baluk94 utworzono 18 marca 2011 utworzono 18 marca 2011 witam.Ostatnio komputer mi zaczął zamulać i nie loguje mnie na niektóre strony.Podaje loga z OTL.Z RSIT nie mogę dać bo system nie chce mi uruchomić tego programu.Wyświetla okno błędu z informacją ze RSIT.EXE jest nieprawidłową aplikacją systemu WIN32. Skanowałem komputer ESET online i znalazł 4 wirusy z czego usunął 3 a jednego nie mógł.W systemie używam AVASTA. [log]OTL logfile created on: 2011-03-18 21:33:25 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 2,34 Gb Free Space | 7,86% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,96% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-03-06 14:08:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-03-06 14:07:58 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-01-02 09:11:58 | 001,116,080 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-10-20 19:14:12 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-02-18 10:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2010-02-18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-06 18:56:22 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-05-03 05:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-11-05 19:00:00 | 000,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-07-28 00:03:34 | 000,075,128 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2003-08-15 08:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002-08-21 05:13:12 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-02-06 18:59:16 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 029,388,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 002,570,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:56 | 001,524,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-03-20 08:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-15 09:54:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-07-28 00:02:34 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2007-07-28 00:00:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2007-07-27 23:59:57 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2007-07-27 23:58:36 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2003-08-15 08:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-08-14 16:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-08-05 07:14:32 | 000,077,056 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb&sysid=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb&sysid=1 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaulturl: "http://www.dymasearch.com/search.php?src=tops&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590 FF - prefs.js..extensions.enabledItems: {9d2373fb-5f12-c520-8edb-950fb5ed88d9}:4.6.6.3 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:3.1.0.24 FF - prefs.js..keyword.URL: "http://search.imesh.com/web?src=ffb&systemid=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-06 14:08:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-06 14:08:08 | 000,000,000 | ---D | M] [2011-01-17 20:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2011-03-18 20:53:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions [2011-01-17 20:30:17 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} [2010-05-15 09:55:02 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com [2010-10-20 19:11:05 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\eafo3fflauncher@ea.com [2011-02-10 00:01:45 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com [2011-03-18 21:18:42 | 000,002,556 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\askcom.xml [2010-05-15 09:54:50 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\daemon-search.xml [2010-09-02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\iMeshWebSearch.xml [2010-05-21 19:25:45 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\Search.xml [2011-03-18 20:53:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-05-21 19:25:49 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{9d2373fb-5f12-c520-8edb-950fb5ed88d9} [2010-06-13 11:03:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-17 20:30:23 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION [2010-06-13 11:02:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-11-16 16:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2011-03-06 14:08:02 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-03-06 14:08:02 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-09-02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml [2011-03-06 14:08:02 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-03-06 14:08:02 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-03-06 14:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-03-06 14:08:02 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll () O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll () O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Surfbar] C:\Program Files\Surfbar\SurfBar.exe () O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKCU..\Run: [ares ultra] C:\Program Files\Ares Ultra\Ares Ultra.exe () O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [VistaDriveIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.254 82.160.29.254 213.199.225.14 O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\Resources\Logons\Energy.exe) - C:\WINDOWS\Resources\Logons\Energy.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\Shell - "" = Autorun O33 - MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group) MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]DriverScanner[/b] - hkey= - key= - C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-18 21:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MadCaps [2011-03-18 21:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\MadCaps [2011-03-18 21:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2011-03-18 17:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GameHouse [2011-03-18 17:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Opera [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2011-03-12 21:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011-03-05 18:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\My Shared Folder [2011-01-30 22:34:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine [2011-01-30 22:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2011-01-30 22:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong [2011-01-30 22:32:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\imeshbandmltbpi [2004-11-11 20:26:51 | 000,606,208 | ---- | C] (CyberLink Corporation) -- C:\Program Files\DVD_RES.dll [2004-11-11 20:26:51 | 000,077,824 | ---- | C] (CyberLink Corporation) -- C:\Program Files\PwrDVDRC.dll [2004-11-11 20:26:51 | 000,016,384 | ---- | C] (CyberLink Corporation) -- C:\Program Files\OSD_MLang.dll [2004-11-11 20:26:50 | 000,770,048 | ---- | C] (CyberLink Corporation) -- C:\Program Files\UI_RES.dll [2004-11-11 20:26:50 | 000,323,584 | ---- | C] (CyberLink Corp.) -- C:\Program Files\ddtester.exe [2004-11-11 20:26:50 | 000,274,432 | ---- | C] (CyberLink Corp.) -- C:\Program Files\CLDMA.exe [2004-11-11 20:26:50 | 000,167,936 | ---- | C] (CyberLink Corp.) -- C:\Program Files\cltest.exe [2004-11-11 20:26:50 | 000,012,288 | ---- | C] (CyberLink Corporation) -- C:\Program Files\AppBarCom_RES.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-03-18 21:13:53 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 21:05:35 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 21:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-03-18 20:42:19 | 000,186,602 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-03-18 20:42:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-18 20:42:10 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2011-03-18 17:45:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-17 20:43:42 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-16 19:29:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-13 10:15:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-12 21:42:02 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 22:59:31 | 700,668,948 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-03 20:25:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-03-01 19:08:25 | 000,464,896 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-02 20:46:08 | 000,547,210 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-18 21:13:53 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 17:47:22 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 17:45:40 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-12 21:42:02 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-03-12 21:42:02 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 21:55:53 | 700,668,948 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-01 18:57:30 | 000,464,896 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-27 13:02:57 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-02-03 17:39:15 | 000,547,210 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [2010-10-20 19:14:33 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys [2010-10-20 19:14:33 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-10-20 19:14:15 | 000,214,592 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-10-20 19:14:12 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2010-10-20 19:14:12 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-05-21 19:25:50 | 000,103,323 | ---- | C] () -- C:\WINDOWS\System32\25aca003-b42b-5f3f-fe88-eb76e9be4150.exe [2010-05-13 10:26:21 | 000,169,207 | ---- | C] () -- C:\WINDOWS\hpoins27.dat [2010-05-13 10:26:21 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat [2010-02-15 21:46:13 | 000,049,953 | ---- | C] () -- C:\Program Files\Uninstal.exe [2010-02-08 18:53:54 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-02-07 18:25:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-02-07 18:25:53 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-06 18:18:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-02-06 18:10:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\auto.exe [2010-02-06 18:07:40 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-06 18:04:16 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-02-06 18:03:11 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-02-06 17:51:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-02-06 17:25:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-02-06 17:18:53 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-05-03 05:46:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-05-03 05:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-05-03 05:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008-05-03 05:46:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-11-05 19:00:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-02-15 16:24:48 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 15:15:16 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 15:15:16 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 20:30:24 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 20:30:22 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-05-15 09:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-06 18:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-01-17 20:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iMesh [2010-02-06 18:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-12-31 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-01-17 20:30:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{078F079E-0CB1-442E-A354-2D20AD5AD538} [2010-07-12 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-02-08 19:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Desktopicon [2010-12-17 21:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DMCache [2011-02-17 17:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10 [2010-05-03 14:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2010-12-17 21:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\IDM [2011-01-30 22:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\imeshbandmltbpi [2010-06-12 17:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-06-21 20:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Leadertech [2011-03-06 21:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\mediabarim [2010-06-29 11:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2011-03-12 21:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2011-03-06 21:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong [2010-11-11 16:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\StepMania 4 [2010-12-21 18:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Uniblue [2011-03-18 21:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-12-22 18:56:38 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-03-18 20:42:10 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2010-02-06 17:22:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-06 17:22:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-03-18 20:42:09 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009-11-13 23:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2009-11-13 23:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2011-03-18 21:33:25 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 2,34 Gb Free Space | 7,86% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,96% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Ares Ultra\Ares Ultra.exe" = C:\Program Files\Ares Ultra\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows -- () "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe" = C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\EA Sports\FIFA Online\NFE.exe" = C:\Program Files\EA Sports\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online "C:\Program Files\StepMania 4\Program\StepMania.exe" = C:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania -- (http://www.stepmania.com) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{21A6E85C-0310-4623-BE61-35DFE2F9AA88}" = USB Dual Vibration Joystick - Twin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5BAE938E-3B49-424B-9566-40810E138DA3}" = Twierdza Deluxe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 Premium "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{9B85588D-65F0-4A8E-B551-EF8727797512}_is1" = Testy Gimnazjalne 2010 "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E5B77685-3AEB-432D-8F73-29FEEEE89613}" = Twierdza Krzyżowiec "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "25aca003-b42b-5f3f-fe88-eb76e9be4150" = Contextual Tracker Dymanet "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Ares" = Ares 2.1.7 "Ares Ultra_is1" = Ares Ultra 4.1.0 "AutocompletePro3_is1" = AutocompletePro "avast!" = avast! Antivirus "AVIcodec" = AVIcodec (remove only) "CDex" = CDex "conduitEngine" = Conduit Engine "Crystal Player" = Crystal Player Professional 1.97 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.3.4 "eBay Icon" = eBay Icon "Energize" = Energize "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow" = ffdshow "FormatFactory" = FormatFactory 2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "iMesh" = iMesh "iMesh 1 MediaBar" = MediaBar "InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "ipla" = ipla 2.1.2 "JDownloader" = JDownloader "MadCaps_is1" = MadCaps "McAfee Security Scan" = McAfee Security Scan Plus "MediaCoder" = MediaCoder 0.6.0 "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "MV2Player" = MV2Player (remove only) "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.01.1190" = Opera 11.01 "Picasa 3" = Picasa 3 "PowerDVD 6" = PowerDVD 6 "PunkBusterSvc" = PunkBuster Services "Rapid Express_is1" = Rapid Express "RealAlt_is1" = Real Alternative 2.0.1 "RocketDock_is1" = RocketDock 1.3.5 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6 "StepMania 4" = StepMania 4 alpha 5 (remove only) "Surfbar_is1" = Surfbar "The Sims_is1" = The Sims "Total Video Converter 3.02_is1" = Total Video Converter 3.02 "VLC media player" = VideoLAN VLC media player 0.8.5 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (4.2.0) Trial Version "Zuma Deluxe" = Zuma Deluxe [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-12-17 16:06:29 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca gg.exe, wersja 10.3.1.12096, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-12-23 17:49:02 | Computer Name = MATEUSZ-8EB5869 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-24 11:10:18 | Computer Name = MATEUSZ-8EB5869 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-24 17:51:21 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6" Error - 2011-01-14 12:44:55 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.7.2830, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00011430. Error - 2011-01-31 09:08:49 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, moduł powodujący błąd libavcodec.dll, wersja 0.0.0.0, adres błędu 0x00266bd8. Error - 2011-02-27 08:01:38 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-02-28 15:55:08 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. Error - 2011-03-03 14:08:25 | Computer Name = MATEUSZ-8EB5869 | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-03-06 17:00:02 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2011-03-12 13:48:40 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-13 04:58:39 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-13 16:19:18 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-14 12:30:03 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-14 14:58:42 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-15 14:02:18 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-16 14:31:15 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-17 14:18:04 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 12:10:21 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 15:44:24 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. < End of report > [/log] Za pomoc dziekuję !
Tomek01 komentarz 18 marca 2011 komentarz 18 marca 2011 Odinstaluj iMesh Application\MediaBar, DAEMON Tools Toolbar, Ask Toolbar, Softonic-Polska Toolbar. Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. Nie odpinaj go, w OTL, w oknie Custom scan/fixes wklej: [code]:OTL PRC - [2011-01-02 09:11:58 | 001,116,080 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh....src=ssb&sysid=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh....src=ssb&sysid=1 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaulturl: "http://www.dymasearch.com/search.php?src=tops&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..keyword.URL: "http://search.imesh.com/web?src=ffb&systemid=1&q=" [2011-01-17 20:30:17 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} [2010-05-15 09:55:02 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com [2011-02-10 00:01:45 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com [2011-03-18 21:18:42 | 000,002,556 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\askcom.xml [2010-05-15 09:54:50 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\daemon-search.xml [2010-09-02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\iMeshWebSearch.xml [2010-05-21 19:25:45 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\Search.xml [2011-01-17 20:30:23 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION [2010-09-02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll () O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll () O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O33 - MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\Shell - "" = Autorun O33 - MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs O33 - MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\Shell\open\Command - "" = WScript.exe .\`.vbs [2011-01-30 22:34:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine [2011-01-30 22:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2011-01-30 22:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong [2011-01-30 22:32:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\imeshbandmltbpi [2010-05-21 19:25:50 | 000,103,323 | ---- | C] () -- C:\WINDOWS\System32\25aca003-b42b-5f3f-fe88-eb76e9be4150.exe [2011-01-17 20:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\iMesh [2011-03-18 21:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job :Files WScript.exe /a/ alldrivers :Commands [emptytemp][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Użyj [url="http://www.dobreprogramy.pl/Windows-Worms-Doors-Cleaner,Program,Windows,11744.html"][b][color="#0000FF"]WWDC[/color][/b][/url], pozamykaj robaczywe porty. Tak aby znaczki były na zielono (dopuszczalny jest jeden żółty). Ten wpis też jest podejrzany i wygląda na robaka. Dla pewności przeskanuj go na virustotal: O20 - HKLM Winlogon: UIHost - (%windir%\Resources\Logons\Energy.exe) - C:\WINDOWS\Resources\Logons\[b]Energy.exe[/b] (Microsoft Corporation)
baluk94 komentarz 18 marca 2011 Autor komentarz 18 marca 2011 softonik-polska toolbar nie daje się poprzez dodaj/usuń programy odinstalować. podaje logi. OTL [log]All processes killed ========== OTL ========== No active process named datamngrUI.exe was found! HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully. C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ deleted successfully. C:\Program Files\Softonic-Polska\prxtbSof0.dll moved successfully. Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Ask.com" removed from browser.search.defaultenginename Prefs.js: "http://www.dymasearch.com/search.php?src=tops&q=" removed from browser.search.defaulturl Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: "Ask.com" removed from browser.search.selectedEngine Prefs.js: "http://search.imesh.com/" removed from browser.startup.homepage Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems Prefs.js: "http://search.imesh.com/web?src=ffb&systemid=1&q=" removed from keyword.URL C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\searchbar folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\options folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\icons folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\uwa folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\scripts folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\skin\scripts folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\skin\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\skin\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\skin folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\js folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.YouTube folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\skin\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\skin\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\skin folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\js folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.Twitter folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\modules folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\lib folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\data\search folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\data folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\DTToolbar@toolbarnet.com folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\searchplugins folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\logs folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\defaults folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\datastore folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\skin.Thu-11-Feb-2010-06-00-26-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-23-Feb-2011-14-23-21-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-03-Nov-2010-18-00-27-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-27-Jan-2011-19-17-03-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-27-Jan-2011-17-53-11-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-10-Feb-2011-07-43-36-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Jun-2010-09-26-00-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-25-Sep-2010-11-42-14-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-07-Aug-2010-08-07-47-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-14-Mar-2011-16-29-01-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-17-Dec-2010-22-04-18-GMT folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome\content folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com\chrome folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\toolbar@ask.com folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\askcom.xml moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\daemon-search.xml moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\iMeshWebSearch.xml moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\searchplugins\Search.xml moved successfully. C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION\content folder moved successfully. C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION\components folder moved successfully. C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION folder moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ deleted successfully. C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ not found. File C:\Program Files\Softonic-Polska\prxtbSof0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found. File C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ not found. File Polska\prxtbSof0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}\ not found. File Polska\prxtbSof0.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully. C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll deleted successfully. C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll deleted successfully. C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94befe08-c1b7-11df-9ef1-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94befe08-c1b7-11df-9ef1-0040ca737fda}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94befe08-c1b7-11df-9ef1-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb8bb01c-5862-11df-9d35-0040ca737fda}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb8bb01c-5862-11df-9d35-0040ca737fda}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb8bb01c-5862-11df-9d35-0040ca737fda}\ not found. File G:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e72a0554-d498-11df-9f2a-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e72a0554-d498-11df-9f2a-0040ca737fda}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e72a0554-d498-11df-9f2a-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e72a0555-d498-11df-9f2a-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e72a0555-d498-11df-9f2a-0040ca737fda}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e72a0555-d498-11df-9f2a-0040ca737fda}\ not found. File WScript.exe .\`.vbs not found. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine\MyStuffApps folder moved successfully. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine\Logs folder moved successfully. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine\ExternalComponent folder moved successfully. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine\CacheIcons folder moved successfully. C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ConduitEngine folder moved successfully. C:\Program Files\ConduitEngine folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong\Data folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\PriceGong folder moved successfully. C:\Documents and Settings\Mateusz\Dane aplikacji\imeshbandmltbpi folder moved successfully. C:\WINDOWS\system32\25aca003-b42b-5f3f-fe88-eb76e9be4150.exe moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\iMesh\CreativesFiles folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\iMesh folder moved successfully. C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully. ========== FILES ========== Invalid Switch: alldrivers ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 1034126 bytes ->Temporary Internet Files folder emptied: 406195 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 74696619 bytes ->Flash cache emptied: 1873 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Mateusz ->Temp folder emptied: 883608475 bytes ->Temporary Internet Files folder emptied: 21018233 bytes ->Java cache emptied: 1393848 bytes ->FireFox cache emptied: 76299671 bytes ->Opera cache emptied: 11024242 bytes ->Flash cache emptied: 291640 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114584 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 18684464 bytes RecycleBin emptied: 489126755 bytes Total Files Cleaned = 1 507,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03182011_224127 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] [log]OTL logfile created on: 2011-03-18 22:55:31 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 283,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,76 Gb Free Space | 12,61% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Drive H: | 1,87 Gb Total Space | 1,87 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-03-06 14:08:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-03-06 14:07:58 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-27 10:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2010-10-20 19:14:12 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-02-18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-06 18:56:22 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-05-03 05:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-11-05 19:00:00 | 000,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-07-28 00:03:34 | 000,075,128 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-03 23:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-03 23:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-03 23:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-03 23:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-03 23:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-03 23:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-03 23:44:26 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe PRC - [2004-08-03 23:44:24 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe PRC - [2004-08-03 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-03 23:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-03 23:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2003-08-15 08:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002-08-21 05:13:12 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-02-06 18:59:16 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2004-08-03 23:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-03 23:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-03 23:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-03 23:44:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-03 23:44:12 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-03 23:44:10 | 029,388,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-03 23:44:10 | 002,570,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-03 23:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-03 23:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-03 23:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-03 23:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-03 23:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-03 23:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-03 23:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-03 23:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-03 23:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-03 23:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-03 23:43:56 | 001,524,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-03 23:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-03 23:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-03 23:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-03 23:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 22:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-03-20 08:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-15 09:54:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-07-28 00:02:34 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2007-07-28 00:00:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2007-07-27 23:59:57 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2007-07-27 23:58:36 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2003-08-15 08:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-08-14 16:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-08-05 07:14:32 | 000,077,056 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {9d2373fb-5f12-c520-8edb-950fb5ed88d9}:4.6.6.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-06 14:08:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-06 14:08:08 | 000,000,000 | ---D | M] [2011-03-18 22:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2011-03-18 22:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions [2010-10-20 19:11:05 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\eafo3fflauncher@ea.com [2011-03-18 22:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-05-21 19:25:49 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{9d2373fb-5f12-c520-8edb-950fb5ed88d9} [2010-06-13 11:03:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-13 11:02:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-11-16 16:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2011-03-06 14:08:02 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-03-06 14:08:02 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-03-06 14:08:02 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-03-06 14:08:02 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-03-06 14:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-03-06 14:08:02 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Surfbar] C:\Program Files\Surfbar\SurfBar.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares ultra] C:\Program Files\Ares Ultra\Ares Ultra.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [VistaDriveIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O4 - HKLM..\RunOnce: [removeiMeshdatamngr] File not found O4 - HKLM..\RunOnce: [removeiMeshtoolbar] File not found O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.254 82.160.29.254 213.199.225.14 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\Resources\Logons\Energy.exe) - C:\WINDOWS\Resources\Logons\Energy.