26 17:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009-12-13 21:03:04 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Stopped] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService) SRV - [2009-07-26 06:43:14 | 000,025,832 | -H-- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-02-26 13:09:14 | 001,547,264 | ---- | M] (ClanServers Hosting LLC) [Auto | Stopped] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service) SRV - [2008-05-13 17:07:24 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdecoms.exe -- (lxde_device) SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe -- (lxdeCATSCustConnectService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-03-15 20:23:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-09-10 18:54:14 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2010-08-24 01:49:24 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-05-31 12:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed) DRV - [2009-05-24 15:24:56 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009-03-16 22:33:02 | 003,597,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-11-08 10:44:31 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008-11-08 10:44:30 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-07 12:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-10 11:52:20 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2) DRV - [2008-01-03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-11-14 20:48:20 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2007-05-14 22:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-05-14 22:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi) DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-05-03 14:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd) DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2005-06-22 16:09:56 | 000,498,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2003-09-19 14:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2002-12-09 15:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - File not found IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59333 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 59333 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-11-29 21:48:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-10-20 21:48:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2011-03-13 23:37:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-18 20:46:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-18 20:51:11 | 000,000,000 | ---D | M] [2008-12-02 21:10:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Extensions [2011-03-14 09:53:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions [2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-09-02 15:10:53 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-19 20:01:50 | 000,000,000 | -H-D | M] (kikin plugin (JDownloader Edition)) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (BitComet Video Downloader) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash [2010-12-01 22:30:41 | 000,000,000 | -H-D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} [2009-11-16 12:23:28 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar [2010-03-09 21:29:41 | 000,000,000 | -H-D | M] (Zrzuta.eu) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\zrzuta.eu@gmail.com [2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml [2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml [2011-03-14 09:53:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009-01-11 00:19:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-10-20 21:48:05 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC [2008-11-29 21:48:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-01-19 22:23:28 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2009-07-22 16:31:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-03-30 11:42:24 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-03-30 11:42:24 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-03-30 11:42:24 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-03-30 11:42:24 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-03-30 11:42:24 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-08-25 18:57:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - File not found O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKCU\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe () O4 - HKLM..\Run: [lxdeamon] C:\Program Files\Lexmark 4800 Series\lxdeamon.exe () O4 - HKLM..\Run: [lxdemon.exe] C:\Program Files\Lexmark 4800 Series\lxdemon.exe () O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software) O4 - HKLM..\Run: [My Web Search Bar] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKLM..\Run: [Regedit32] File not found O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe () O4 - HKCU..\Run: [Adobe ARP] C:\WINDOWS\System32\adobearp.exe (Eltgk Software) O4 - HKCU..\Run: [Client Thailanddds] File not found O4 - HKCU..\Run: [Driver Updater] File not found O4 - HKCU..\Run: [Eraser] File not found O4 - HKCU..\Run: [Flwgwl] C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe (Laupd Software) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [JP595IR86O] File not found O4 - HKCU..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKCU..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKCU..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.) F3 - HKCU WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: Microsoft Driver Setup = C:\WINDOWS\microsoft.exe (Kxcesobjn Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - File not found O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe () O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001-10-26 18:12:38 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-03-15 20:56:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe [2011-03-15 20:46:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\start\Recent [2011-03-15 20:45:27 | 000,032,904 | ---- | C] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe [2011-03-15 20:32:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Menu Start\Programy\Windows Diagnostic [2011-03-15 20:30:26 | 000,084,992 | ---- | C] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe [2011-03-15 10:48:35 | 000,573,440 | ---- | C] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-13 22:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011-03-13 20:23:23 | 000,000,000 | ---D | C] -- C:\videooutput [2011-03-13 20:23:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software [2011-03-13 20:21:06 | 004,130,372 | -H-- | C] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe [2011-03-13 20:12:16 | 009,909,254 | -H-- | C] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe [2011-03-13 02:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-03-11 18:09:29 | 000,060,416 | RHS- | C] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe [2011-03-09 06:30:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\The Rolling Stones [2011-03-06 17:51:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style _data [2011-02-25 22:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2011-02-25 22:21:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus [2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2011-02-24 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2011-02-24 21:46:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YouTube Downloader [2011-02-24 21:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader [2011-02-20 00:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Zeallsoft [2011-02-20 00:46:55 | 003,409,741 | -H-- | C] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe [2011-02-20 00:44:06 | 008,161,357 | -H-- | C] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe [2011-02-18 19:32:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cool Edit Pro 2.0 [2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll [2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll [2010-05-17 20:22:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll [2010-05-17 19:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2010-05-17 19:41:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2010-05-17 19:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2008-09-29 19:42:23 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeserv.dll [2008-09-29 19:42:23 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeusb1.dll [2008-09-29 19:42:23 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehcp.dll [2008-09-29 19:42:23 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeinpa.dll [2008-09-29 19:42:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeiesc.dll [2008-09-29 19:42:22 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdepmui.dll [2008-09-29 19:42:22 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdelmpm.dll [2008-09-29 19:42:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeih.exe [2008-09-29 19:42:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeprox.dll [2008-09-29 19:42:21 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehbn3.dll [2008-09-29 19:42:21 | 000,598,960 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecoms.exe [2008-09-29 19:42:20 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomc.dll [2008-09-29 19:42:20 | 000,365,488 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecfg.exe [2008-09-29 19:42:20 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomm.dll [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe [2011-03-15 20:52:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-15 20:45:22 | 000,032,904 | ---- | M] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe [2011-03-15 20:42:45 | 002,396,960 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe [2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-03-15 20:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-03-15 20:32:50 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r [2011-03-15 20:32:50 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460 [2011-03-15 20:32:36 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk [2011-03-15 20:32:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460 [2011-03-15 20:32:30 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe [2011-03-15 20:30:14 | 000,084,992 | ---- | M] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe [2011-03-15 20:23:37 | 000,003,968 | RHS- | M] () -- C:\WINDOWS\wibrf.jpg [2011-03-15 20:23:37 | 000,003,416 | RHS- | M] () -- C:\WINDOWS\wiybr.png [2011-03-15 20:23:27 | 000,573,440 | ---- | M] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-15 20:23:00 | 000,173,776 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2011-03-15 20:22:57 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\yyki.job [2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-03-15 20:22:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-15 19:40:31 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020 [2011-03-15 19:40:16 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020 [2011-03-15 19:40:15 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe [2011-03-15 18:51:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job [2011-03-15 17:52:55 | 000,010,698 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398 [2011-03-15 13:51:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe [2011-03-14 20:08:45 | 000,140,288 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-14 17:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-03-14 06:57:14 | 000,015,468 | ---- | M] () -- C:\WINDOWS\cdplayer.ini [2011-03-14 06:57:09 | 004,832,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3 [2011-03-14 06:57:08 | 002,224,079 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3 [2011-03-14 06:57:08 | 001,229,095 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3 [2011-03-13 22:48:09 | 000,060,416 | RHS- | M] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe [2011-03-13 21:56:28 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf [2011-03-13 20:23:21 | 000,000,691 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk [2011-03-13 20:23:04 | 004,130,372 | -H-- | M] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe [2011-03-13 20:19:10 | 010,980,832 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe [2011-03-13 20:14:17 | 009,909,254 | -H-- | M] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe [2011-03-13 11:30:51 | 008,273,459 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3 [2011-03-13 10:30:46 | 000,069,714 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg [2011-03-12 15:58:24 | 000,030,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wcscd.sys [2011-03-12 15:58:02 | 000,032,256 | -H-- | M] () -- C:\Documents and Settings\start\wuaucldt.exe [2011-03-12 15:58:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe [2011-03-11 18:42:31 | 000,098,201 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg [2011-03-10 18:13:13 | 000,048,166 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg [2011-03-07 17:50:13 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk [2011-03-07 17:50:13 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk [2011-03-07 17:48:56 | 019,230,558 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG [2011-03-06 18:40:22 | 174,795,761 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG [2011-03-06 18:08:46 | 028,865,883 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv [2011-03-06 18:03:49 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-06 17:51:03 | 000,065,794 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup [2011-03-03 09:20:20 | 000,002,384 | ---- | M] () -- C:\WINDOWS\ndl.dl [2011-02-28 20:53:19 | 000,070,358 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg [2011-02-26 02:15:39 | 002,972,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3 [2011-02-26 00:58:20 | 061,666,604 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\waw2.wav [2011-02-26 00:42:21 | 096,454,700 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\shot.wav [2011-02-25 22:21:28 | 000,001,801 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2011-02-25 21:53:04 | 005,282,168 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3 [2011-02-24 21:46:32 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk [2011-02-24 21:46:04 | 004,698,191 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe [2011-02-21 22:55:02 | 004,112,020 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\angie.mp3 [2011-02-21 22:48:57 | 074,502,956 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\an.wav [2011-02-20 18:39:15 | 020,596,321 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv [2011-02-20 18:27:05 | 005,112,520 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3 [2011-02-20 18:22:46 | 121,186,073 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG [2011-02-20 12:26:13 | 004,657,869 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3 [2011-02-20 12:19:17 | 084,186,284 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin.wav [2011-02-20 12:03:12 | 004,661,124 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3 [2011-02-20 00:53:10 | 000,009,442 | -H-- | M] () -- C:\Documents and Settings\start\Moje dokumenty\skanuj0001.jpg [2011-02-20 00:47:25 | 000,000,961 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk [2011-02-20 00:47:25 | 000,000,893 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk [2011-02-20 00:47:18 | 003,409,741 | -H-- | M] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe [2011-02-20 00:44:06 | 008,161,357 | -H-- | M] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe [2011-02-19 16:50:00 | 000,984,003 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3 [2011-02-18 21:10:30 | 000,988,499 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3 [2011-02-18 19:32:23 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx [2011-02-18 19:32:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk [2011-02-18 18:56:48 | 002,320,812 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3 [2011-02-16 22:51:55 | 000,002,281 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\2152.rtf [2011-02-15 00:28:05 | 005,795,550 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3 [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-15 20:41:00 | 002,396,960 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe [2011-03-15 20:32:50 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r [2011-03-15 20:32:50 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460 [2011-03-15 20:32:36 | 000,000,807 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk [2011-03-15 20:32:32 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460 [2011-03-15 20:32:30 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe [2011-03-15 19:40:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020 [2011-03-15 19:40:16 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020 [2011-03-15 19:40:15 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe [2011-03-14 06:51:05 | 004,832,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3 [2011-03-13 21:56:24 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf [2011-03-13 20:23:21 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2011-03-13 20:23:21 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-03-13 20:23:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-03-13 20:23:21 | 000,000,691 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk [2011-03-13 20:13:38 | 010,980,832 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe [2011-03-13 13:52:03 | 002,224,079 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3 [2011-03-13 13:46:46 | 001,229,095 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3 [2011-03-13 11:28:00 | 008,273,459 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3 [2011-03-13 10:30:46 | 000,069,714 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg [2011-03-12 15:58:24 | 000,030,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wcscd.sys [2011-03-12 15:58:02 | 000,032,256 | -H-- | C] () -- C:\Documents and Settings\start\wuaucldt.exe [2011-03-12 15:58:02 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe [2011-03-12 14:57:35 | 000,172,032 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe [2011-03-12 14:57:07 | 000,010,698 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398 [2011-03-11 18:42:30 | 000,098,201 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg [2011-03-10 18:13:12 | 000,048,166 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg [2011-03-07 18:59:29 | 019,230,558 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG [2011-03-07 17:50:13 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk [2011-03-06 18:04:12 | 028,865,883 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv [2011-03-06 17:51:03 | 000,065,794 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup [2011-03-06 17:50:55 | 174,795,761 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG [2011-03-03 09:20:20 | 000,003,968 | RHS- | C] () -- C:\WINDOWS\wibrf.jpg [2011-03-03 09:20:20 | 000,003,416 | RHS- | C] () -- C:\WINDOWS\wiybr.png [2011-03-03 09:20:20 | 000,002,384 | ---- | C] () -- C:\WINDOWS\ndl.dl [2011-02-28 20:53:19 | 000,070,358 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg [2011-02-26 01:50:57 | 002,972,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3 [2011-02-26 00:58:57 | 061,666,604 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\waw2.wav [2011-02-25 21:51:12 | 005,282,168 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3 [2011-02-24 21:46:36 | 000,001,801 | -H-- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2011-02-24 21:46:32 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk [2011-02-24 21:44:46 | 004,698,191 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe [2011-02-21 22:49:02 | 074,502,956 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\an.wav [2011-02-21 22:20:26 | 004,112,020 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\angie.mp3 [2011-02-20 18:36:04 | 020,596,321 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv [2011-02-20 18:26:51 | 005,112,520 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3 [2011-02-20 17:48:19 | 096,454,700 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\shot.wav [2011-02-20 17:29:08 | 121,186,073 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG [2011-02-20 12:25:46 | 004,657,869 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3 [2011-02-20 12:19:26 | 084,186,284 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin.wav [2011-02-20 12:03:11 | 004,661,124 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3 [2011-02-20 00:47:25 | 000,000,961 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk [2011-02-20 00:47:25 | 000,000,893 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk [2011-02-19 16:49:52 | 000,984,003 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3 [2011-02-18 21:10:26 | 000,988,499 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3 [2011-02-18 19:32:23 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx [2011-02-18 19:32:21 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk [2011-02-18 18:55:48 | 002,320,812 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3 [2011-02-16 22:51:55 | 000,002,281 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\2152.rtf [2011-02-15 00:27:30 | 005,795,550 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3 [2011-01-09 15:48:34 | 000,074,240 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe [2010-12-04 20:19:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll [2010-12-03 12:04:21 | 000,115,712 | RHS- | C] () -- C:\WINDOWS\System32\wship6C.dll [2010-11-18 21:39:53 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-11-18 21:05:11 | 000,000,193 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter.ini [2010-11-18 20:58:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysDVDtoavi.dat [2010-11-18 20:58:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2010-11-18 20:58:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll [2010-11-18 20:58:56 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll [2010-11-18 20:52:09 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2010-11-18 20:52:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\2ABE404A5B.sys [2010-09-21 14:42:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-08-26 23:36:01 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg [2010-08-26 23:36:00 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll [2010-08-26 23:36:00 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll [2010-08-26 23:36:00 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll [2010-08-26 23:35:59 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-08-26 23:35:59 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe [2010-08-26 23:35:59 | 000,002,917 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat [2010-08-26 22:31:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-08-25 17:48:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-08-25 17:48:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-08-25 17:48:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-08-25 17:48:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-08-25 17:48:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-08-12 20:41:34 | 000,492,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-08-02 13:03:03 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2010-07-31 10:29:02 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-07-26 10:34:34 | 000,175,616 | ---- | C] () -- C:\WINDOWS\Kneqoa.exe [2010-05-18 14:23:24 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe [2010-05-17 20:22:33 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe [2010-05-17 20:22:33 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini [2010-05-17 20:22:31 | 000,390,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys [2010-05-17 20:22:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe [2010-05-17 19:41:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2010-05-17 19:41:50 | 000,498,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys [2010-05-17 19:41:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe [2009-12-20 22:01:34 | 000,000,080 | ---- | C] () -- C:\WINDOWS\msocreg32.dat [2009-12-02 18:35:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2009-11-17 10:39:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2009-09-27 16:50:38 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-08-10 17:28:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini [2009-07-26 22:14:16 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2009-06-18 18:43:43 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll [2009-06-18 18:43:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll [2009-05-24 15:30:46 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2009-04-08 12:15:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-04-08 12:15:29 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-04-08 12:15:24 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-04-05 19:44:22 | 000,001,824 | ---- | C] () -- C:\WINDOWS\TSearch.INI [2009-04-05 15:12:48 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(2).exe [2009-03-27 16:10:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-03-27 16:08:42 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-03-06 14:13:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\system87sG.dat [2009-02-11 01:13:00 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009-02-02 20:59:56 | 000,000,030 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009-01-27 20:49:21 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys [2009-01-18 19:55:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008-12-02 20:24:22 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\rtl4.dat [2008-11-29 22:26:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008-11-29 22:26:15 | 000,015,468 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008-11-10 23:06:41 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2008-11-10 20:41:12 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-11-08 11:03:24 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2008-11-08 10:44:31 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-11-08 10:44:30 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-10-16 11:08:31 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-09-30 15:28:32 | 000,140,288 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-09-29 19:44:57 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdecoin.dll [2008-09-29 19:44:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdevs.dll [2008-09-29 19:44:26 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdedrs.dll [2008-09-29 19:44:26 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdecaps.dll [2008-09-29 19:44:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdecnv4.dll [2008-09-29 19:44:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL [2008-09-29 19:44:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll [2008-09-29 19:44:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL [2008-09-29 19:44:05 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL [2008-09-29 19:42:36 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxderwrd.ini [2008-09-29 19:42:24 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdeinst.dll [2008-09-29 19:42:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdegrd.dll [2008-09-29 08:04:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2008-09-29 07:59:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2008-09-29 07:59:04 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2008-09-29 07:59:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2008-09-29 07:59:02 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2008-09-29 07:59:02 | 000,184,394 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2008-09-27 14:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008-09-27 14:26:27 | 000,204,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008-09-27 12:54:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2008-09-27 12:41:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008-09-27 12:38:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007-08-21 22:51:16 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2007-08-21 20:36:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2005-02-24 11:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys [2005-01-25 14:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL [2004-11-22 12:48:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\98Setup.exe [2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-03-17 18:15:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\smp32.dll [2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001-10-26 15:15:16 | 000,581,058 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 15:15:16 | 000,118,932 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-10-26 14:45:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL [2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 20:30:24 | 000,516,814 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 20:30:22 | 000,094,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2009-09-13 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient [2010-06-02 17:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-12-24 22:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2010-05-06 18:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Celemony Software GmbH [2010-05-06 12:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EarMaster [2008-11-10 21:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-09-01 13:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-12-20 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IK Multimedia [2009-10-20 21:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-09-21 14:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-30 09:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LxThumbs [2010-07-26 10:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments [2010-05-27 06:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound [2009-08-23 07:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2009-01-20 20:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2009-10-20 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-03-07 17:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-12-12 21:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Psicraft [2010-02-18 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-07-26 23:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2008-11-30 10:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2010-12-02 23:35:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{20EFD19B-675C-417B-A498-B0161D72FF88} [2010-12-03 17:50:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4F32CAF7-963B-404D-BF13-C48BA3F5F6A7} [2009-05-24 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2010-12-03 17:49:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{AC46DC4F-66BD-4733-A8B4-0B69418C12D0} [2010-12-02 23:33:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{B5F0C192-874D-49A8-88D7-8431E3714756} [2010-12-03 17:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D69A48BF-7653-4AA8-94BC-5847522A4573} [2010-12-03 17:48:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{EC98E512-708C-4C3B-9F07-B58768C1DD8A} [2010-12-30 15:01:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\AnvSoft [2010-11-30 21:03:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\avidemux [2011-03-13 21:41:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitComet [2008-11-30 20:59:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitTorrent [2010-10-13 17:45:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DMCache [2010-10-17 11:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DNA [2008-11-12 21:04:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu [2010-09-01 13:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu 10 [2009-11-17 04:04:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\GetRightToGo [2009-12-12 22:58:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\gtk-2.0 [2010-06-20 12:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\kikin [2008-11-20 19:21:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Lexmark Productivity Studio [2010-01-05 20:38:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Line 6 [2009-10-31 14:54:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nokia [2009-09-04 19:38:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu [2010-12-14 18:10:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\OpenCandy [2009-10-20 22:03:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PC Suite [2011-01-22 00:37:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong [2009-07-26 23:19:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Publish Providers [2009-10-04 18:02:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\REAPER [2009-04-11 09:35:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Red Kawa [2009-03-27 16:12:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Samsung [2009-07-26 23:18:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony [2009-07-26 22:50:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony Setup [2011-01-17 21:12:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Teeworlds [2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job [2010-06-01 20:07:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDaysInit.job [2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job [2010-05-30 07:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job [2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job [2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\Tasks\yyki.job [2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log] [color="#0000FF"]//wstawiam w tagi //Tom01[/color]
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Jakby Ci się spieszyło to zaoszczędziłbyś mój czas i wstawił logi w odpowiednie tag oraz wrzuciłbyś drugi obowiązkowy log z RSIT. Komputer masz mocno zawirusowany. W razie czego wykona obraz partycji systemowej: [url="http://forum.pcformat.pl/Po-uruchomieniu-Combofix-system-nie-startuje-t"]KLIK[/url] Pokaż log powstały po skanowaniu Combofix'a.
AveX komentarz 16 marca 2011 Autor komentarz 16 marca 2011 (edytowane) [log] ComboFix 11-03-16.01 - start 2011-03-16 20:12:55.2.2 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2046.1606 [GMT 1:00] Uruchomiony z: c:\documents and settings\start\Pulpit\ComboFix.exe . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Dane aplikacji\13492020.exe c:\documents and settings\All Users\Dane aplikacji\15064884.exe c:\documents and settings\All Users\Dane aplikacji\16113460.exe c:\documents and settings\start\Dane aplikacji\dwm.exe c:\documents and settings\start\Dane aplikacji\Microsoft\conhost.exe c:\documents and settings\start\Dane aplikacji\PriceGong c:\documents and settings\start\Dane aplikacji\PriceGong\Data\1.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\a.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\b.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\c.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\d.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\e.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\f.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\g.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\h.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\i.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\J.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\k.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\l.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\m.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\mru.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\n.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\o.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\p.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\q.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\r.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\s.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\t.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\u.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\v.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\w.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\x.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\y.xml c:\documents and settings\start\Dane aplikacji\PriceGong\Data\z.xml c:\documents and settings\start\wuaucldt.exe c:\program files\FunWebProducts c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF c:\program files\MyWebSearch\bar\1.bin\M3FFtbpr.dll c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Cache\00126C7D c:\program files\MyWebSearch\bar\Cache\03D7DFD3.exe c:\program files\MyWebSearch\bar\Cache\07E53D03.bmp c:\program files\MyWebSearch\bar\Cache\0A6FCF37.bin c:\program files\MyWebSearch\bar\Cache\0A6FF7FC.bin c:\program files\MyWebSearch\bar\Cache\0A6FF8A8.bin c:\program files\MyWebSearch\bar\Cache\0A6FF915.bin c:\program files\MyWebSearch\bar\Cache\files.ini c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\History\search3 c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\windows\log32.txt c:\windows\Microsoft.exe c:\windows\ndl.dl c:\windows\nvsvc32.exe c:\windows\system32\adobearp.exe c:\windows\system32\drivers\wcscd.sys c:\windows\system32\f3PSSavr.scr c:\windows\system32\wuaucldt.exe c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job c:\windows\wibrf.jpg c:\windows\wiybr.png . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_CDFSS -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_WCSCD -------\Service_cdfss -------\Service_MyWebSearchService -------\Service_wcscd . . ((((((((((((((((((((((((( Pliki utworzone od 2011-02-16 do 2011-03-16 ))))))))))))))))))))))))))))))) . . 2011-03-15 20:32 . 2011-03-16 19:08 -------- d-----w- c:\program files\trend micro 2011-03-15 20:32 . 2011-03-15 20:32 -------- d-----w- C:\rsit 2011-03-15 20:31 . 2011-03-15 20:31 -------- d-----w- C:\_OTL 2011-03-15 09:48 . 2011-03-15 19:23 573440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe 2011-03-13 21:57 . 2011-03-13 21:57 -------- d-----w- c:\program files\ESET 2011-03-13 19:23 . 2011-03-13 19:23 -------- d-----w- C:\videooutput 2011-03-13 19:23 . 2009-06-04 12:17 8676883 ----a-w- c:\windows\system32\NCMedia2.dll 2011-03-13 19:23 . 2009-05-19 17:32 758018 ----a-w- c:\windows\system32\xvidcore.dll 2011-03-13 19:23 . 2008-12-04 20:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2011-03-13 01:35 . 2011-03-13 01:35 -------- d-----w- c:\program files\Common Files\Skype 2011-02-25 21:22 . 2011-02-25 21:22 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\McAfee 2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee 2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee Security Scan 2011-02-24 20:46 . 2011-02-25 21:21 -------- d-----w- c:\program files\McAfee Security Scan 2011-02-24 20:46 . 2011-02-24 20:46 -------- d-----w- c:\program files\YouTube Downloader 2011-02-19 23:47 . 2011-02-19 23:47 -------- d-----w- c:\program files\Zeallsoft 2011-02-18 18:32 . 2001-10-19 13:40 1683792 ----a-w- c:\windows\system32\wmvcore2.dll 2011-02-18 18:32 . 2001-10-19 13:40 438608 ----a-w- c:\windows\system32\wmv8dmod.dll 2011-02-18 18:32 . 2001-10-19 13:40 665424 ----a-w- c:\windows\system32\wmv8dmoe.dll 2011-02-18 18:32 . 2001-10-19 13:39 572752 ----a-w- c:\windows\system32\wmvdmoe.dll 2011-02-18 18:32 . 2001-10-19 01:05 285184 ----a-w- c:\windows\system32\wmidx2.ocx . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-16 19:18 . 2008-09-27 11:44 16608 ----a-w- c:\windows\gdrv.sys 2010-05-06 23:41 . 2010-05-08 11:41 44 ---h--w- c:\program files\237f4ecd.tmp 2008-03-09 05:25 . 2010-08-26 22:36 236 ----a-w- c:\program files\Common Files\dx.reg . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888] "{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] . [HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-10-18 11:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}] 2010-10-18 11:26 3908192 ----a-w- c:\program files\Softonic-Polska\tbSoft.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}"= "c:\program files\Softonic-Polska\tbSoft.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-19 68856] "Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2010-10-07 12661344] "Google Update"="c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2010-03-11 136176] "wjfrjCrTGl"="c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" [2011-03-15 573440] "Adobe ARP"="adobearp.exe" [2011-03-16 37016] "wuaucldt"="c:\documents and settings\start\wuaucldt.exe" [2011-03-16 32256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lxdemon.exe"="c:\program files\Lexmark 4800 Series\lxdemon.exe" [2007-06-11 455600] "lxdeamon"="c:\program files\Lexmark 4800 Series\lxdeamon.exe" [2007-06-01 20480] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-29 185872] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-10 136600] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440] "WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648] "RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208] "QuickTime Task"="e:\program files\QuickTime\qttask.exe" [2009-09-05 417792] "snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968] "wuaucldt"="c:\windows\system32\wuaucldt.exe" [2011-03-16 32256] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "wjfrjCrTGl"="c:\documents and settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" [2011-03-15 573440] . c:\documents and settings\All Users\Menu Start\Programy\Autostart\ GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-3-3 2845552] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk] path=c:\documents and settings\start\Menu Start\Programy\Autostart\hamachi.lnk backup=c:\windows\pss\hamachi.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe] path=c:\documents and settings\start\Menu Start\Programy\Autostart\smgr34.exe backup=c:\windows\pss\smgr34.exeStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] 2009-06-29 14:26 520024 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6] 2009-06-05 15:13 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ] 2010-07-14 03:39 7654400 ----a-w- c:\progra~1\WapSter\WAPSTE~1\AQQ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-10-07 14:16 323392 ----a-w- c:\program files\DNA\btdna.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed] 2010-05-31 11:33 801496 ----a-r- c:\program files\cFosSpeed\cfosspeed.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe] 2007-06-29 13:03 36864 ----a-w- c:\program files\GameSpy\Comrade\Comrade.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] 2007-06-11 17:55 316336 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] 2010-10-07 08:04 12661344 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameTracker] 2009-02-26 12:35 2446688 ----a-w- c:\program files\GameTracker\GTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-03-11 03:05 136176 ---hatw- c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] 2008-12-17 11:51 2745776 ----a-w- c:\program files\Internet Download Manager\IDMan.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1] 2001-08-17 22:56 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] 2004-08-03 20:32 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] 2010-09-17 16:03 17438712 ----a-w- c:\program files\ipla\ipla.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-08-03 22:44 1667584 ------w- c:\program files\messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] 2004-08-03 20:31 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu] 2009-05-28 09:23 10486376 ----a-w- c:\program files\Nowe Gadu-Gadu\gg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] 2008-04-01 01:54 507904 ----a-w- c:\program files\Winamp Remote\bin\OrbTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] 2004-08-03 20:32 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] 2004-08-03 20:32 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-05 00:54 417792 ----a-w- e:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-01-26 16:05 15026056 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd] 2005-10-11 11:54 339968 ----a-w- c:\windows\vsnpstd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3] 2005-01-14 09:00 339968 ----a-w- c:\windows\vsnpstd3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator] 2009-12-13 20:03 1590888 ----a-w- c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-27 13:04 1242448 ----a-w- c:\program files\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\lxdecoms.exe"= "c:\\Program Files\\Lexmark 4800 Series\\lxdeamon.exe"= "c:\\Program Files\\Lexmark 4800 Series\\frun.exe"= "c:\\Program Files\\Lexmark Fax Solutions\\FaxCtr.exe"= "c:\\Program Files\\Lexmark 4800 Series\\lxdemon.exe"= "c:\\WINDOWS\\system32\\lxdecfg.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdepswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdetime.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdejswx.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdewbgw.exe"= "d:\\Program Files\\Gpotato\\Flyff\\Flyff.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "e:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "e:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "c:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonEU\\NGM\\NGM.exe"= "e:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"= "d:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"= "d:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"= "d:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "e:\\Program Files\\Far Cry 2\\bin\\FarCry2.exe"= "e:\\Program Files\\Far Cry 2\\bin\\FC2Launcher.exe"= "e:\\Program Files\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "e:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "e:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "56795:TCP"= 56795:TCP:Pando Media Booster "56795:UDP"= 56795:UDP:Pando Media Booster "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "20490:TCP"= 20490:TCP:BitComet 20490 TCP "20490:UDP"= 20490:UDP:BitComet 20490 UDP "25828:TCP"= 25828:TCP:BitComet 25828 TCP "25828:UDP"= 25828:UDP:BitComet 25828 UDP "57987:TCP"= 57987:TCP:Pando Media Booster "57987:UDP"= 57987:UDP:Pando Media Booster "7517:TCP"= 7517:TCP:BitComet 7517 TCP "7517:UDP"= 7517:UDP:BitComet 7517 UDP "27416:TCP"= 27416:TCP:BitComet 27416 TCP "27416:UDP"= 27416:UDP:BitComet 27416 UDP "57683:TCP"= 57683:TCP:Pando Media Booster "57683:UDP"= 57683:UDP:Pando Media Booster "7473:TCP"= 7473:TCP:BitComet 7473 TCP "7473:UDP"= 7473:UDP:BitComet 7473 UDP . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-05-24 64160] R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [2008-09-27 80392] R2 GS In-Game Service;GS In-Game Service;c:\program files\GameTracker\GSInGameService.exe [2009-04-04 1547264] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 1029456] R2 lxde_device;lxde_device;c:\windows\system32\lxdecoms.exe -service --> c:\windows\system32\lxdecoms.exe -service [?] R2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdeserv.exe [2008-09-29 99248] R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 3623424] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032] R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [2009-01-27 6852] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1c9b9f9cd8e90bc;Usługa Google Update (gupdate1c9b9f9cd8e90bc);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 133104] S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;d:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-24 25832] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-08-24 697328] . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - CDFSS *Deregistered* - cdfss . Zawartość folderu 'Zaplanowane zadania' . 2011-03-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:31] . 2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 16:31] . 2011-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 16:31] . 2011-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job - c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-31 03:05] . 2011-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job - c:\documents and settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-31 03:05] . 2011-03-16 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-05-20 20:18] . 2011-03-16 c:\windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job - c:\docume~1\start\USTAWI~1\Temp\Kvg.exe [2011-03-16 19:31] . 2011-03-16 c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job - c:\windows\Kneqod.exe [2011-03-16 19:31] . 2011-03-16 c:\windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job - c:\docume~1\start\USTAWI~1\Temp\Kvh.exe [2011-03-16 19:31] . 2011-03-16 c:\windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job - c:\docume~1\start\USTAWI~1\Temp\Kvh.exe [2011-03-16 19:31] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://fullarticles.net uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:59333 uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com, uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: Pobierz wszystkie wideo za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Pobierz za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Ściągnij przez IDM - c:\program files\Internet Download Manager\IEExt.htm IE: Ściągnij wszystkie linki przez IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Ściągnij zawartość wideo FLV przez IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll LSP: c:\progra~1\SPEEDB~2\sblsp.dll FF - ProfilePath - c:\documents and settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 59333 FF - prefs.js: network.proxy.type - 1 . - - - - USUNIĘTO PUSTE WPISY - - - - . BHO-{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll HKCU-Run-Eraser - c:\program files\Eraser\eraser.exe HKCU-Run-Driver Updater - c:\program files\Carambis\Driver Updater\dupdater.exe HKCU-Run-Client Thailanddds - C:\r1.exe HKCU-Run-Flwgwl - c:\documents and settings\start\Dane aplikacji\Flwgwl.exe HKLM-Run-conhost - c:\documents and settings\start\Dane aplikacji\Microsoft\conhost.exe MSConfigStartUp-cdoosoft - c:\docume~1\start\USTAWI~1\Temp\herss.exe MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe MSConfigStartUp-PrzyspieszKomputer - c:\program files\Przyspiesz Komputer\przyspieszkomputer.exe MSConfigStartUp-Unogokiqo - c:\windows\kbdpxdmy.dll MSConfigStartUp-VS Online - c:\program files\VS Online\VSOnline.exe MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe MSConfigStartUp-Wru - c:\program files\Wru\Wru.exe AddRemove-AirRivals_EN_is1 - c:\program files\Gameforge4D\AirRivals_EN\unins000.exe AddRemove-AP Guitar Tuner 1.02 - c:\program files\Audio Phonics AddRemove-Arial Sound Recorder_is1 - c:\program files\Arial Sound Recorder\unins000.exe AddRemove-AV Voice Changer Software 3.0 - c:\progra~1\AVVCS3~1.0\UNWISE.EXE AddRemove-AV Voice Changer Software DIAMOND 4.0 - c:\progra~1\AVVCS4~1.0DI\UNWISE.EXE AddRemove-AV Voice Changer Software DIAMOND 6.0 - c:\progra~1\AVVCS6~1.0DI\UNWISE.EXE AddRemove-AviSynth - c:\program files\AviSynth 2.5\Uninstall.exe AddRemove-BrainWave Generator - c:\program files\BrainWave Generator\Uninst.isu AddRemove-CasinoEuroPoker - c:\program files\CasinoEuro\uninst.exe AddRemove-CDex - c:\program files\CDex_150\uninstall.exe AddRemove-Counter-Strike 1.6 v32 - e:\program files\Counter-Strike\Uninstal.exe AddRemove-Cpukiller3_is1 - c:\program files\Cpukiller3\unins000.exe AddRemove-Direct MIDI to MP3 Converter_is1 - c:\program files\Direct MIDI to MP3 Converter\unins000.exe AddRemove-E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe AddRemove-EarMaster Essential 5_is1 - c:\program files\EarMaster Essential 5\unins000.exe AddRemove-easyCALL_is1 - c:\program files\easyCALL\unins000.exe AddRemove-eMusic Promotion - c:\program files\Winamp\eMusic\Uninst-eMusic-promotion.exe AddRemove-ET3DEMO - c:\program files\English Translator 3 Demo\setup.exe AddRemove-ExpressBurn - c:\program files\NCH Swift Sound\ExpressBurn\uninst.exe AddRemove-ExpressRip - c:\program files\NCH Swift Sound\ExpressRip\uninst.exe AddRemove-F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe AddRemove-FlightGear_is1 - d:\program files\FlightGear\unins000.exe AddRemove-FREE Hi-Q Recorder_is1 - c:\program files\FREE Hi-Q Recorder\unins000.exe AddRemove-Game Booster_is1 - c:\program files\IObit\Game Booster\unins000.exe AddRemove-GameCenter - e:\program files\Cyanide\GameCenter\uninstall.exe AddRemove-Guild Wars - c:\program files\Guild Wars\Gw.exe AddRemove-Guitar FX BOX 2.8 - c:\program files\Guitar FX BOX 2.8\uninst.exe AddRemove-Gunz - c:\ijji\ENGLISH\Gunz\Uninstall.exe AddRemove-Hitman: Kontrakty - e:\progra~1\HITMAN~1\UNWISE.EXE AddRemove-Hydrogen - c:\program files\Hydrogen\uninstall.exe AddRemove-Icy Tower v1.3.1_is1 - c:\games\icytower1.3\unins000.exe AddRemove-Icy Tower v1.4_is1 - c:\games\icytower1.4\unins000.exe AddRemove-IrfanView - c:\program files\IrfanView\iv_uninstall.exe AddRemove-JDownloader - c:\program files\JDownloader\uninstall.exe AddRemove-Lineage 2 Frintezza Full - e:\program files\Lineage\Nowy folder\Uninstall.exe AddRemove-Loki_is1 - e:\program files\Cyanide\Loki\unins000.exe AddRemove-MojDzwonek.com - c:\program files\MojDzwonek.com\uninstall.exe AddRemove-MP3 CD Doctor Lite_is1 - c:\program files\MP3 CD Doctor\unins000.exe AddRemove-Native Instruments Guitar Rig Session IO Driver - c:\documents and settings\All Users\Dane aplikacji\{84BD2490-E07B-459A-85CD-649AABFCE52D}\Guitar Rig Session IO Driver Setup.exe AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Ahead\nero\uninstall\UNNERO.exe AddRemove-Nero7Lite_is1 - c:\program files\Nero\unins000.exe AddRemove-Nowe Gadu-Gadu - c:\program files\Nowe Gadu-Gadu\Uninstall.exe AddRemove-Pacific Warriors - e:\program files\InterActive Vision\Pacific Warriors\Uninstal.exe AddRemove-PingPlotter Standard - c:\program files\PingPlotter Standard\uninst.exe AddRemove-Przyspiesz Komputer_is1 - c:\program files\Przyspiesz Komputer\unins000.exe AddRemove-QuickPar - c:\program files\QuickPar\uninst.exe AddRemove-REAPER - c:\program files\REAPER (x64)\Uninstall.exe AddRemove-ReValver - c:\program files\Alien Connections\ReValver\alloff.exe AddRemove-ReValver Mk II_is1 - c:\program files\Alien Connections\ReValver Mk II\unins000.exe AddRemove-Rohan_USA - e:\rohan_usa\GoUninstUSA.exe AddRemove-SeaDogs - c:\progra~1\BETHES~1\SeaDogs\UNINST~1.EXE AddRemove-SHOUTcastDSP - c:\program files\Winamp\uninst-dsp.exe AddRemove-Silkroad - c:\program files\Silkroad\Remove.Exe AddRemove-SMS Pilot_is1 - c:\program files\SMS Pilot\unins000.exe AddRemove-SnadBoy's Revelation v2 - c:\progra~1\SNADBO~1\UNWISE.EXE AddRemove-SpeedBit Video Downloader - c:\program files\SpeedBit Video Downloader\GRRemove.exe AddRemove-Tactical Ops - e:\program files\Infogrames\Tactical Ops\Uninst.isu AddRemove-TallStick TS-AudioToMIDI 3.30 - c:\program files\TallStick\TS-AudioToMIDI 3.30\Uninstall.exe AddRemove-Teamspeak 2 RC2_is1 - c:\program files\Teamspeak2_RC2\unins000.exe AddRemove-Tengwar Scribe - c:\progra~1\TENGSC~1\UNWISE.EXE AddRemove-Tibia_is1 - c:\program files\Tibia\unins000.exe AddRemove-Tomb Raider: Underworld Demo - c:\program files\Eidos\Tomb Raider - Underworld Demo\uninst.exe AddRemove-Ultra MP4 Video Converter_is1 - e:\program files\Ultra MP4 Video Converter\unins000.exe AddRemove-VS Online_is1 - c:\program files\VS Online\unins000.exe AddRemove-WinGimp-2.0_is1 - c:\program files\GIMP-2.0\setup\unins000.exe AddRemove-Xfire - c:\program files\Xfire\uninst.exe AddRemove-YouTube Downloader App - c:\program files\Regensoft\Downloader App\uninstaller.exe AddRemove-{17145977-D875-4B1D-942F-9E5930823E02}_is1 - e:\program files\Gods\Uninstall Information\unins000.exe AddRemove-{285139D9-633F-4674-8FA3-DB94B356FA82}_is1 - e:\program files\Mafia Tycoon\unins000.exe AddRemove-{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1 - c:\program files\Wru\unins000.exe AddRemove-{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1 - c:\program files\Moyea\Flash Video MX Pro 5\unins000.exe AddRemove-{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1 - c:\program files\Eraser\unins000.exe AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files\kikin\uninst.exe AddRemove-{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1 - e:\program files\Ubisoft\Demo\Techland\Call of Juarez SP Demo\unins000.exe AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-03-16 20:24 Windows 5.1.2600 Dodatek Service Pack 2 NTFS . detected NTDLL code modification: ZwEnumerateValueKey, ZwQueryDirectoryFile . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cdfss] "ImagePath"="\??\c:\docume~1\start\USTAWI~1\Temp\cdfss" . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D597EF19-20A5-8635-A692-06E87C0C16A8}*] "oajcoabfpkefmnnndcciembgifmpnl"=hex:64,61,6b,61,6c,67,6a,6b,00,7c "oafaocodbdikojaiefpepdgidbaeen"=hex:6a,61,69,61,62,68,65,61,61,66,63,6f,66,63, 62,61,6a,62,67,63,00,02 "nappedpjhjijiibfjknjlbiplenk"=hex:6a,61,69,61,62,68,65,61,61,66,63,6f,66,63, 62,61,6a,62,67,63,00,02 . [HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:1e,29,6e,9c,54,73,99,11,06,0f,31,ab,f2,f7,4a,79,25,89,71,05,a7,7c,fb, 93,76,0c,6d,fa,59,6c,ce,ef,eb,97,aa,89,34,f2,92,c1,9c,97,ba,ed,ab,aa,36,21,\ "??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49 . [HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:23,1d,77,7b,cf,e9,0f,28,6d,e3,2e,fe,5e,3b,fc,25,f6,e6,9d,e4,93, 1e,b5,3c,93,e3,c1,b3,be,8e,96,e4,9c,4f,c0,86,7d,9e,84,8d,27,f5,24,81,a5,e4,\ "rkeysecu"=hex:39,cc,8a,da,7f,44,84,09,da,b7,e2,0c,b8,a9,a5,33 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):85,37,13,de,b7,87,d6,64,e6,db,61,dc,2c,4f,3e,12,1b,a5,aa,fa,96, 72,97,9e,19,1e,d2,58,09,82,82,73,63,3a,1d,51,e0,ad,3c,c0,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{64f34fed-9f08-4acc-ab17-73ab7a4014b5}] @Denied: (Full) (Everyone) "Model"=dword:0000000f "Therad"=dword:0000001f "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(1144) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'lsass.exe'(1200) c:\program files\SpeedBit Video Accelerator\Accelerator.dll c:\program files\SpeedBit Video Accelerator\CommPipe.dll c:\program files\SpeedBit Video Accelerator\Collector.dll . - - - - - - - > 'explorer.exe'(6016) c:\program files\SpeedBit Video Accelerator\Accelerator.dll c:\program files\SpeedBit Video Accelerator\CommPipe.dll c:\program files\SpeedBit Video Accelerator\Collector.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\cFosSpeed\spd.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\lxdecoms.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\wscntfy.exe c:\progra~1\SPEEDB~2\VideoAcceleratorEngine.exe c:\windows\RTHDCPL.EXE c:\windows\system32\attrib.exe c:\documents and settings\All Users\Dane aplikacji\15064884.exe c:\windows\system32\attrib.exe c:\docume~1\start\USTAWI~1\Temp\NS19.tmp c:\docume~1\start\USTAWI~1\Temp\arpm.exe c:\windows\TEMP\sdn9DE8.tmp c:\windows\system32\dwwin.exe . ************************************************************************** . Czas ukończenia: 2011-03-16 20:34:22 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-03-16 19:34 . Przed: 1 524 297 728 bajtów wolnych Po: 2 719 653 888 bajtów wolnych . - - End Of File - - 44934176AF485B6B98FE76CE6CBD60A5 [/log] Już
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Ja chciałem wcześniejszy log, który powstał wcześniej. Nie kazałem uruchamiać Combofix'a. Teraz chciałbym zobaczyć nowe logi OTL i RSIT.