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-18 22:39:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-18 22:39:10 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2011-03-18 22:39:10 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group) MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]DriverScanner[/b] - hkey= - key= - C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-18 22:41:27 | 000,000,000 | ---D | C] -- C:\_OTL [2011-03-18 22:39:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-03-18 21:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MadCaps [2011-03-18 21:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\MadCaps [2011-03-18 21:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2011-03-18 17:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GameHouse [2011-03-18 17:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Opera [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2011-03-12 21:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011-03-05 18:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\My Shared Folder [2004-11-11 20:26:51 | 000,606,208 | ---- | C] (CyberLink Corporation) -- C:\Program Files\DVD_RES.dll [2004-11-11 20:26:51 | 000,077,824 | ---- | C] (CyberLink Corporation) -- C:\Program Files\PwrDVDRC.dll [2004-11-11 20:26:51 | 000,016,384 | ---- | C] (CyberLink Corporation) -- C:\Program Files\OSD_MLang.dll [2004-11-11 20:26:50 | 000,770,048 | ---- | C] (CyberLink Corporation) -- C:\Program Files\UI_RES.dll [2004-11-11 20:26:50 | 000,323,584 | ---- | C] (CyberLink Corp.) -- C:\Program Files\ddtester.exe [2004-11-11 20:26:50 | 000,274,432 | ---- | C] (CyberLink Corp.) -- C:\Program Files\CLDMA.exe [2004-11-11 20:26:50 | 000,167,936 | ---- | C] (CyberLink Corp.) -- C:\Program Files\cltest.exe [2004-11-11 20:26:50 | 000,012,288 | ---- | C] (CyberLink Corporation) -- C:\Program Files\AppBarCom_RES.dll [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-03-18 22:44:40 | 000,186,602 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-03-18 22:43:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-18 22:43:47 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2011-03-18 21:13:53 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 21:05:35 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 17:45:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-17 20:43:42 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-16 19:29:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-13 10:15:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-12 21:42:02 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 22:59:31 | 700,668,948 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-03 20:25:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-03-01 19:08:25 | 000,464,896 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-02 20:46:08 | 000,547,210 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-18 21:13:53 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 17:47:22 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 17:45:40 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-12 21:42:02 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-03-12 21:42:02 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 21:55:53 | 700,668,948 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-01 18:57:30 | 000,464,896 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-27 13:02:57 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-02-03 17:39:15 | 000,547,210 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [2010-10-20 19:14:33 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys [2010-10-20 19:14:33 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-10-20 19:14:15 | 000,214,592 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-10-20 19:14:12 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2010-10-20 19:14:12 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-05-13 10:26:21 | 000,169,207 | ---- | C] () -- C:\WINDOWS\hpoins27.dat [2010-05-13 10:26:21 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat [2010-02-15 21:46:13 | 000,049,953 | ---- | C] () -- C:\Program Files\Uninstal.exe [2010-02-08 18:53:54 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-02-07 18:25:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-02-07 18:25:53 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-06 18:18:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-02-06 18:10:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\auto.exe [2010-02-06 18:07:40 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-06 18:04:16 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-02-06 18:03:11 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-02-06 17:51:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-02-06 17:25:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-02-06 17:18:53 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-05-03 05:46:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-05-03 05:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-05-03 05:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008-05-03 05:46:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-11-05 19:00:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-02-15 16:24:48 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 15:15:16 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 15:15:16 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 20:30:24 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 20:30:22 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-10-29 12:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-05-25 06:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-05-15 09:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-06 18:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-02-06 18:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-12-31 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-03-18 22:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 [2010-07-12 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-12-17 21:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DMCache [2011-02-17 17:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10 [2010-05-03 14:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2010-12-17 21:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\IDM [2010-06-12 17:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-06-21 20:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Leadertech [2010-06-29 11:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2011-03-12 21:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2010-11-11 16:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\StepMania 4 [2010-12-21 18:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Uniblue [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-12-22 18:56:38 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 21:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-03-18 22:43:47 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2010-02-06 17:22:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-06 17:22:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 21:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 21:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-03-18 22:43:45 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009-11-13 23:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2009-11-13 23:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2011-03-18 22:55:31 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 283,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,76 Gb Free Space | 12,61% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Drive H: | 1,87 Gb Total Space | 1,87 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Ares Ultra\Ares Ultra.exe" = C:\Program Files\Ares Ultra\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows -- () "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe" = C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\EA Sports\FIFA Online\NFE.exe" = C:\Program Files\EA Sports\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online "C:\Program Files\StepMania 4\Program\StepMania.exe" = C:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania -- (http://www.stepmania.com) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{21A6E85C-0310-4623-BE61-35DFE2F9AA88}" = USB Dual Vibration Joystick - Twin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5BAE938E-3B49-424B-9566-40810E138DA3}" = Twierdza Deluxe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 Premium "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{9B85588D-65F0-4A8E-B551-EF8727797512}_is1" = Testy Gimnazjalne 2010 "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E5B77685-3AEB-432D-8F73-29FEEEE89613}" = Twierdza Krzyżowiec "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "25aca003-b42b-5f3f-fe88-eb76e9be4150" = Contextual Tracker Dymanet "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Ares" = Ares 2.1.7 "Ares Ultra_is1" = Ares Ultra 4.1.0 "AutocompletePro3_is1" = AutocompletePro "avast!" = avast! Antivirus "AVIcodec" = AVIcodec (remove only) "CDex" = CDex "conduitEngine" = Conduit Engine "Crystal Player" = Crystal Player Professional 1.97 "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.3.4 "Energize" = Energize "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow" = ffdshow "FormatFactory" = FormatFactory 2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "ipla" = ipla 2.1.2 "JDownloader" = JDownloader "MadCaps_is1" = MadCaps "McAfee Security Scan" = McAfee Security Scan Plus "MediaCoder" = MediaCoder 0.6.0 "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "MV2Player" = MV2Player (remove only) "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.01.1190" = Opera 11.01 "Picasa 3" = Picasa 3 "PowerDVD 6" = PowerDVD 6 "PunkBusterSvc" = PunkBuster Services "Rapid Express_is1" = Rapid Express "RealAlt_is1" = Real Alternative 2.0.1 "RocketDock_is1" = RocketDock 1.3.5 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6 "StepMania 4" = StepMania 4 alpha 5 (remove only) "Surfbar_is1" = Surfbar "The Sims_is1" = The Sims "Total Video Converter 3.02_is1" = Total Video Converter 3.02 "VLC media player" = VideoLAN VLC media player 0.8.5 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (4.2.0) Trial Version "Zuma Deluxe" = Zuma Deluxe [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-12-23 17:49:02 | Computer Name = MATEUSZ-8EB5869 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-24 11:10:18 | Computer Name = MATEUSZ-8EB5869 | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2010-12-24 17:51:21 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 23 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6" Error - 2011-01-14 12:44:55 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.7.2830, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00011430. Error - 2011-01-31 09:08:49 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, moduł powodujący błąd libavcodec.dll, wersja 0.0.0.0, adres błędu 0x00266bd8. Error - 2011-02-27 08:01:38 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-02-28 15:55:08 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. Error - 2011-03-03 14:08:25 | Computer Name = MATEUSZ-8EB5869 | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-03-06 17:00:02 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-18 17:49:06 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11905 Description = Product: Ask Toolbar -- Error 1905.Module C:\Program Files\Ask.com\GenericAskToolbar.dll failed to unregister. HRESULT -2147220472. Contact your support personnel. [ System Events ] Error - 2011-03-17 14:18:04 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 12:10:21 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 15:44:24 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 17:41:28 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! iAVS4 Control Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:28 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Web Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Mail Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:45:51 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. < End of report > [/log] RSIT W dalszym ciągu nie daje się uruchomić.
Tomek01 komentarz 19 marca 2011 komentarz 19 marca 2011 RSIT spróbuj w trybie awaryjnym. Wklej do OTL: [code]:OTL O4 - HKLM..\RunOnce: [removeiMeshdatamngr] File not found O4 - HKLM..\RunOnce: [removeiMeshtoolbar] File not found [2011-03-18 22:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 :Commands [emptytemp][/code] A co ze skanem tego pliku :C:\WINDOWS\Resources\Logons\Energy.exe ?
baluk94 komentarz 19 marca 2011 Autor komentarz 19 marca 2011 (edytowane) W trybie awaryjnym RSIT też nie dał się uruchomić.Wyrzuciłem go i pobrałem ponownie.W końcu się uruchomił. log RSIT przed uruchomieniem OTL z podanym powyżej wpisem [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Mateusz at 2011-03-19 15:06:23 Microsoft Windows XP Professional Dodatek Service Pack 2 System drive C: has 4 GB (12%) free of 31 GB Total RAM: 767 MB (30% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:06:46, on 2011-03-19 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\setup\avast.setup C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\trend micro\Mateusz.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb&sysid=1 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (file missing) O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [VistaDriveIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ares ultra] "C:\Program Files\Ares Ultra\Ares Ultra.exe" -h O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing) O9 - Extra button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares Ultra\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 7100 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-11-30 95744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] UrlHelper Class - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-13 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-07-28 75128] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344] "DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2007-11-05 45056] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-12-16 12984928] "VistaDriveIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2007-11-05 45056] "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616] "ares"=C:\Program Files\Ares\Ares.exe [2010-10-27 1015808] "ares ultra"=C:\Program Files\Ares Ultra\Ares Ultra.exe [2008-05-20 2830848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] C:\Program Files\Ares\Ares.exe [2010-10-27 1015808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe [2010-11-12 338296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk] C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE [2010-01-15 255536] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Ares Ultra\Ares Ultra.exe"="C:\Program Files\Ares Ultra\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe"="C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe:*:Enabled:TightVNC Win32 Server" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\EA Sports\FIFA Online\NFE.exe"="C:\Program Files\EA Sports\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online" "C:\Program Files\StepMania 4\Program\StepMania.exe"="C:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania" "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh" ======List of files/folders created in the last 1 months====== 2011-03-19 15:06:26 ----D---- C:\Program Files\trend micro 2011-03-19 15:06:23 ----D---- C:\rsit 2011-03-19 15:04:01 ----ASH---- C:\hiberfil.sys 2011-03-18 22:41:27 ----D---- C:\_OTL 2011-03-18 22:39:09 ----RASHD---- C:\autorun.inf 2011-03-18 21:13:50 ----D---- C:\Program Files\MadCaps 2011-03-18 21:13:39 ----D---- C:\Program Files\ReflexiveArcade 2011-03-18 17:45:32 ----D---- C:\Program Files\GameHouse 2011-03-12 21:42:07 ----D---- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera 2011-03-12 21:41:54 ----D---- C:\Program Files\Opera ======List of files/folders modified in the last 1 months====== 2011-03-19 15:06:38 ----D---- C:\WINDOWS\system32\CatRoot2 2011-03-19 15:06:26 ----D---- C:\Program Files 2011-03-19 15:06:22 ----D---- C:\WINDOWS\Temp 2011-03-19 14:59:27 ----A---- C:\WINDOWS\ntbtlog.txt 2011-03-19 14:58:11 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-03-19 13:33:41 ----A---- C:\WINDOWS\win.ini 2011-03-19 13:00:17 ----SHD---- C:\WINDOWS\Installer 2011-03-19 13:00:16 ----HD---- C:\Config.Msi 2011-03-19 13:00:16 ----D---- C:\WINDOWS\system32 2011-03-19 13:00:12 ----D---- C:\Program Files\Java 2011-03-18 23:32:52 ----A---- C:\WINDOWS\NeroDigital.ini 2011-03-18 23:12:49 ----D---- C:\Program Files\Testy Gimnazjalne 2010 2011-03-18 23:12:41 ----D---- C:\Program Files\Surfbar 2011-03-18 22:51:59 ----D---- C:\Program Files\iMesh Applications 2011-03-18 22:49:18 ----D---- C:\Program Files\DAEMON Tools Toolbar 2011-03-18 22:48:58 ----D---- C:\Documents and Settings\Mateusz\Dane aplikacji\HPAppData 2011-03-18 22:42:41 ----D---- C:\WINDOWS 2011-03-18 22:41:43 ----SD---- C:\WINDOWS\Tasks 2011-03-18 22:41:32 ----D---- C:\Program Files\Softonic-Polska 2011-03-10 21:20:08 ----D---- C:\Program Files\Deluxe Ski Jump 3 2011-03-06 21:49:46 ----D---- C:\WINDOWS\Prefetch 2011-03-06 14:08:16 ----D---- C:\Program Files\Mozilla Firefox 2011-02-25 14:28:02 ----D---- C:\Program Files\The Sims 2011-02-24 20:54:32 ----D---- C:\WINDOWS\system32\drivers 2011-02-21 20:59:23 ----HD---- C:\WINDOWS\inf ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-15 691696] R0 uagp35;Filtr AGPv3.5 firmy Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672] R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904] R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-08-05 77056] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2007-07-27 26624] R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-03 41472] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2007-07-27 42912] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2007-07-28 94416] R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-15 462684] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2007-07-28 23152] R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-04-24 41984] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 afqczwjj;afqczwjj; C:\WINDOWS\system32\drivers\afqczwjj.sys [] S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-07-27 16248] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-07-28 132472] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-10-20 75064] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-07-28 243064] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-07-28 345464] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336] S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares Ultra\chatServer.exe [2007-03-20 263168] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF----------------- [/log] Logi OTL - po skanowaniu z powyższym wpisem [log]OTL logfile created on: 2011-03-19 15:09:29 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 36,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,71 Gb Free Space | 12,44% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-03-06 14:07:58 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-02-06 18:56:22 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-11-05 19:00:00 | 000,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-07-28 00:03:34 | 000,075,128 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2003-08-15 08:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-03-18 21:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2004-08-03 23:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2007-07-28 00:03:28 | 000,132,472 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2007-07-28 00:03:07 | 000,243,064 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2007-07-28 00:02:20 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2007-07-27 23:52:45 | 000,016,248 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-03-20 08:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-15 09:54:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-07-28 00:02:34 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2007-07-28 00:00:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2007-07-27 23:59:57 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2007-07-27 23:58:36 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2003-08-15 08:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-08-14 16:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-08-05 07:14:32 | 000,077,056 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {9d2373fb-5f12-c520-8edb-950fb5ed88d9}:4.6.6.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-06 14:08:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-06 14:08:08 | 000,000,000 | ---D | M] [2011-03-18 22:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2011-03-18 22:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions [2010-10-20 19:11:05 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions\eafo3fflauncher@ea.com [2011-03-18 22:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-05-21 19:25:49 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{9d2373fb-5f12-c520-8edb-950fb5ed88d9} [2010-06-13 11:03:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-13 11:02:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-11-16 16:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2011-03-06 14:08:02 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-03-06 14:08:02 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-03-06 14:08:02 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-03-06 14:08:02 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-03-06 14:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-03-06 14:08:02 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 14:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares ultra] C:\Program Files\Ares Ultra\Ares Ultra.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [VistaDriveIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.254 82.160.29.254 213.199.225.14 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\Resources\Logons\Energy.exe) - C:\WINDOWS\Resources\Logons\Energy.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-06 17:22:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-18 22:39:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-18 22:39:10 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-19 15:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-03-19 15:06:23 | 000,000,000 | ---D | C] -- C:\rsit [2011-03-18 22:41:27 | 000,000,000 | ---D | C] -- C:\_OTL [2011-03-18 22:39:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-03-18 21:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MadCaps [2011-03-18 21:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\MadCaps [2011-03-18 21:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2011-03-18 17:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GameHouse [2011-03-18 17:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Opera [2011-03-12 21:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2011-03-12 21:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011-03-05 18:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\My Shared Folder [2004-11-11 20:26:51 | 000,606,208 | ---- | C] (CyberLink Corporation) -- C:\Program Files\DVD_RES.dll [2004-11-11 20:26:51 | 000,077,824 | ---- | C] (CyberLink Corporation) -- C:\Program Files\PwrDVDRC.dll [2004-11-11 20:26:51 | 000,016,384 | ---- | C] (CyberLink Corporation) -- C:\Program Files\OSD_MLang.dll [2004-11-11 20:26:50 | 000,770,048 | ---- | C] (CyberLink Corporation) -- C:\Program Files\UI_RES.dll [2004-11-11 20:26:50 | 000,323,584 | ---- | C] (CyberLink Corp.) -- C:\Program Files\ddtester.exe [2004-11-11 20:26:50 | 000,274,432 | ---- | C] (CyberLink Corp.) -- C:\Program Files\CLDMA.exe [2004-11-11 20:26:50 | 000,167,936 | ---- | C] (CyberLink Corp.) -- C:\Program Files\cltest.exe [2004-11-11 20:26:50 | 000,012,288 | ---- | C] (CyberLink Corporation) -- C:\Program Files\AppBarCom_RES.dll [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-03-19 15:04:09 | 000,186,602 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-03-19 15:04:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-03-19 15:04:01 