AveX komentarz 16 marca 2011 Autor komentarz 16 marca 2011 [log] Logfile of random's system information tool 1.08 (written by random/random) Run by start at 2011-03-16 21:14:39 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 3 GB (5%) free of 50 GB Total RAM: 2046 MB (79% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:15:08, on 2011-03-16 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\start\Pulpit\RSIT(2).exe C:\Program Files\trend micro\start.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:59333 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com, R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (file missing) O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll (file missing) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll (file missing) O3 - Toolbar: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe" O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe O4 - HKCU\..\Run: [Adobe ARP] adobearp.exe O4 - HKCU\..\Run: [wuaucldt] c:\documents and settings\start\wuaucldt.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~2\sblsp.dll O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: Dragon Age: Początek - Aktualizator zawartości (DAUpdaterSvc) - BioWare - D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe O23 - Service: Usługa Google Update (gupdate1c9b9f9cd8e90bc) (gupdate1c9b9f9cd8e90bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing) O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe -- End of file - 11041 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-12-17 161200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-29 304736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll [2010-06-22 734512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-11 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-19 297648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}] Softonic-Polska Toolbar - C:\Program Files\Softonic-Polska\tbSoft.dll [2010-10-18 3908192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-11 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}] GrabberObj Class - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888] {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [] {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - Softonic-Polska Toolbar - C:\Program Files\Softonic-Polska\tbSoft.dll [2010-10-18 3908192] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-19 297648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "lxdemon.exe"=C:\Program Files\Lexmark 4800 Series\lxdemon.exe [2007-06-11 455600] "lxdeamon"=C:\Program Files\Lexmark 4800 Series\lxdeamon.exe [2007-06-01 20480] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-11-29 185872] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-11 136600] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440] "WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208] "QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2009-09-05 417792] "snpstd"=C:\WINDOWS\vsnpstd.exe [2005-10-11 339968] "wuaucldt"=c:\windows\system32\wuaucldt.exe [2011-03-16 32256] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-19 68856] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] "Google Update"=C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-03-11 136176] "wjfrjCrTGl"=C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-15 573440] "Adobe ARP"=C:\WINDOWS\system32\adobearp.exe [2011-03-16 37016] "wuaucldt"=c:\documents and settings\start\wuaucldt.exe [2011-03-16 32256] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-29 520024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6] C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-06-05 2521464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ] C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe [2010-07-14 7654400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] C:\Program Files\DNA\btdna.exe [2009-10-07 323392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe [2010-05-31 801496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe [2007-06-29 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2007-06-11 316336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameTracker] C:\Program Files\GameTracker\GTLite.exe [2009-02-26 2446688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-03-11 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] C:\Program Files\Internet Download Manager\IDMan.exe [2008-12-17 2745776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-08-17 44032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2010-09-17 17438712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe [2009-05-28 10486376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] E:\Program Files\QuickTime\qttask.exe [2009-09-05 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd] C:\WINDOWS\vsnpstd.exe [2005-10-11 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3] C:\WINDOWS\vsnpstd3.exe [2005-01-14 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [2009-12-13 1590888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] c:\program files\steam\steam.exe [2010-12-27 1242448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk] C:\PROGRA~1\Hamachi\hamachi.exe [2010-09-10 624416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe] C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe [] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\lxdecoms.exe"="C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System" "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"="C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor" "C:\Program Files\Lexmark 4800 Series\frun.exe"="C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio" "C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe"="C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software" "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"="C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor" "C:\WINDOWS\system32\lxdecfg.exe"="C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway" "D:\Program Files\Gpotato\Flyff\Flyff.exe"="D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) " "E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) " "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) " "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe" "C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "D:\Program Files\Dragon Age\bin_ship\daorigins.exe"="D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra" "D:\Program Files\Dragon Age\DAOriginsLauncher.exe"="D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy" "D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "E:\Program Files\Far Cry 2\bin\FarCry2.exe"="E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2" "E:\Program Files\Far Cry 2\bin\FC2Launcher.exe"="E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater" "E:\Program Files\Far Cry 2\bin\FC2Editor.exe"="E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor" "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2" "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer" "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32" "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth" "C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm" "C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server" "C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "E:\GW Movie Arts\Combat Arms EU\CombatArms.exe"="E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe" "E:\GW Movie Arts\Combat Arms EU\Engine.exe"="E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" ======List of files/folders created in the last 1 months====== 2011-03-16 20:34:22 ----A---- C:\ComboFix.txt 2011-03-16 20:31:06 ----A---- C:\WINDOWS\system32\drivers\wcscd.sys 2011-03-16 20:31:06 ----A---- C:\WINDOWS\system32\adobearp.exe 2011-03-16 20:30:46 ----A---- C:\WINDOWS\system32\wuaucldt.exe 2011-03-16 20:16:52 ----D---- C:\WINDOWS\temp 2011-03-16 20:08:54 ----D---- C:\Qoobox 2011-03-15 21:32:23 ----D---- C:\rsit 2011-03-15 21:32:23 ----D---- C:\Program Files\trend micro 2011-03-15 21:31:10 ----D---- C:\_OTL 2011-03-15 20:30:26 -------- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe 2011-03-15 20:22:42 ----ASH---- C:\pagefile.sys 2011-03-15 10:48:35 ----A---- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe 2011-03-13 22:57:42 ----D---- C:\Program Files\ESET 2011-03-13 20:23:23 ----D---- C:\videooutput 2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\xvidcore.dll 2011-03-13 20:23:21 ----A---- C:\WINDOWS\system32\NCMedia2.dll 2011-03-13 02:35:06 ----D---- C:\Program Files\Common Files\Skype 2011-02-24 21:46:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan 2011-02-24 21:46:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee 2011-02-24 21:46:36 ----D---- C:\Program Files\McAfee Security Scan 2011-02-24 21:46:31 ----D---- C:\Program Files\YouTube Downloader 2011-02-20 00:47:24 ----D---- C:\Program Files\Zeallsoft 2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmvdmoe.dll 2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmvcore2.dll 2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmv8dmoe.dll 2011-02-18 19:32:22 ----A---- C:\WINDOWS\system32\wmv8dmod.dll ======List of files/folders modified in the last 1 months====== 2011-03-16 21:07:32 ----D---- C:\Program Files\Mozilla Firefox 2011-03-16 20:57:15 ----A---- C:\WINDOWS\ntbtlog.txt 2011-03-16 20:54:39 ----D---- C:\Program Files\cFosSpeed 2011-03-16 20:54:28 ----D---- C:\WINDOWS 2011-03-16 20:53:11 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-03-16 20:51:00 ----SD---- C:\WINDOWS\Tasks 2011-03-16 20:34:26 ----D---- C:\WINDOWS\system32\drivers 2011-03-16 20:32:07 ----D---- C:\WINDOWS\ERDNT 2011-03-16 20:31:06 ----D---- C:\WINDOWS\system32 2011-03-16 20:25:42 ----D---- C:\WINDOWS\system32\CatRoot2 2011-03-16 20:24:54 ----A---- C:\WINDOWS\system.ini 2011-03-16 20:24:19 ----D---- C:\WINDOWS\system32\drivers\etc 2011-03-16 20:24:15 ----D---- C:\WINDOWS\Prefetch 2011-03-16 20:17:07 ----D---- C:\WINDOWS\system32\config 2011-03-16 20:16:41 ----RD---- C:\Program Files 2011-03-16 20:16:26 ----SD---- C:\Documents and Settings\start\Dane aplikacji\Microsoft 2011-03-16 20:15:39 ----D---- C:\WINDOWS\AppPatch 2011-03-16 20:15:36 ----D---- C:\Program Files\Common Files 2011-03-16 19:55:17 ----SHD---- C:\WINDOWS\CSC 2011-03-15 05:47:07 ----HD---- C:\Documents and Settings\start\Dane aplikacji\Skype 2011-03-14 21:06:56 ----HD---- C:\Documents and Settings\start\Dane aplikacji\skypePM 2011-03-14 06:57:14 ----A---- C:\WINDOWS\cdplayer.ini 2011-03-13 23:37:07 ----D---- C:\Program Files\Native Instruments 2011-03-13 21:41:27 ----HD---- C:\Documents and Settings\start\Dane aplikacji\BitComet 2011-03-13 19:17:06 ----D---- C:\Downloads 2011-03-13 02:35:11 ----SHD---- C:\WINDOWS\Installer 2011-03-12 15:22:41 ----HD---- C:\Program Files\InstallShield Installation Information 2011-03-07 17:48:46 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files 2011-03-06 18:03:49 ----A---- C:\WINDOWS\NeroDigital.ini 2011-02-21 20:42:11 ----HD---- C:\WINDOWS\inf 2011-02-18 19:32:47 ----A---- C:\WINDOWS\win.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-05-24 64160] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032] R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336] R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2010-05-31 1079000] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-10 25280] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216] S1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] S1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] S1 wceusbsh;Sterownik hosta szeregowego USB Windows CE; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-03 31872] S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-08 278984] S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-08 25416] S2 regi;regi; \??\C:\WINDOWS\system32\drivers\regi.sys [] S2 Vcs;Vcs support; \??\C:\WINDOWS\system32\Drivers\Vcs.sys [] S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312] S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072] S3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328] S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 npkcrypt;npkcrypt; \??\E:\Program Files\Lineage\system\npkcrypt.sys [] S3 npkcusb;npkcusb; \??\E:\Program Files\Lineage\system\npkcusb.sys [] S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 snpstd;Trust Webcam 14823; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2006-05-03 390784] S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-06-22 498432] S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 usbaudio;Sterownik audio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-24 697328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-29 1029456] S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920] S2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2010-05-31 314584] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-05-13 80392] S2 GS In-Game Service;GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [2009-02-26 1547264] S2 gupdate1c9b9f9cd8e90bc;Usługa Google Update (gupdate1c9b9f9cd8e90bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-10 133104] S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-11 152984] S2 lxde_device;lxde_device; C:\WINDOWS\system32\lxdecoms.exe [2007-05-29 598960] S2 lxdeCATSCustConnectService;lxdeCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe [2007-05-29 99248] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208] S2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 3623424] S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-27 75064] S2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] S2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe [2009-12-13 300656] S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości; D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-04-27 3547376] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF----------------- [/log] To był z RSIT, a tu OTL: [log]OTL logfile created on: 2011-03-15 21:31:42 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,44 Gb Free Space | 2,95% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe PRC - [2010-04-02 01:39:57 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-06-29 15:26:55 | 000,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009-02-09 11:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 17:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2001-10-26 16:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe MOD - [2010-04-16 16:37:04 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2010-04-16 16:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:00:47 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-07-03 14:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2004-08-03 23:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2004-08-03 23:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-03 23:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:54 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2004-08-03 23:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2004-08-03 23:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer) SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService) SRV - [2010-09-02 21:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService) SRV - [2010-05-31 12:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Stopped] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-04-27 23:33:00 | 003,547,376 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2010-03-11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-26 17:19:54 | 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2009-12-13 21:03:04 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Stopped] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService) SRV - [2009-07-26 06:43:14 | 000,025,832 | -H-- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-06-29 15:26:36 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009-02-26 13:09:14 | 001,547,264 | ---- | M] (ClanServers Hosting LLC) [Auto | Stopped] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service) SRV - [2008-05-13 17:07:24 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Stopped] -- C:\WINDOWS\System32\lxdecoms.exe -- (lxde_device) SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe -- (lxdeCATSCustConnectService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-03-15 20:23:20 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-09-10 18:54:14 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2010-08-24 01:49:24 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-05-31 12:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed) DRV - [2009-05-24 15:24:56 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009-03-16 22:33:02 | 003,597,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-02-09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-02-09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-02-09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-02-09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-11-08 10:44:31 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008-11-08 10:44:30 | 000,025,416 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-07 12:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-04-10 11:52:20 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2) DRV - [2008-01-03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-11-14 20:48:20 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2007-05-14 22:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-05-14 22:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi) DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-05-03 14:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd) DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2005-06-22 16:09:56 | 000,498,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2003-09-19 14:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2002-12-09 15:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - File not found IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59333 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 59333 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-11-29 21:48:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-10-20 21:48:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2011-03-13 23:37:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-11-18 20:46:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-18 20:51:11 | 000,000,000 | ---D | M] [2008-12-02 21:10:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Extensions [2011-03-14 09:53:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions [2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009-09-02 15:10:53 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-19 20:01:50 | 000,000,000 | -H-D | M] (kikin plugin (JDownloader Edition)) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (BitComet Video Downloader) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010-08-24 20:46:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash [2010-12-01 22:30:41 | 000,000,000 | -H-D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} [2009-11-16 12:23:28 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar [2010-03-09 21:29:41 | 000,000,000 | -H-D | M] (Zrzuta.eu) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\zrzuta.eu@gmail.com [2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml [2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml [2011-03-14 09:53:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009-01-11 00:19:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-10-20 21:48:05 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC [2008-11-29 21:48:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2010-02-21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-01-19 22:23:28 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2009-07-22 16:31:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-03-30 11:42:24 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-03-30 11:42:24 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-03-30 11:42:24 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-03-30 11:42:24 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-03-30 11:42:24 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-08-25 18:57:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (SBCONVERT Class) - {31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - File not found O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe () O4 - HKLM..\Run: [lxdeamon] C:\Program Files\Lexmark 4800 Series\lxdeamon.exe () O4 - HKLM..\Run: [lxdemon.exe] C:\Program Files\Lexmark 4800 Series\lxdemon.exe () O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software) O4 - HKLM..\Run: [My Web Search Bar] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKLM..\Run: [Regedit32] File not found O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe () O4 - HKU\.DEFAULT..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKU\S-1-5-18..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Adobe ARP] C:\WINDOWS\System32\adobearp.exe (Eltgk Software) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Client Thailanddds] File not found O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Driver Updater] File not found O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Eraser] File not found O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Flwgwl] C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe (Laupd Software) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [JP595IR86O] File not found O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.) F3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: Microsoft Driver Setup = C:\WINDOWS\microsoft.exe (Kxcesobjn Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Pobierz wszystkie wideo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - File not found O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe () O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001-10-26 18:12:38 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: SSHNAS - File not found MsConfig - StartUpFolder: C:^Documents and Settings^start^Menu Start^Programy^Autostart^hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe - (LogMeIn Inc.) MsConfig - StartUpFolder: C:^Documents and Settings^start^Menu Start^Programy^Autostart^smgr34.exe - - File not found MsConfig - StartUpReg: [b]Ad-Watch[/b] - hkey= - key= - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) MsConfig - StartUpReg: [b]AdobeUpdater6[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) MsConfig - StartUpReg: [b]AQQ[/b] - hkey= - key= - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.) MsConfig - StartUpReg: [b]BitTorrent DNA[/b] - hkey= - key= - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) MsConfig - StartUpReg: [b]cdoosoft[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]cFosSpeed[/b] - hkey= - key= - C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH) MsConfig - StartUpReg: [b]Comrade.exe[/b] - hkey= - key= - C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.) MsConfig - StartUpReg: [b]FaxCenterServer[/b] - hkey= - key= - C:\Program Files\Lexmark Fax Solutions\fm3032.exe () MsConfig - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]GameTracker[/b] - hkey= - key= - C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC) MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) MsConfig - StartUpReg: [b]IMEKRMIG6.1[/b] - hkey= - key= - C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]IMJPMIG8.1[/b] - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]MSPY2002[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]MyWebSearch Email Plugin[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]Orb[/b] - hkey= - key= - C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks) MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]PHIME2002A[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PHIME2002ASync[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PlayNC Launcher[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]PrzyspieszKomputer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - E:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]snpstd[/b] - hkey= - key= - C:\WINDOWS\vsnpstd.exe () MsConfig - StartUpReg: [b]snpstd3[/b] - hkey= - key= - C:\WINDOWS\vsnpstd3.exe (Sonix) MsConfig - StartUpReg: [b]SpeedBitVideoAccelerator[/b] - hkey= - key= - C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]Unogokiqo[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]VS Online[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Wru[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-15 21:31:10 | 000,000,000 | ---D | C] -- C:\_OTL [2011-03-15 20:56:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe [2011-03-15 20:46:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\start\Recent [2011-03-15 20:45:27 | 000,032,904 | ---- | C] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe [2011-03-15 20:32:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Menu Start\Programy\Windows Diagnostic [2011-03-15 20:30:26 | 000,084,992 | ---- | C] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe [2011-03-15 10:48:35 | 000,573,440 | ---- | C] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-13 22:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011-03-13 20:23:23 | 000,000,000 | ---D | C] -- C:\videooutput [2011-03-13 20:23:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software [2011-03-13 20:21:06 | 004,130,372 | -H-- | C] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe [2011-03-13 20:12:16 | 009,909,254 | -H-- | C] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe [2011-03-13 02:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-03-11 18:09:29 | 000,060,416 | RHS- | C] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe [2011-03-09 06:30:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\The Rolling Stones [2011-03-06 17:51:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style _data [2011-02-25 22:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2011-02-25 22:21:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus [2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2011-02-24 21:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee [2011-02-24 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2011-02-24 21:46:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\YouTube Downloader [2011-02-24 21:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader [2011-02-20 00:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Zeallsoft [2011-02-20 00:46:55 | 003,409,741 | -H-- | C] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe [2011-02-20 00:44:06 | 008,161,357 | -H-- | C] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe [2011-02-18 19:32:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Cool Edit Pro 2.0 [2011-01-16 01:39:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\gPotato.eu [2011-01-15 22:16:41 | 000,389,120 | -H-- | C] (CDNetworks) -- C:\Documents and Settings\start\Pulpit\Rappelz_PL.exe [2011-01-15 12:20:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong [2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll [2010-05-17 20:22:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll [2010-05-17 20:22:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll [2010-05-17 19:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2010-05-17 19:41:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2010-05-17 19:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2008-09-29 19:42:23 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeserv.dll [2008-09-29 19:42:23 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeusb1.dll [2008-09-29 19:42:23 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehcp.dll [2008-09-29 19:42:23 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeinpa.dll [2008-09-29 19:42:23 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeiesc.dll [2008-09-29 19:42:22 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdepmui.dll [2008-09-29 19:42:22 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdelmpm.dll [2008-09-29 19:42:22 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeih.exe [2008-09-29 19:42:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdeprox.dll [2008-09-29 19:42:21 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdehbn3.dll [2008-09-29 19:42:21 | 000,598,960 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecoms.exe [2008-09-29 19:42:20 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomc.dll [2008-09-29 19:42:20 | 000,365,488 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecfg.exe [2008-09-29 19:42:20 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdecomm.dll [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-03-15 21:32:11 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\start\Pulpit\RSIT.exe [2011-03-15 21:18:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-03-15 20:56:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\start\Pulpit\OTL.exe [2011-03-15 20:52:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-15 20:45:22 | 000,032,904 | ---- | M] (Eltgk Software) -- C:\WINDOWS\System32\adobearp.exe [2011-03-15 20:42:45 | 002,396,960 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe [2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-03-15 20:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-03-15 20:32:50 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r [2011-03-15 20:32:50 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460 [2011-03-15 20:32:36 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk [2011-03-15 20:32:32 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460 [2011-03-15 20:32:30 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe [2011-03-15 20:30:14 | 000,084,992 | ---- | M] (Laupd Software) -- C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe [2011-03-15 20:23:37 | 000,003,968 | RHS- | M] () -- C:\WINDOWS\wibrf.jpg [2011-03-15 20:23:37 | 000,003,416 | RHS- | M] () -- C:\WINDOWS\wiybr.png [2011-03-15 20:23:27 | 000,573,440 | ---- | M] (NetInternals) -- C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe [2011-03-15 20:23:00 | 000,173,776 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2011-03-15 20:22:57 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\yyki.job [2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011-03-15 20:22:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-15 19:40:31 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020 [2011-03-15 19:40:16 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020 [2011-03-15 19:40:15 | 000,524,800 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe [2011-03-15 18:51:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job [2011-03-15 17:52:55 | 000,010,698 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398 [2011-03-15 13:51:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe [2011-03-14 20:08:45 | 000,140,288 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-14 17:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-03-14 06:57:14 | 000,015,468 | ---- | M] () -- C:\WINDOWS\cdplayer.ini [2011-03-14 06:57:09 | 004,832,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3 [2011-03-14 06:57:08 | 002,224,079 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3 [2011-03-14 06:57:08 | 001,229,095 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3 [2011-03-13 22:48:09 | 000,060,416 | RHS- | M] (Kxcesobjn Software) -- C:\WINDOWS\microsoft.exe [2011-03-13 21:56:28 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf [2011-03-13 20:23:21 | 000,000,691 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk [2011-03-13 20:23:04 | 004,130,372 | -H-- | M] (www.smallvideosoft.com ) -- C:\Documents and Settings\start\Pulpit\flvconverter.exe [2011-03-13 20:19:10 | 010,980,832 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe [2011-03-13 20:14:17 | 009,909,254 | -H-- | M] (HOW Inc. ) -- C:\Documents and Settings\start\Pulpit\FreeYouTubeDownloaderSetup.exe [2011-03-13 11:30:51 | 008,273,459 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3 [2011-03-13 10:30:46 | 000,069,714 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg [2011-03-12 15:58:24 | 000,030,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wcscd.sys [2011-03-12 15:58:02 | 000,032,256 | -H-- | M] () -- C:\Documents and Settings\start\wuaucldt.exe [2011-03-12 15:58:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe [2011-03-11 18:42:31 | 000,098,201 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg [2011-03-10 18:13:13 | 000,048,166 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg [2011-03-07 17:50:13 | 000,000,807 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk [2011-03-07 17:50:13 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk [2011-03-07 17:48:56 | 019,230,558 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG [2011-03-06 18:40:22 | 174,795,761 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG [2011-03-06 18:08:46 | 028,865,883 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv [2011-03-06 18:03:49 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-06 17:51:03 | 000,065,794 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup [2011-03-03 09:20:20 | 000,002,384 | ---- | M] () -- C:\WINDOWS\ndl.dl [2011-02-28 20:53:19 | 000,070,358 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg [2011-02-26 02:15:39 | 002,972,193 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3 [2011-02-26 00:58:20 | 061,666,604 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\waw2.wav [2011-02-26 00:42:21 | 096,454,700 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\shot.wav [2011-02-25 22:21:28 | 000,001,801 | -H-- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2011-02-25 21:53:04 | 005,282,168 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3 [2011-02-24 21:46:32 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk [2011-02-24 21:46:04 | 004,698,191 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe [2011-02-21 22:55:02 | 004,112,020 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\angie.mp3 [2011-02-21 22:48:57 | 074,502,956 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\an.wav [2011-02-20 18:39:15 | 020,596,321 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv [2011-02-20 18:27:05 | 005,112,520 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3 [2011-02-20 18:22:46 | 121,186,073 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG [2011-02-20 12:26:13 | 004,657,869 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3 [2011-02-20 12:19:17 | 084,186,284 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin.wav [2011-02-20 12:03:12 | 004,661,124 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3 [2011-02-20 00:53:10 | 000,009,442 | -H-- | M] () -- C:\Documents and Settings\start\Moje dokumenty\skanuj0001.jpg [2011-02-20 00:47:25 | 000,000,961 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk [2011-02-20 00:47:25 | 000,000,893 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk [2011-02-20 00:47:18 | 003,409,741 | -H-- | M] (ZeallSoft, Inc. ) -- C:\Documents and Settings\start\Pulpit\mmsetup.exe [2011-02-20 00:44:06 | 008,161,357 | -H-- | M] ( ) -- C:\Documents and Settings\start\Pulpit\peditorinst.exe [2011-02-19 16:50:00 | 000,984,003 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3 [2011-02-18 21:10:30 | 000,988,499 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3 [2011-02-18 19:32:23 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx [2011-02-18 19:32:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk [2011-02-18 18:56:48 | 002,320,812 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3 [2011-02-16 22:51:55 | 000,002,281 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\2152.rtf [2011-02-15 00:28:05 | 005,795,550 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3 [2011-01-17 21:12:27 | 000,000,753 | -H-- | M] () -- C:\Documents and Settings\start\Pulpit\Skrót do teeworlds.lnk [2011-01-16 01:39:40 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rappelz.lnk [2011-01-15 22:16:44 | 000,389,120 | -H-- | M] (CDNetworks) -- C:\Documents