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2011-03-19 13:34:35 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 23:32:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-18 21:13:53 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 17:45:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-17 20:43:42 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-16 19:29:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-03-12 21:42:02 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 22:59:31 | 700,668,948 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-03 20:25:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-03-01 19:08:25 | 000,464,896 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-02 20:46:08 | 000,547,210 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-19 15:04:01 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys [2011-03-18 21:13:53 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 17:47:22 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 17:45:40 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-12 21:42:02 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-03-12 21:42:02 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 21:55:53 | 700,668,948 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 21:20:11 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 18:00:54 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-01 18:57:30 | 000,464,896 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-27 13:02:57 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-02-03 17:39:15 | 000,547,210 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\z2.jpg [2010-10-20 19:14:33 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys [2010-10-20 19:14:33 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-10-20 19:14:15 | 000,214,592 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-10-20 19:14:12 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2010-10-20 19:14:12 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-05-13 10:26:21 | 000,169,207 | ---- | C] () -- C:\WINDOWS\hpoins27.dat [2010-05-13 10:26:21 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat [2010-02-15 21:46:13 | 000,049,953 | ---- | C] () -- C:\Program Files\Uninstal.exe [2010-02-08 18:53:54 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-02-07 18:25:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-02-07 18:25:53 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-06 18:18:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-02-06 18:10:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\auto.exe [2010-02-06 18:07:40 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-06 18:04:16 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-02-06 18:03:11 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-02-06 17:51:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-02-06 17:25:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-02-06 17:18:53 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-05-03 05:46:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-05-03 05:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-05-03 05:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008-05-03 05:46:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-11-05 19:00:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-02-15 16:24:48 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2004-08-03 23:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-03 23:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 10:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 15:15:16 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 15:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 15:15:16 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 15:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 20:30:24 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 20:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 20:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 20:30:22 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 20:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 21:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 21:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 21:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-10-29 12:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-05-25 06:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-05-15 09:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-06 18:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-02-06 18:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-12-31 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-07-12 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-12-17 21:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DMCache [2011-02-17 17:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10 [2010-05-03 14:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2010-12-17 21:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\IDM [2010-06-12 17:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-06-21 20:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Leadertech [2010-06-29 11:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2011-03-12 21:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2010-11-11 16:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\StepMania 4 [2010-12-21 18:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Uniblue [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :OTL >[/color] [color=#A23BEC]< O4 - HKLM..\RunOnce: [removeiMeshdatamngr] File not found >[/color] [color=#A23BEC]< O4 - HKLM..\RunOnce: [removeiMeshtoolbar] File not found >[/color] [color=#A23BEC]< [2011-03-18 22:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< :Commands >[/color] [color=#A23BEC]< [emptytemp] >[/color] < End of report > [/log] [log]OTL Extras logfile created on: 2011-03-19 15:09:29 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 275,00 Mb Available Physical Memory | 36,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,71 Gb Free Space | 12,44% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Ares Ultra\Ares Ultra.exe" = C:\Program Files\Ares Ultra\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows -- () "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe" = C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\EA Sports\FIFA Online\NFE.exe" = C:\Program Files\EA Sports\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online "C:\Program Files\StepMania 4\Program\StepMania.exe" = C:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania -- (http://www.stepmania.com) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{21A6E85C-0310-4623-BE61-35DFE2F9AA88}" = USB Dual Vibration Joystick - Twin "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5BAE938E-3B49-424B-9566-40810E138DA3}" = Twierdza Deluxe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 Premium "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E5B77685-3AEB-432D-8F73-29FEEEE89613}" = Twierdza Krzyżowiec "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "25aca003-b42b-5f3f-fe88-eb76e9be4150" = Contextual Tracker Dymanet "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Ares" = Ares 2.1.7 "Ares Ultra_is1" = Ares Ultra 4.1.0 "AutocompletePro3_is1" = AutocompletePro "avast!" = avast! Antivirus "AVIcodec" = AVIcodec (remove only) "CDex" = CDex "conduitEngine" = Conduit Engine "Crystal Player" = Crystal Player Professional 1.97 "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.3.4 "Energize" = Energize "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow" = ffdshow "FormatFactory" = FormatFactory 2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "ipla" = ipla 2.1.2 "JDownloader" = JDownloader "MadCaps_is1" = MadCaps "McAfee Security Scan" = McAfee Security Scan Plus "MediaCoder" = MediaCoder 0.6.0 "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "MV2Player" = MV2Player (remove only) "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.01.1190" = Opera 11.01 "Picasa 3" = Picasa 3 "PowerDVD 6" = PowerDVD 6 "PunkBusterSvc" = PunkBuster Services "Rapid Express_is1" = Rapid Express "RealAlt_is1" = Real Alternative 2.0.1 "RocketDock_is1" = RocketDock 1.3.5 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6 "StepMania 4" = StepMania 4 alpha 5 (remove only) "The Sims_is1" = The Sims "Total Video Converter 3.02_is1" = Total Video Converter 3.02 "VLC media player" = VideoLAN VLC media player 0.8.5 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (4.2.0) Trial Version "Zuma Deluxe" = Zuma Deluxe [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-14 12:44:55 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.7.2830, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00011430. Error - 2011-01-31 09:08:49 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, moduł powodujący błąd libavcodec.dll, wersja 0.0.0.0, adres błędu 0x00266bd8. Error - 2011-02-27 08:01:38 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-02-28 15:55:08 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. Error - 2011-03-03 14:08:25 | Computer Name = MATEUSZ-8EB5869 | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-03-06 17:00:02 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-18 17:49:06 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11905 Description = Product: Ask Toolbar -- Error 1905.Module C:\Program Files\Ask.com\GenericAskToolbar.dll failed to unregister. HRESULT -2147220472. Contact your support personnel. Error - 2011-03-19 08:00:15 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6" Error - 2011-03-19 08:50:58 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.4079, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-19 08:51:03 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. [ System Events ] Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Web Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:41:29 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Mail Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-18 17:45:51 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-18 18:09:57 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-19 07:52:11 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-19 09:59:37 | Computer Name = MATEUSZ-8EB5869 | Source = sptd | ID = 262148 Description = Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error - 2011-03-19 10:01:02 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Aavmker4 AmdK7 Fips sptd Error - 2011-03-19 10:01:35 | Computer Name = MATEUSZ-8EB5869 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2011-03-19 10:03:18 | Computer Name = MATEUSZ-8EB5869 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1084” podczas próby uruchomienia usługi EventSystem z argumentami „” w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2011-03-19 10:06:21 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. < End of report > [/log] raport z virustotal: File name: Energy.exe Submission date: 2011-03-19 13:49:42 (UTC) Current status: queued queued analysing finished Result: 0/ 43 (0.0%)
Tomek01 komentarz 20 marca 2011 komentarz 20 marca 2011 Wklej do OTL: [code] :Files C:\Program Files\iMesh Applications C:\Program Files\DAEMON Tools Toolbar C:\WINDOWS\System32\auto.exe C:\WINDOWS\system32\drivers\afqczwjj.sys :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"=- :Services afqczwjj :Commands [emptytemp][/code] Run Fix...
baluk94 komentarz 21 marca 2011 Autor komentarz 21 marca 2011 wkleiłem do OTL, wcisnąłem wykonaj skrypt.wszystkie skróty z pulpitu zniknęły.W dole okna OTL pisze KILLING ...... .Po dłuższym czasie wyskakuje w oknie OTL brak odpowiedzi i muszę resetować komputer.Gdzie robię błąd ? czy w OTL aby wykonać skrypt też trzeba zaznaczać wszystkie ustawienia?
Tomek01 komentarz 21 marca 2011 komentarz 21 marca 2011 Pokaż nowy log OTL. Możliwe że usunął co trzeba.
baluk94 komentarz 24 marca 2011 Autor komentarz 24 marca 2011 Oto zrobione nowe logi: [log] OTL logfile created on: 2011-04-22 19:39:30 - Run 4 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 207,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,31 Gb Free Space | 11,11% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-03-24 16:31:06 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-03-24 16:31:03 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-03-20 15:19:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-03-18 22:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-16 07:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-10-29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-10-27 11:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2010-10-20 20:14:12 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-02-06 19:56:22 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-05-03 06:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-11-05 20:00:00 | 000,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-07-28 01:03:34 | 000,075,128 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2007-07-28 01:03:28 | 000,132,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2007-07-28 01:03:07 | 000,243,064 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2007-07-28 01:02:20 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-07-28 00:52:45 | 000,016,248 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2004-11-02 21:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004-08-11 02:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2003-08-15 09:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2002-08-21 06:13:12 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-03-18 22:31:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-02-06 19:59:16 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 00:44:12 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 029,388,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 00:44:10 | 002,570,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 001,524,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-04 00:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2007-07-28 01:03:28 | 000,132,472 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2007-07-28 01:03:07 | 000,243,064 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2007-07-28 01:02:20 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2007-07-28 00:52:45 | 000,016,248 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-03-20 09:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares Ultra\chatServer.exe -- (AresChatServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-15 10:54:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-07-28 01:02:34 | 000,094,416 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2007-07-28 01:00:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2007-07-28 00:59:57 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2007-07-28 00:58:36 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2003-08-15 09:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-08-14 17:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2003-08-05 08:14:32 | 000,077,056 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viasraid.sys -- (viasraid) DRV - [2003-07-02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {9d2373fb-5f12-c520-8edb-950fb5ed88d9}:4.6.6.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-24 16:31:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-24 16:31:15 | 000,000,000 | ---D | M] [2011-03-18 23:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2011-03-20 15:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\jgies58a.default\extensions [2011-03-20 22:25:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-05-21 20:25:49 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{9d2373fb-5f12-c520-8edb-950fb5ed88d9} [2011-03-20 15:19:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-20 15:19:21 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-03-20 15:19:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-11-16 17:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2011-03-06 15:08:02 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-03-06 15:08:02 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-03-06 15:08:02 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-03-06 15:08:02 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-03-06 15:08:02 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-03-06 15:08:02 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [ares ultra] C:\Program Files\Ares Ultra\Ares Ultra.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-2000478354-602162358-725345543-1003..\Run: [VistaDriveIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.254 82.160.29.254 213.199.225.14 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (%windir%\Resources\Logons\Energy.exe) - C:\WINDOWS\Resources\Logons\Energy.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-06 18:22:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-03-18 23:39:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-18 22:39:10 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]ares[/b] - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group) MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]DriverScanner[/b] - hkey= - key= - C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-03-20 15:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-03-20 15:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011-03-20 00:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\ExpressPCB [2011-03-20 00:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ExpressPCB [2011-03-20 00:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\ExpressPCB [2011-03-20 00:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2011-03-19 16:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-03-19 16:06:23 | 000,000,000 | ---D | C] -- C:\rsit [2011-03-18 23:41:27 | 000,000,000 | ---D | C] -- C:\_OTL [2011-03-18 23:39:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2011-03-18 22:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MadCaps [2011-03-18 22:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\MadCaps [2011-03-18 22:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2011-03-18 18:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\GameHouse [2011-03-18 18:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse [2011-03-12 22:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Opera [2011-03-12 22:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2011-03-12 22:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011-03-05 19:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\My Shared Folder [2004-11-11 21:26:51 | 000,606,208 | ---- | C] (CyberLink Corporation) -- C:\Program Files\DVD_RES.dll [2004-11-11 21:26:51 | 000,077,824 | ---- | C] (CyberLink Corporation) -- C:\Program Files\PwrDVDRC.dll [2004-11-11 21:26:51 | 000,016,384 | ---- | C] (CyberLink Corporation) -- C:\Program Files\OSD_MLang.dll [2004-11-11 21:26:50 | 000,770,048 | ---- | C] (CyberLink Corporation) -- C:\Program Files\UI_RES.dll [2004-11-11 21:26:50 | 000,323,584 | ---- | C] (CyberLink Corp.) -- C:\Program Files\ddtester.exe [2004-11-11 21:26:50 | 000,274,432 | ---- | C] (CyberLink Corp.) -- C:\Program Files\CLDMA.exe [2004-11-11 21:26:50 | 000,167,936 | ---- | C] (CyberLink Corp.) -- C:\Program Files\cltest.exe [2004-11-11 21:26:50 | 000,012,288 | ---- | C] (CyberLink Corporation) -- C:\Program Files\AppBarCom_RES.dll [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-04-22 19:04:15 | 000,355,486 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-04-22 19:04:15 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-04-22 19:04:15 | 000,049,492 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-04-22 19:04:15 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-04-22 19:00:59 | 000,186,602 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-04-22 19:00:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-04-22 19:00:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-04-22 19:00:50 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2011-03-22 21:53:58 | 000,168,601 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 010.jpg [2011-03-22 20:28:07 | 000,000,148 | -H-- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\.picasa.ini [2011-03-22 17:12:34 | 000,199,605 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 008.jpg [2011-03-22 17:12:03 | 000,202,978 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 012.jpg [2011-03-22 17:03:58 | 001,368,561 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 015.jpg [2011-03-22 17:03:50 | 001,441,604 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 009.jpg [2011-03-22 17:03:47 | 001,331,072 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 013.jpg [2011-03-22 17:03:35 | 001,336,403 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 011.jpg [2011-03-22 16:58:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 015.jpg [2011-03-22 16:58:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 013.jpg [2011-03-22 16:58:38 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 012.jpg [2011-03-22 16:58:31 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 011.jpg [2011-03-22 16:58:29 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 010.jpg [2011-03-22 16:58:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 009.jpg [2011-03-22 16:58:24 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Mateusz\zdjęcie 008.jpg [2011-03-20 00:13:49 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ExpressSCH.lnk [2011-03-20 00:13:49 | 000,001,658 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ExpressPCB.lnk [2011-03-19 14:34:35 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat [2011-03-19 00:32:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-03-18 22:13:53 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 18:45:40 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-17 21:43:42 | 000,086,528 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-03-12 22:42:02 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 23:59:31 | 700,668,948 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 22:20:11 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 19:00:54 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-03 21:25:51 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-03-01 20:08:25 | 000,464,896 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [1 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-03-22 16:58:50 | 001,368,561 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 015.jpg [2011-03-22 16:58:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 015.jpg [2011-03-22 16:58:45 | 001,331,072 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 013.jpg [2011-03-22 16:58:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 013.jpg [2011-03-22 16:58:40 | 000,202,978 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 012.jpg [2011-03-22 16:58:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 012.jpg [2011-03-22 16:58:34 | 001,336,403 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 011.jpg [2011-03-22 16:58:31 | 001,441,604 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 009.jpg [2011-03-22 16:58:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 011.jpg [2011-03-22 16:58:29 | 000,168,601 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 010.jpg [2011-03-22 16:58:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 010.jpg [2011-03-22 16:58:28 | 000,199,605 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcie 008.jpg [2011-03-22 16:58:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 009.jpg [2011-03-22 16:58:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Mateusz\zdjęcie 008.jpg [2011-03-20 00:13:49 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ExpressSCH.lnk [2011-03-20 00:13:49 | 000,001,658 