and Settings\start\Pulpit\Rappelz_PL.exe [2011-01-15 12:22:40 | 000,581,058 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-01-15 12:22:40 | 000,516,814 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-01-15 12:22:40 | 000,118,932 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-01-15 12:22:40 | 000,094,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-01-15 12:21:06 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [1 C:\Documents and Settings\start\Moje dokumenty\*.tmp files -> C:\Documents and Settings\start\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-15 21:32:09 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\start\Pulpit\RSIT.exe [2011-03-15 20:41:00 | 002,396,960 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ComboFix.exe [2011-03-15 20:32:50 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460r [2011-03-15 20:32:50 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~16113460 [2011-03-15 20:32:36 | 000,000,807 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk [2011-03-15 20:32:32 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460 [2011-03-15 20:32:30 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe [2011-03-15 19:40:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\~13492020 [2011-03-15 19:40:16 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020 [2011-03-15 19:40:15 | 000,524,800 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe [2011-03-14 06:51:05 | 004,832,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Led Zeppelin - Stairway To Heaven - Earls Court - 1975 - HQ.mp3 [2011-03-13 21:56:24 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Nowy Dokument sformatowany (2).rtf [2011-03-13 20:23:21 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2011-03-13 20:23:21 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-03-13 20:23:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-03-13 20:23:21 | 000,000,691 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Freez FLV to AVI MPEG WMV Converter.lnk [2011-03-13 20:13:38 | 010,980,832 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\FCTBSetup.exe [2011-03-13 13:52:03 | 002,224,079 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Help.mp3 [2011-03-13 13:46:46 | 001,229,095 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\The Beatles - Twist n Shout .mp3 [2011-03-13 11:28:00 | 008,273,459 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\for some fun.mp3 [2011-03-13 10:30:46 | 000,069,714 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\200068_190066684363950_100000818586203_422679_7839411_n.jpg [2011-03-12 15:58:24 | 000,030,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wcscd.sys [2011-03-12 15:58:02 | 000,032,256 | -H-- | C] () -- C:\Documents and Settings\start\wuaucldt.exe [2011-03-12 15:58:02 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe [2011-03-12 14:57:35 | 000,172,032 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe [2011-03-12 14:57:07 | 000,010,698 | -H-- | C] () -- C:\Documents and Settings\start\Dane aplikacji\3AA2.398 [2011-03-11 18:42:30 | 000,098,201 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\31879_124901487544718_100000746024542_169127_7635718_n.jpg [2011-03-10 18:13:12 | 000,048,166 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\185694_1838581054885_1551282075_31946113_8377303_n.jpg [2011-03-07 18:59:29 | 019,230,558 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08115.MPG [2011-03-07 17:50:13 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GamersFirst LIVE!.lnk [2011-03-06 18:04:12 | 028,865,883 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0002.wmv [2011-03-06 17:51:03 | 000,065,794 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Hard Rock Backing Track in G or C 80 s Style .aup [2011-03-06 17:50:55 | 174,795,761 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08112.MPG [2011-03-03 09:20:20 | 000,003,968 | RHS- | C] () -- C:\WINDOWS\wibrf.jpg [2011-03-03 09:20:20 | 000,003,416 | RHS- | C] () -- C:\WINDOWS\wiybr.png [2011-03-03 09:20:20 | 000,002,384 | ---- | C] () -- C:\WINDOWS\ndl.dl [2011-02-28 20:53:19 | 000,070,358 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\gretsch_countryclassicSPg_007.jpg [2011-02-26 01:50:57 | 002,972,193 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Johny.mp3 [2011-02-26 00:58:57 | 061,666,604 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\waw2.wav [2011-02-25 21:51:12 | 005,282,168 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\rock n roll blues.mp3 [2011-02-24 21:46:36 | 000,001,801 | -H-- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2011-02-24 21:46:32 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\YouTube Downloader.lnk [2011-02-24 21:44:46 | 004,698,191 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\YouTubeDownloaderSetup27_[www.programosy.pl].exe [2011-02-21 22:49:02 | 074,502,956 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\an.wav [2011-02-21 22:20:26 | 004,112,020 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\angie.mp3 [2011-02-20 18:36:04 | 020,596,321 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Bez tytułu_0001.wmv [2011-02-20 18:26:51 | 005,112,520 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\AC DC - Shoot to Thrill2.mp3 [2011-02-20 17:48:19 | 096,454,700 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\shot.wav [2011-02-20 17:29:08 | 121,186,073 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\MOV08096.MPG [2011-02-20 12:25:46 | 004,657,869 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city2.mp3 [2011-02-20 12:19:26 | 084,186,284 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin.wav [2011-02-20 12:03:11 | 004,661,124 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\sin city.mp3 [2011-02-20 00:47:25 | 000,000,961 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\ZeallSoft Products.lnk [2011-02-20 00:47:25 | 000,000,893 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Magic Mirror.lnk [2011-02-19 16:49:52 | 000,984,003 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\wwwwwa11.mp3 [2011-02-18 21:10:26 | 000,988,499 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad123.mp3 [2011-02-18 19:32:23 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx [2011-02-18 19:32:21 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk [2011-02-18 18:55:48 | 002,320,812 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\podklad.mp3 [2011-02-16 22:51:55 | 000,002,281 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\2152.rtf [2011-02-15 00:27:30 | 005,795,550 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\smoke on the water (2)12.mp3 [2011-01-17 21:12:27 | 000,000,753 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\Skrót do teeworlds.lnk [2011-01-16 01:39:40 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rappelz.lnk [2011-01-15 23:24:45 | 000,128,880 | -H-- | C] () -- C:\Documents and Settings\start\Pulpit\DSC00001.jpg [2011-01-09 15:48:34 | 000,074,240 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe [2010-12-04 20:19:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll [2010-12-03 12:04:21 | 000,115,712 | RHS- | C] () -- C:\WINDOWS\System32\wship6C.dll [2010-11-18 21:39:53 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2010-11-18 21:05:11 | 000,000,193 | ---- | C] () -- C:\WINDOWS\dvdtoaviconverter.ini [2010-11-18 20:58:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysDVDtoavi.dat [2010-11-18 20:58:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2010-11-18 20:58:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll [2010-11-18 20:58:56 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll [2010-11-18 20:52:09 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2010-11-18 20:52:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\2ABE404A5B.sys [2010-09-21 14:42:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-08-26 23:36:01 | 000,000,236 | ---- | C] () -- C:\Program Files\Common Files\dx.reg [2010-08-26 23:36:00 | 000,874,502 | ---- | C] () -- C:\WINDOWS\System32\kernel32new.dll [2010-08-26 23:36:00 | 000,681,478 | ---- | C] () -- C:\WINDOWS\System32\msvcrtnew.dll [2010-08-26 23:36:00 | 000,187,398 | ---- | C] () -- C:\WINDOWS\System32\d3d10core.dll [2010-08-26 23:35:59 | 001,029,126 | ---- | C] () -- C:\WINDOWS\System32\d3d10.dll [2010-08-26 23:35:59 | 000,716,153 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe [2010-08-26 23:35:59 | 000,002,917 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat [2010-08-26 22:31:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-08-25 17:48:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-08-25 17:48:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-08-25 17:48:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-08-25 17:48:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-08-25 17:48:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-08-12 20:41:34 | 000,492,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-08-02 13:03:03 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2010-07-31 10:29:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-07-26 10:34:34 | 000,175,616 | ---- | C] () -- C:\WINDOWS\Kneqoa.exe [2010-05-18 14:23:24 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe [2010-05-17 20:22:33 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe [2010-05-17 20:22:33 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini [2010-05-17 20:22:31 | 000,390,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys [2010-05-17 20:22:30 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe [2010-05-17 19:41:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2010-05-17 19:41:50 | 000,498,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys [2010-05-17 19:41:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe [2009-12-20 22:01:34 | 000,000,080 | ---- | C] () -- C:\WINDOWS\msocreg32.dat [2009-12-02 18:35:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2009-11-17 10:39:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2009-09-27 16:50:38 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-08-10 17:28:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini [2009-07-26 22:14:16 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2009-06-18 18:43:43 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll [2009-06-18 18:43:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll [2009-05-24 15:30:46 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2009-04-08 12:15:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-04-08 12:15:29 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-04-08 12:15:24 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-04-05 19:44:22 | 000,001,824 | ---- | C] () -- C:\WINDOWS\TSearch.INI [2009-04-05 15:12:48 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(2).exe [2009-03-27 16:10:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2009-03-27 16:08:42 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009-03-06 14:13:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\system87sG.dat [2009-02-11 01:13:00 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009-02-02 20:59:56 | 000,000,030 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009-01-27 20:49:21 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys [2009-01-18 19:55:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008-12-02 20:24:22 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\rtl4.dat [2008-11-29 22:26:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008-11-29 22:26:15 | 000,015,468 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008-11-10 23:06:41 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2008-11-10 20:41:12 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-11-08 11:03:24 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2008-11-08 10:44:31 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-11-08 10:44:30 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-10-16 11:08:31 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-09-30 15:28:32 | 000,140,288 | -H-- | C] () -- C:\Documents and Settings\start\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-09-29 19:44:57 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdecoin.dll [2008-09-29 19:44:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdevs.dll [2008-09-29 19:44:26 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdedrs.dll [2008-09-29 19:44:26 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdecaps.dll [2008-09-29 19:44:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdecnv4.dll [2008-09-29 19:44:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL [2008-09-29 19:44:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll [2008-09-29 19:44:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL [2008-09-29 19:44:05 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL [2008-09-29 19:42:36 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxderwrd.ini [2008-09-29 19:42:24 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdeinst.dll [2008-09-29 19:42:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdegrd.dll [2008-09-29 08:04:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2008-09-29 07:59:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2008-09-29 07:59:04 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2008-09-29 07:59:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2008-09-29 07:59:02 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2008-09-29 07:59:02 | 000,184,394 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2008-09-27 14:29:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008-09-27 14:26:27 | 000,204,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008-09-27 12:54:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2008-09-27 12:41:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008-09-27 12:38:16 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007-08-21 22:51:16 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2007-08-21 20:36:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2005-02-24 11:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys [2005-01-25 14:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL [2004-11-22 12:48:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\98Setup.exe [2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-03-17 18:15:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\smp32.dll [2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001-10-26 15:15:16 | 000,581,058 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 15:15:16 | 000,118,932 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-10-26 14:45:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL [2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 20:30:24 | 000,516,814 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 20:30:22 | 000,094,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2009-09-13 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient [2010-06-02 17:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2009-12-24 22:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BioWare [2010-05-06 18:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Celemony Software GmbH [2010-05-06 12:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EarMaster [2008-11-10 21:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-09-01 13:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-12-20 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IK Multimedia [2009-10-20 21:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2010-09-21 14:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-07-30 09:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LxThumbs [2010-07-26 10:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments [2010-05-27 06:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound [2009-08-23 07:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU [2009-01-20 20:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2009-10-20 22:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-03-07 17:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-12-12 21:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Psicraft [2010-02-18 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2009-07-26 23:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2008-11-30 10:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wru [2010-12-02 23:35:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{20EFD19B-675C-417B-A498-B0161D72FF88} [2010-12-03 17:50:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{4F32CAF7-963B-404D-BF13-C48BA3F5F6A7} [2009-05-24 15:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2010-12-03 17:49:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{AC46DC4F-66BD-4733-A8B4-0B69418C12D0} [2010-12-02 23:33:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{B5F0C192-874D-49A8-88D7-8431E3714756} [2010-12-03 17:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D69A48BF-7653-4AA8-94BC-5847522A4573} [2010-12-03 17:48:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{EC98E512-708C-4C3B-9F07-B58768C1DD8A} [2011-03-15 20:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker [2010-12-30 15:01:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\AnvSoft [2010-11-30 21:03:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\avidemux [2011-03-13 21:41:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitComet [2008-11-30 20:59:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\BitTorrent [2010-10-13 17:45:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DMCache [2010-10-17 11:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\DNA [2008-11-12 21:04:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu [2010-09-01 13:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Gadu-Gadu 10 [2009-11-17 04:04:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\GetRightToGo [2009-12-12 22:58:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\gtk-2.0 [2010-06-20 12:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\kikin [2008-11-20 19:21:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Lexmark Productivity Studio [2010-01-05 20:38:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Line 6 [2009-10-31 14:54:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nokia [2009-09-04 19:38:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Nowe Gadu-Gadu [2010-12-14 18:10:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\OpenCandy [2009-10-20 22:03:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PC Suite [2011-01-22 00:37:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\PriceGong [2009-07-26 23:19:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Publish Providers [2009-10-04 18:02:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\REAPER [2009-04-11 09:35:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Red Kawa [2009-03-27 16:12:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Samsung [2009-07-26 23:18:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony [2009-07-26 22:50:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Sony Setup [2011-01-17 21:12:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\start\Dane aplikacji\Teeworlds [2011-03-14 16:25:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job [2010-06-01 20:07:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnSevenDaysInit.job [2010-06-15 20:03:56 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job [2010-05-30 07:34:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job [2011-03-15 20:22:56 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job [2011-03-15 20:22:54 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\Tasks\yyki.job [2011-03-15 20:22:56 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011-03-15 20:40:00 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2011-03-15 20:22:55 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2011-03-15 20:22:54 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-03-15 20:52:20 | 000,000,220 | ---- | M] () -- C:\aaw7boot.log [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-10-17 11:19:51 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2008-09-27 12:40:24 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2008-09-27 12:40:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008-09-27 12:40:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-03-15 20:52:26 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\agp440.sys [2004-08-03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2004-08-03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\winlogon.exe < End of report > [/log] I jeszcze Extras ; [log]OTL Extras logfile created on: 2011-03-15 21:31:42 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\start\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 1,44 Gb Free Space | 2,95% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 19,75 Gb Free Space | 20,23% Space Free | Partition Type: NTFS Drive E: | 86,39 Gb Total Space | 29,35 Gb Free Space | 33,97% Space Free | Partition Type: NTFS Drive F: | 597,94 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SUKINSYNA | User Name: start | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster "57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster "57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster "57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "56795:TCP" = 56795:TCP:*:Enabled:Pando Media Booster "56795:UDP" = 56795:UDP:*:Enabled:Pando Media Booster "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "20490:TCP" = 20490:TCP:*:Enabled:BitComet 20490 TCP "20490:UDP" = 20490:UDP:*:Enabled:BitComet 20490 UDP "25828:TCP" = 25828:TCP:*:Enabled:BitComet 25828 TCP "25828:UDP" = 25828:UDP:*:Enabled:BitComet 25828 UDP "57987:TCP" = 57987:TCP:*:Enabled:Pando Media Booster "57987:UDP" = 57987:UDP:*:Enabled:Pando Media Booster "7517:TCP" = 7517:TCP:*:Enabled:BitComet 7517 TCP "7517:UDP" = 7517:UDP:*:Enabled:BitComet 7517 UDP "27416:TCP" = 27416:TCP:*:Enabled:BitComet 27416 TCP "27416:UDP" = 27416:UDP:*:Enabled:BitComet 27416 UDP "57683:TCP" = 57683:TCP:*:Enabled:Pando Media Booster "57683:UDP" = 57683:UDP:*:Enabled:Pando Media Booster "7473:TCP" = 7473:TCP:*:Enabled:BitComet 7473 TCP "7473:UDP" = 7473:UDP:*:Enabled:BitComet 7473 UDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\lxdecoms.exe" = C:\WINDOWS\system32\lxdecoms.exe:*:Enabled:Lexmark Communications System -- ( ) "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe" = C:\Program Files\Lexmark 4800 Series\lxdeamon.exe:*:Enabled:Lexmark Device Monitor -- () "C:\Program Files\Lexmark 4800 Series\frun.exe" = C:\Program Files\Lexmark 4800 Series\frun.exe:*:Enabled:Lexmark Productivity Studio -- () "C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader "C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe" = C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software -- () "C:\Program Files\Lexmark 4800 Series\lxdemon.exe" = C:\Program Files\Lexmark 4800 Series\lxdemon.exe:*:Enabled:Printer Device Monitor -- () "C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe" = C:\Documents and Settings\start\Ustawienia lokalne\Temp\lxde\wireless\POLISH\lxdewpss.exe:*:Enabled: "C:\WINDOWS\system32\lxdecfg.exe" = C:\WINDOWS\system32\lxdecfg.exe:*:Enabled:Printer Communication System -- ( ) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe:*:Enabled:Printer Status Window Interface -- () "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.) "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe:*:Enabled:Job Status Window Interface -- () "C:\Program Files\GameSpy\Comrade\Comrade.exe" = C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade -- (IGN Entertainment Inc.) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdewbgw.exe:*:Enabled:Lexmark Web Gateway -- () "C:\Program Files\Xfire\xfire.exe" = C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "D:\Program Files\Gpotato\Flyff\Flyff.exe" = D:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff -- () "C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.) "C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks) "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks) "E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.) "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- () "E:\Program Files\Cyanide\GameCenter\GameCenter.exe" = E:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter "E:\Program Files\Cyanide\Loki\Loki.exe" = E:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki "E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe" = E:\Program Files\Cyanide\Loki\Autorun\Autorun.exe:*:Enabled:Loki - AutoRun "C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm" = C:\Program Files\Gameforge4D\AirRivals_EN\Launcher.atm:Enabled:GameExe2 "C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe" = C:\Program Files\Gameforge4D\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "E:\GW Movie Arts\Combat Arms EU\CombatArms.exe" = E:\GW Movie Arts\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\GW Movie Arts\Combat Arms EU\Engine.exe" = E:\GW Movie Arts\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\GW Movie Arts\Combat Arms EU\NMService.exe" = E:\GW Movie Arts\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com) "C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe" = C:\Program Files\Techland\Call of Juarez - Wiezy Krwi\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Więzy Krwi "E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe" = E:\Program Files\Steam\SteamApps\common\dragon age orgins character creator\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Character Creator "C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "D:\Program Files\Dragon Age\bin_ship\daorigins.exe" = D:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Początek Gra -- (BioWare) "D:\Program Files\Dragon Age\DAOriginsLauncher.exe" = D:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Początek Program startowy -- (BioWare) "D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = D:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Początek Aktualizator -- (BioWare) "C:\Program Files\WarRock\WRLauncher.exe" = C:\Program Files\WarRock\WRLauncher.exe:*:Enabled:War Rock "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "E:\Program Files\Far Cry 2\bin\FarCry2.exe" = E:\Program Files\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "E:\Program Files\Far Cry 2\bin\FC2Launcher.exe" = E:\Program Files\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "E:\Program Files\Far Cry 2\bin\FC2Editor.exe" = E:\Program Files\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment) "E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer "E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = E:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- () "C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- () "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH) "E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- () "C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe" = C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- () "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Documents and Settings\start\Pulpit\facebook-pic000163927.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- () "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_87772.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_07673.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_46101.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_83488.exe:*:C:\WINDOWS\microsoft.exe "C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe" = C:\DOCUME~1\start\USTAWI~1\Temp\eraseme_14663.exe:*:C:\WINDOWS\microsoft.exe [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock "{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{049d411d-6564-4638-96d2-41a27817a181}" = Nero 9 Essentials "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{0D8E15E1-350B-4DF5-8D76-58E429157458}" = Lineage "{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17 "{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0 "{17145977-D875-4B1D-942F-9E5930823E02}_is1" = Gods - Kraina Nieskończoności "{17D60B8C-927A-06CE-9AC5-B1949964EF15}" = Catalyst Control Center Core Implementation "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7 "{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = Spellforce 2 - Czas Mrocznych Wojen "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{21BB0483-3D43-46A7-A63F-72C702701438}" = GameShadow "{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11 "{285139D9-633F-4674-8FA3-DB94B356FA82}_is1" = Mafia Tycoon "{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver "{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio "{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.3 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser "{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{430B1017-1B12-420C-8F27-05D0EC2995E0}" = Lineage II "{46301B1E-8962-4672-B5A2-0636BA3C48F4}" = Melodyne 3.2 Demo "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4DBF3C3D-5B6D-45B2-A08B-B06490E2666F}_is1" = Wru! 1.0.4 "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Trust Webcam 14823 "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010 "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher "{66BA35B0-1911-47EF-B170-1DCFFDA362F1}" = AmpliTube Jimi Hendrix "{674FD2DC-B87D-D5B4-AF07-73AE91974301}" = Catalyst Control Center HydraVision Full "{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1" = Moyea Flash Video MX Pro Version: 5.0.9.0 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver "{7ADFF9AF-B9D8-FC53-0377-AFDDCBE8929E}" = Catalyst Control Center Graphics Full New "{7D979C05-1742-1AE1-E61A-25A33449AF44}" = Catalyst Control Center Graphics Previews Common "{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2 "{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0520.1 "{828B0E1B-C6B0-42E5-B2A3-C50E7820C077}" = IPSwitcher Basic "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8396DF41-E71D-7170-A03A-A0A2D8633B57}" = Catalyst Control Center Graphics Full Existing "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{93543036-BAD7-4B53-B45E-306B21202727}" = Piraci Nowego Świata 2 - Dwa skarby "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9811DA63-C6B4-426E-859E-12A2393DDB31}" = LanSpeed2 v3.0.7 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C6F9C01-FE98-90B4-36BD-5CCC4A8A1AA8}" = ccc-core-preinstall "{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}" = AmpliTube Metal "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek "{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B6685367-A8AD-4414-A2A3-10B40EC5CF30}" = SharpKeys "{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.8.7 "{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BF605A48-663D-AA9A-F128-95ED7F2C6413}" = Skins "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C28FC5E5-86EE-B4B5-044A-E484E78F9C7B}" = CCC Help English "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio "{C6752201-DC16-C30F-478C-36EC595BEFDB}" = ccc-core-static "{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2 "{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4 "{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}" = AmpliTube2 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX "{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0 "{D0A85D80-425F-CBB2-B35A-69EFD283DF39}" = ccc-utility "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D52D5D70-6F8F-4690-8559-18D5EAC8B19F}" = XIII "{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA "{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64 "{E397F6F0-AEE4-4236-BB05-1351350F8365}" = War Rock "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (JDownloader Edition) 2.1 "{E5CFDA19-A86E-4276-AB8E-5165E2FC98B8}" = Hero_Online "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EC9A0711-9823-4DD2-83C4-039886A3ECF6}" = Melodyne 3.2 Demo "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = StarCam Sports Football 300K "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam "{F7D689BA-E7DE-4727-9F8D-936B6C30A53A}" = Rapidshare Auto Downloader 3.6.2 "{F8CF44C8-6295-417B-8B04-AAB39F1BB649}_is1" = Call of Juarez SP Demo "{FE6FD041-F8D2-1323-178C-7C71C1980C51}" = Catalyst Control Center Graphics Light "{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Acoustica Beatcraft" = Acoustica Beatcraft "Acoustica Effects Pack" = Acoustica Effects Pack "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AirRivals_EN_is1" = AirRivals_EN 1.0.0.35 "Aiseesoft DVD to MP4 Converter_is1" = Aiseesoft DVD to MP4 Converter "All ATI Software" = ATI - Software Uninstall Utility "Any Video Converter_is1" = Any Video Converter 3.1.7 "AP Guitar Tuner 1.02" = AP Guitar Tuner 1.02 "AP Tuner 3.08" = AP Tuner 3.08 "AQQ" = WapSter AQQ "Arial Sound Recorder_is1" = Arial Sound Recorder version 1.7.5 "ASIO4ALL" = ASIO4ALL "ATI Display Driver" = ATI Display Driver "Audacity_is1" = Audacity 1.2.6 "AV Voice Changer Software 3.0" = AV Voice Changer Software 3.0 "AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0 "AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0 "AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0 "Avidemux 2.5" = Avidemux 2.5 "AviSynth" = AviSynth 2.5 "BitComet" = BitComet 1.22 "BrainWave Generator" = BrainWave Generator "CasinoEuroPoker" = CasinoEuroPoker (remove only) "CDex" = CDex extraction audio "cFosSpeed" = cFosSpeed v5.12 "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Combat Arms EU" = Combat Arms EU "conduitEngine" = Conduit Engine "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "Counter-Strike 1.6 v32" = Counter-Strike 1.6 v32 "Cpukiller3_is1" = Cpukiller3 v1.0.5 "CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1 "Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.1.2.43 "DirectX10 for Windows XP - Win2000, 2003,..._is1" = DirectX10 RC2 Pre Fix 3 "Drumtronic" = Drumtronic "DVD To AVI Converter_is1" = DVD To AVI Converter 1.00 "E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 4.1) "EarMaster Essential 5_is1" = EarMaster Essential 5 "Easy Video Splitter_is1" = Easy Video Splitter 1.28 "easyCALL_is1" = easyCALL "eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook! "ESET Online Scanner" = ESET Online Scanner v3 "ET3DEMO" = English Translator 3 Demo "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "ExpressBurn" = Express Burn "ExpressRip" = Express Rip "F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.3) "FlightGear_is1" = FlightGear v0.9.10 "Fraps" = Fraps (remove only) "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Gadu-Gadu 10" = Gadu-Gadu 10 "Game Booster_is1" = Game Booster "GameCenter" = GameCenter "GamersFirst LIVE!" = GamersFirst LIVE! "GamersFirst War Rock" = War Rock "GameTracker Lite" = GameTracker Lite "Gates of Troy_is1" = Gates of Troy "Guild Wars" = Guild Wars "Guitar FX BOX 2.8" = Guitar FX BOX 2.8 "Guitar Pro 5_is1" = Guitar Pro 5.2 "GuitarSpeedTrainer_is1" = GST 2.3.8.4 "Gunz" = ijji - Gunz "Hamachi" = Hamachi 1.0.2.5 "Hitman: Kontrakty" = Hitman: Kontrakty "Hydrogen" = Hydrogen "Icy Tower v1.3.1_is1" = Icy Tower v1.3.1 "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam "InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi "Internet Download Manager" = Internet Download Manager "ipla" = ipla 2.2 "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "KeyFinder_is1" = Magical Jelly Bean KeyFinder "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Lexmark 4800 Series" = Lexmark 4800 Series "Lexmark Fax Solutions" = Oprogramowanie faksowe Lexmark "Line 6 Uninstaller" = Line 6 Uninstaller "Lineage 2 Frintezza Full" = Lineage 2 Frintezza Full 1.2 "Loki_is1" = Loki "Magic Mirror_is1" = Magic Mirror 3.0 "Magic Video Batch Converter_is1" = Magic Video Batch Converter 3.