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ExpressPCB.lnk [2011-03-19 16:04:01 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys [2011-03-18 22:13:53 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\MadCaps.lnk [2011-03-18 18:47:22 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2011-03-18 18:45:40 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zuma Deluxe.lnk [2011-03-12 22:42:02 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk [2011-03-12 22:42:02 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2011-03-11 22:55:53 | 700,668,948 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\13 Duchów.avi [2011-03-10 22:20:11 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DSJ3.lnk [2011-03-05 19:00:54 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Ares.lnk [2011-03-01 19:57:30 | 000,464,896 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Składniki pokarmowe.pps [2011-02-27 14:02:57 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-10-20 20:14:33 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys [2010-10-20 20:14:33 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-10-20 20:14:15 | 000,214,592 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-10-20 20:14:12 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2010-10-20 20:14:12 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-05-13 11:26:21 | 000,169,207 | ---- | C] () -- C:\WINDOWS\hpoins27.dat [2010-05-13 11:26:21 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat [2010-02-15 22:46:13 | 000,049,953 | ---- | C] () -- C:\Program Files\Uninstal.exe [2010-02-08 19:53:54 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-02-07 19:25:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-02-07 19:25:53 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-06 19:18:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-02-06 19:10:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\auto.exe [2010-02-06 19:07:40 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-06 19:04:16 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-02-06 19:03:11 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-02-06 18:51:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-02-06 18:25:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-02-06 18:18:53 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008-05-03 06:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-05-03 06:46:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008-05-03 06:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-05-03 06:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008-05-03 06:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-05-03 06:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-05-03 06:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008-05-03 06:46:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-05-03 06:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-11-05 20:00:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005-02-15 17:24:48 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-10-26 16:15:16 | 000,355,486 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 16:15:16 | 000,049,492 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 21:30:24 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 21:30:22 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2010-10-29 13:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DMCache [2010-05-25 07:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\IDM [2010-05-15 10:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-06 19:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-02-06 19:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-12-31 22:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-07-12 22:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite [2010-12-17 22:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DMCache [2011-02-17 18:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10 [2010-05-03 15:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet [2010-12-17 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\IDM [2010-06-12 18:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla [2010-06-21 21:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Leadertech [2010-06-29 12:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM [2011-03-12 22:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Opera [2010-11-11 17:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\StepMania 4 [2010-12-21 19:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Uniblue [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-06 18:22:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-12-22 19:56:38 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-02-06 18:22:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-04-22 19:00:50 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys [2010-02-06 18:22:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-06 18:22:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-04-22 19:00:48 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009-11-14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2009-11-14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2011-04-22 19:39:30 - Run 4 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 207,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,81 Gb Total Space | 3,31 Gb Free Space | 11,11% Space Free | Partition Type: NTFS Drive D: | 44,70 Gb Total Space | 14,29 Gb Free Space | 31,98% Space Free | Partition Type: FAT32 Computer Name: MATEUSZ-8EB5869 | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Ares Ultra\Ares Ultra.exe" = C:\Program Files\Ares Ultra\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows -- () "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe" = C:\Program Files\tightvnc-1.3.10_x86\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group) "C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\EA Sports\FIFA Online\NFE.exe" = C:\Program Files\EA Sports\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online "C:\Program Files\StepMania 4\Program\StepMania.exe" = C:\Program Files\StepMania 4\Program\StepMania.exe:*:Enabled:StepMania -- (http://www.stepmania.com) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""SubEdit-Player"" = "SubEdit-Player" "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{21A6E85C-0310-4623-BE61-35DFE2F9AA88}" = USB Dual Vibration Joystick - Twin "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC "{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery "{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp "{5BAE938E-3B49-424B-9566-40810E138DA3}" = Twierdza Deluxe "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 Premium "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch "{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component "{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E5B77685-3AEB-432D-8F73-29FEEEE89613}" = Twierdza Krzyżowiec "{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200 "{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext "{ED5F7AF9-347B-4440-A211-C6236508CC08}" = ExpressPCB "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "25aca003-b42b-5f3f-fe88-eb76e9be4150" = Contextual Tracker Dymanet "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "Ares" = Ares 2.1.7 "Ares Ultra_is1" = Ares Ultra 4.1.0 "AutocompletePro3_is1" = AutocompletePro "avast!" = avast! Antivirus "AVIcodec" = AVIcodec (remove only) "CDex" = CDex "conduitEngine" = Conduit Engine "Crystal Player" = Crystal Player Professional 1.97 "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.3.4 "Energize" = Energize "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow" = ffdshow "FormatFactory" = FormatFactory 2.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HP Imaging Device Functions" = HP Imaging Device Functions 10.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0 "HPExtendedCapabilities" = HP Customer Participation Program 10.0 "InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard "ipla" = ipla 2.1.2 "JDownloader" = JDownloader "MadCaps_is1" = MadCaps "McAfee Security Scan" = McAfee Security Scan Plus "MediaCoder" = MediaCoder 0.6.0 "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "MV2Player" = MV2Player (remove only) "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.01.1190" = Opera 11.01 "Picasa 3" = Picasa 3 "PowerDVD 6" = PowerDVD 6 "PunkBusterSvc" = PunkBuster Services "Rapid Express_is1" = Rapid Express "RealAlt_is1" = Real Alternative 2.0.1 "RocketDock_is1" = RocketDock 1.3.5 "Shop for HP Supplies" = Shop for HP Supplies "Softonic-Polska Toolbar" = Softonic-Polska Toolbar "Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6 "StepMania 4" = StepMania 4 alpha 5 (remove only) "The Sims_is1" = The Sims "Total Video Converter 3.02_is1" = Total Video Converter 3.02 "VLC media player" = VideoLAN VLC media player 0.8.5 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "WinRAR archiver" = Archiwizator WinRAR "Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (4.2.0) Trial Version "Zuma Deluxe" = Zuma Deluxe [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2000478354-602162358-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 2011-03-21 11:03:20 | Computer Name = MATEUSZ-8EB5869 | Source = avast! | ID = 33554522 Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping - server DOWN???, 00000002. [ Application Events ] Error - 2011-01-14 12:44:55 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd winamp.exe, wersja 5.5.7.2830, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00011430. Error - 2011-01-31 09:08:49 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, moduł powodujący błąd libavcodec.dll, wersja 0.0.0.0, adres błędu 0x00266bd8. Error - 2011-02-27 08:01:38 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-02-28 15:55:08 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.3989, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. Error - 2011-03-03 14:08:25 | Computer Name = MATEUSZ-8EB5869 | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 201 z d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-03-06 17:00:02 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca IEXPLORE.EXE, wersja 6.0.2900.2180, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-18 17:49:06 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11905 Description = Product: Ask Toolbar -- Error 1905.Module C:\Program Files\Ask.com\GenericAskToolbar.dll failed to unregister. HRESULT -2147220472. Contact your support personnel. Error - 2011-03-19 08:00:15 | Computer Name = MATEUSZ-8EB5869 | Source = MsiInstaller | ID = 11722 Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action patchjre, location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6" Error - 2011-03-19 08:50:58 | Computer Name = MATEUSZ-8EB5869 | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.4079, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-19 08:51:03 | Computer Name = MATEUSZ-8EB5869 | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.2180, adres błędu 0x00001010. [ System Events ] Error - 2011-03-21 11:24:16 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! iAVS4 Control Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-21 11:24:16 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7034 Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-03-21 11:40:24 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-21 15:27:26 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-22 02:34:59 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-22 10:46:44 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-22 14:21:35 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-23 13:52:44 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-03-24 10:32:25 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. Error - 2011-04-22 13:03:08 | Computer Name = MATEUSZ-8EB5869 | Source = Service Control Manager | ID = 7022 Description = Usługa Usługa HP CUE DeviceDiscovery zawiesiła się podczas uruchamiania. < End of report > [/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.