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser "MojDzwonek.com" = MojDzwonek.com - konwerter dzwonków TrueTone "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "MP3 CD Doctor Lite_is1" = MP3 CD Doctor "MP3 Encoder" = LS MP3 Encoder "MPEG4 Direct Maker" = MPEG4 Direct Maker "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MyWebSearch bar Uninstall" = My Web Search (Smiley Central) "Native Instruments Controller Editor" = Native Instruments Controller Editor "Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3 "Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4 "Native Instruments Guitar Rig Session IO Driver" = Native Instruments Guitar Rig Session IO Driver "Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver "Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver "Native Instruments Service Center" = Native Instruments Service Center "Native Instruments Session IO Driver" = Native Instruments Session IO Driver "Neffy" = Neffy 1,3,29,0 "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "Nero7Lite_is1" = Nero 7 Lite 7.10.1.0 "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Orb" = Winamp Remote "Pacific Warriors" = Pacific Warriors "PingPlotter Standard" = PingPlotter Standard 3.30.1s "Pool of Radiance" = Pool of Radiance "Postal 2 Demo" = Postal 2 Demo "Postal 2 Share The Pain" = Postal 2 Share The Pain "Postal 2 STP - Free Multiplayer Edition" = Postal 2 STP - Free Multiplayer Edition "Przyspiesz Komputer_is1" = Przyspiesz Komputer "PunkBusterSvc" = PunkBuster Services "QuickPar" = QuickPar 0.9 "rayman2" = rayman2 "RealPlayer 6.0" = RealPlayer "REAPER" = REAPER "ReValver" = ReValver "ReValver Mk II_is1" = ReValver Mk II "Rohan_USA" = Rohan_USA "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SeaDogs" = SeaDogs "SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only) "Silkroad" = Silkroad "SkanerOnline" = Skaner on-line mks_vir "SMS Pilot_is1" = SMS Pilot 1.06 build 003 "SnadBoy's Revelation v2" = SnadBoy's Revelation v2 "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Spartan_is1" = Spartan "SpeedBit Video Accelerator" = SpeedBit Video Accelerator "SpeedBit Video Downloader" = SpeedBit Video Downloader "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 630" = Alien Swarm "Tactical Ops" = Tactical Ops "TallStick TS-AudioToMIDI 3.30" = TallStick TS-AudioToMIDI 3.30 (remove only) "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Tengwar Scribe" = Tengwar Scribe "The Witcher - Doppler's Essence Mod_is1" = EoD ver 1.0.0.0 "Tibia_is1" = Tibia "Tomb Raider: Underworld Demo" = Tomb Raider: Underworld Demo 1.0 "Tunatic" = Tunatic "Ultra MP4 Video Converter_is1" = Ultra MP4 Video Converter 5.2.0603 "Videora iPod Converter" = Videora iPod Converter 4.07 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VS Online_is1" = VS Online 1.54 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WheelMouse" = Smart-X7 7.80 "WIC" = Windows Imaging Component "Winamp Toolbar" = Winamp Toolbar "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinGimp-2.0_is1" = GIMP 2.4.1 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 "Xfire" = Xfire (remove only) "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "YouTube Downloader App" = YouTube Downloader App 1.02 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-854245398-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "2a4f70b48f669acd" = AA3Deploy "BitTorrent" = BitTorrent 6.0 "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome "TeamSpeak 3 Client" = TeamSpeak 3 Client "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 07:39:20 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 07:39:57 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Operacja została zwrócona, ponieważ przekroczono limit czasu. Error - 2011-03-13 17:50:02 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. Error - 2011-03-13 17:50:03 | Computer Name = SUKINSYNA | Source = crypt32 | ID = 131080 Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>, wystąpił błąd: Określony serwer nie może wykonać żądanej operacji. [ System Events ] Error - 2011-03-13 17:07:22 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa COM nagrywania dysków CD IMAPI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-13 17:17:30 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-13 17:42:37 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023 Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-03-13 17:47:20 | Computer Name = SUKINSYNA | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 10.10.0.2 dla karty sieciowej o adresie 001FD0890F66 został zabroniony przez serwer DHCP 10.10.0.1 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-03-13 17:51:42 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa McAfee Security Scan Component Host Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7023 Description = Usługa HID Input Service zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-03-15 15:23:18 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi My Web Search Service z powodu następującego błędu: %%2 Error - 2011-03-15 15:23:24 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7034 Description = Usługa cFosSpeed System Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-15 15:53:02 | Computer Name = SUKINSYNA | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Fips intelppm StarOpen Error - 2011-03-15 15:53:08 | Computer Name = SUKINSYNA | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} < End of report > [/log]
Tomek01 komentarz 16 marca 2011 komentarz 16 marca 2011 Przechodzisz do trybu awaryjnego, uruchamiasz OTL, w oknie Custom scan/fixes wklej: [code]:OTL PRC - [2011-03-15 17:53:13 | 000,159,744 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe PRC - [2011-03-14 20:13:32 | 000,172,032 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\dwm.exe PRC - [2011-03-12 14:58:02 | 000,177,664 | -H-- | M] () -- C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService) IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) [2009-09-25 18:26:19 | 000,000,000 | -H-D | M] (Winamp Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010-05-06 19:55:10 | 000,000,000 | -H-D | M] (RadioBar Toolbar) -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\extensions\radiobar@toolbar [2010-10-19 20:29:36 | 000,000,933 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\conduit.xml [2010-05-06 20:14:20 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\start\Dane aplikacji\Mozilla\Firefox\Profiles\myf0b96k.default\searchplugins\web-search.xml O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - Reg Error: Value error. File not found O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [conhost] C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe ()O4 - HKLM..\Run: [Microsoft Driver Setup] C:\WINDOWS\microsoft.exe (Kxcesobjn Software) O4 - HKLM..\Run: [My Web Search Bar] File not found O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKLM..\Run: [Regedit32] File not found O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe () O4 - HKU\.DEFAULT..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKU\S-1-5-18..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals) O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [JP595IR86O] File not found O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe () O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe (NetInternals)O4 - HKU\S-1-5-21-854245398-2077806209-725345543-1003..\Run: [wuaucldt] c:\Documents and Settings\start\wuaucldt.exe () F3 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 WinNT: Load - (C:\DOCUME~1\start\USTAWI~1\Temp\csrss.exe) - C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe () O20 - HKU\S-1-5-21-854245398-2077806209-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\start\Dane aplikacji\dwm.exe) - C:\Documents and Settings\start\Dane aplikacji\dwm.exe () MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - File not found MsConfig - StartUpReg: cdoosoft - hkey= - key= - File not found :Files C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe C:\WINDOWS\System32\adobearp.exe C:\Documents and Settings\All Users\Dane aplikacji\~16113460r C:\Documents and Settings\All Users\Dane aplikacji\~16113460 C:\Documents and Settings\All Users\Dane aplikacji\16113460 C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe C:\WINDOWS\wibrf.jpg C:\WINDOWS\wiybr.png C:\WINDOWS\tasks\yyki.job C:\Documents and Settings\All Users\Dane aplikacji\~13492020 C:\Documents and Settings\All Users\Dane aplikacji\13492020 C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe C:\Documents and Settings\start\Dane aplikacji\3AA2.398 C:\WINDOWS\microsoft.exe C:\Documents and Settings\start\wuaucldt.exe C:\WINDOWS\System32\wuaucldt.exe C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk C:\WINDOWS\System32\drivers\wcscd.sys C:\Documents and Settings\start\Dane aplikacji\dwm.exe C:\WINDOWS\ndl.dl C:\WINDOWS\nvsvc32.exe C:\WINDOWS\System32\wship6C.dll C:\WINDOWS\Kneqoa.exe C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe c:\documents and settings\start\Dane aplikacji\PriceGong C:\Qoobox C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej: [code]:File C:\WINDOWS\System32\ativvaxx.cap[/code] Wciśnij look, pokaż co wyskoczyło.
AveX komentarz 16 marca 2011 Autor komentarz 16 marca 2011 Niestety po wklejeniu tego kodu do OTL i Run Script, wywala mnie z awaryjnego do niebieskiego ekranu z napisami o błędzie systemu, i żeby uruchomić ponownie kompa, SystemLook 04.09.10 by jpshortstuff Log created at 23:53 on 16/03/2011 by start Administrator - Elevation successful ========== File ========== C:\WINDOWS\System32\ativvaxx.cap - File found and opened. MD5: 4A7E424F7A9586EC6E77D63F8CE7D880 Created at 19:53 on 16/03/2009 Modified at 22:48 on 16/03/2011 Size: 173776 bytes Attributes: --a---- No version information available. -= EOF =- To mam po zrobieniu tego SystemLook.
Tomek01 komentarz 17 marca 2011 komentarz 17 marca 2011 W trybie awaryjnym wykonaj poniższe czynności. Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b] W polu ‘’ input script here’’ wklej taki tekst : [code]Files to delete: C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe C:\WINDOWS\System32\adobearp.exe C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe C:\WINDOWS\tasks\yyki.job C:\Documents and Settings\start\Dane aplikacji\dwm.exe C:\WINDOWS\microsoft.exe C:\WINDOWS\System32\drivers\wcscd.sys C:\WINDOWS\System32\wuaucldt.exe C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk C:\Documents and Settings\start\Dane aplikacji\dwm.exe C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe C:\WINDOWS\wibrf.jpg C:\WINDOWS\wiybr.png C:\WINDOWS\ndl.dl C:\WINDOWS\nvsvc32.exe C:\WINDOWS\System32\wship6C.dll C:\WINDOWS\Kneqoa.exe C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job C:\WINDOWS\Tasks\yyki.job C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job Folders to delete: C:\Documents and Settings\All Users\Dane aplikacji\~16113460r C:\Documents and Settings\All Users\Dane aplikacji\~16113460 C:\Documents and Settings\All Users\Dane aplikacji\16113460 C:\Documents and Settings\All Users\Dane aplikacji\~13492020 C:\Documents and Settings\All Users\Dane aplikacji\13492020 C:\Documents and Settings\start\Dane aplikacji\3AA2.398 C:\Qoobox Registry keys to delete: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe Registry values to delete: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | wuaucldt HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | wuaucldt Drivers to delete: MyWebSearchService wuaucldt wjfrjCrTGl Flwgw JP595IR86O[/code] Klikasz execute, komputer uruchamia się ponownie i generuje raport, który pokaż na forum. Do tego nowe logi OTL i RIT>
AveX komentarz 18 marca 2011 Autor komentarz 18 marca 2011 [log]////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Dodatek Service Pack 2) Fri Mar 18 18:31:36 2011 18:31:33: Error: Invalid registry syntax in command: "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt" Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program. Skipping line. (Registry value deletion mode) 18:31:36: Error: Execution aborted by user! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Dodatek Service Pack 2) Fri Mar 18 18:31:52 2011 18:31:45: Error: Invalid registry syntax in command: "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt" Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program. Skipping line. (Registry value deletion mode) ////////////////////////////////////////// Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\Documents and Settings\start\Dane aplikacji\Flwgwl.exe" deleted successfully. File "C:\Documents and Settings\All Users\Dane aplikacji\wjfrjCrTGl.exe" deleted successfully. File "C:\WINDOWS\System32\adobearp.exe" deleted successfully. Error: file "C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe" not found! Deletion of file "C:\Documents and Settings\All Users\Dane aplikacji\16113460.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe" not found! Deletion of file "C:\Documents and Settings\All Users\Dane aplikacji\13492020.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\tasks\yyki.job" not found! Deletion of file "C:\WINDOWS\tasks\yyki.job" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" not found! Deletion of file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\microsoft.exe" not found! Deletion of file "C:\WINDOWS\microsoft.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\System32\drivers\wcscd.sys" deleted successfully. File "C:\WINDOWS\System32\wuaucldt.exe" deleted successfully. File "C:\Documents and Settings\start\Pulpit\Windows Diagnostic.lnk" deleted successfully. Error: file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" not found! Deletion of file "C:\Documents and Settings\start\Dane aplikacji\dwm.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe" not found! Deletion of file "C:\Documents and Settings\start\Dane aplikacji\Microsoft\conhost.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe" not found! Deletion of file "C:\Documents and Settings\start\Ustawienia lokalne\Temp\csrss.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\wibrf.jpg" not found! Deletion of file "C:\WINDOWS\wibrf.jpg" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\wiybr.png" not found! Deletion of file "C:\WINDOWS\wiybr.png" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\ndl.dl" not found! Deletion of file "C:\WINDOWS\ndl.dl" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "C:\WINDOWS\nvsvc32.exe" not found! Deletion of file "C:\WINDOWS\nvsvc32.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\System32\wship6C.dll" deleted successfully. File "C:\WINDOWS\Kneqoa.exe" deleted successfully. File "C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe" deleted successfully. Error: file "C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" not found! Deletion of file "C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job" deleted successfully. File "C:\WINDOWS\tasks\WGASetup.job" deleted successfully. File "C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job" deleted successfully. File "C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job" deleted successfully. File "C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job" deleted successfully. File "C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job" deleted successfully. File "C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003UA.job" deleted successfully. File "C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-2077806209-725345543-1003Core.job" deleted successfully. Error: file "C:\WINDOWS\Tasks\yyki.job" not found! Deletion of file "C:\WINDOWS\Tasks\yyki.job" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job" deleted successfully. Error: "C:\Documents and Settings\All Users\Dane aplikacji\~16113460r" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~16113460r" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Error: "C:\Documents and Settings\All Users\Dane aplikacji\~16113460" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~16113460" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Error: "C:\Documents and Settings\All Users\Dane aplikacji\16113460" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\16113460" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Error: "C:\Documents and Settings\All Users\Dane aplikacji\~13492020" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\~13492020" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Error: "C:\Documents and Settings\All Users\Dane aplikacji\13492020" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\All Users\Dane aplikacji\13492020" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Error: "C:\Documents and Settings\start\Dane aplikacji\3AA2.398" is not a folder! It may instead be a file. Deletion of folder "C:\Documents and Settings\start\Dane aplikacji\3AA2.398" failed! Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY) --> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file Folder "C:\Qoobox" deleted successfully. Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\MyWebSearchService" not found! Deletion of driver "MyWebSearchService" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\wuaucldt" not found! Deletion of driver "wuaucldt" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\wjfrjCrTGl" not found! Deletion of driver "wjfrjCrTGl" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\Flwgw" not found! Deletion of driver "Flwgw" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\JP595IR86O" not found! Deletion of driver "JP595IR86O" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:\Documents and Settings\start\Menu Start\Programy\Autostart\smgr34.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Registry value "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|wuaucldt" deleted successfully. Completed script processing. ******************* Finished! Terminate. [/log] Nic to nie dało bo dalej się dzieje co się działo :/
Tomek01 komentarz 18 marca 2011 komentarz 18 marca 2011 Zapomniałem, że Avenger usuwa wpisy rejestru tylko z HKEY_LOCAL_MACHINE. Spróbujmy jeszcze tak, Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach. Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i jakby coś wykryły raporty pokaż na forum. Jeśli tak nie pójdzie będziemy myśleć. Czy próbowałeś przywrócić system do wcześniejszego stanu ?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.