wojtax2 utworzono 20 czerwca 2011 utworzono 20 czerwca 2011 Witam Problem: Qooqle Od paru dni zamiast normalnej strony startowej pojawia mi się TO "Qooqle" (problem identyczny jak kolega TrollPL) Logi OTL i RSIT: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Wojtas at 2011-06-20 14:14:11 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive I: has 40 GB (74%) free of 54 GB Total RAM: 2046 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:14:17, on 2011-06-20 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\nvsvc32.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\spoolsv.exe I:\WINDOWS\Explorer.EXE I:\WINDOWS\RTHDCPL.EXE I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\Nero\Update\NASvc.exe I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe I:\Program Files\Common Files\Java\Java Update\jusched.exe I:\WINDOWS\system32\RUNDLL32.EXE I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe I:\WINDOWS\system32\ctfmon.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE I:\Program Files\DAEMON Tools Lite\DTLite.exe I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe I:\Documents and Settings\All Users\jushed.exe J:\Mozilla Download\OTL.exe I:\Program Files\Mozilla Firefox\firefox.exe I:\Program Files\Mozilla Firefox\plugin-container.exe I:\WINDOWS\explorer.exe J:\Mozilla Download\RSIT.exe I:\Program Files\trend micro\Wojtas.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVP] "I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] I:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] I:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [amd_dc_opt] I:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKCU\..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu 10] "I:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [Pando Media Booster] I:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "I:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [jushed] I:\Documents and Settings\All Users\jushed.exe O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://I:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Dodaj do blokowanych banerów - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - I:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - I:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: @I:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - I:\Program Files\Nero\Update\NASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 7849 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - I:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] uTorrentBar Toolbar - I:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-03-28 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2011-03-25 264720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-14 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - I:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-03-28 176936] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - I:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344] "Alcmtr"=I:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "AVP"=I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-03-25 311680] "PWRISOVM.EXE"=I:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224] "SunJavaUpdateSched"=I:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672] "NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-10-19 13851752] "NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-10-19 110696] "nwiz"=I:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-26 1753192] "Adobe ARM"=I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920] "amd_dc_opt"=I:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "VisualTaskTips"=I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe [2007-09-05 36352] "ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-05-22 40448] "Gadu-Gadu 10"=I:\Program Files\Gadu-Gadu 10\gg.exe [2011-05-05 13345376] "Pando Media Booster"=I:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-03-25 2937528] "DAEMON Tools Lite"=I:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408] "AlcoholAutomount"=I:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120] "jushed"=I:\Documents and Settings\All Users\jushed.exe [2011-05-21 566784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] I:\WINDOWS\system32\Ati2evxx.dll [2009-11-24 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] I:\WINDOWS\system32\klogon.dll [2009-07-03 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-22 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 "NoSMHelp"=1 "NoSMConfigurePrograms"=1 "NoInstrumentation"=1 "NoStartMenuMFUprogramsList"=1 "NoResolveTrack"=1 "NoResolveSearch"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDesktopCleanupWizard"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "I:\Program Files\Pando Networks\Media Booster\PMB.exe"="I:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" "I:\Program Files\uTorrent\uTorrent.exe"="I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "K:\Gta\Grand Theft Auto IV\LaunchGTAIV.exe"="K:\Gta\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV" "K:\Bohemia Interactive\ArmA 2 REINFORCEMENTS\arma2RFT.exe"="K:\Bohemia Interactive\ArmA 2 REINFORCEMENTS\arma2RFT.exe:*:Enabled:ArmA 2 Operation Arrowhead" "I:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="I:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher" "K:\Symulator Farmy 2011\FarmingSimulator2011.exe"="K:\Symulator Farmy 2011\FarmingSimulator2011.exe:*:Enabled:Symulator Farmy 2011" "K:\Symulator Farmy 2011\game.exe"="K:\Symulator Farmy 2011\game.exe:*:Enabled:Symulator Farmy 2011" "K:\Dirt 3\dirt3_game.exe"="K:\Dirt 3\dirt3_game.exe:*:Enabled:DiRT 3" "K:\Operation Flashpoint\RedRiver.exe"="K:\Operation Flashpoint\RedRiver.exe:*:Enabled:Operation Flashpoint ®: Red River" "K:\Operation Flashpoint\RedRiverLauncher.exe"="K:\Operation Flashpoint\RedRiverLauncher.exe:*:Enabled:Operation Flashpoint ®: Red River" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2011-06-20 14:14:12 ----D---- I:\Program Files\trend micro 2011-06-20 14:14:11 ----D---- I:\rsit 2011-06-20 13:58:37 ----D---- I:\Program Files\WebKeySoft 2011-06-20 00:43:49 ----A---- I:\WINDOWS\system32\drivers\AmdLLD.sys 2011-06-20 00:43:47 ----D---- I:\Program Files\AMD 2011-06-18 10:09:50 ----D---- I:\Program Files\Common Files\Adobe 2011-06-18 10:09:50 ----D---- I:\Program Files\Adobe 2011-06-05 22:45:20 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\DailyMagic 2011-06-02 21:39:49 ----A---- I:\WINDOWS\system32\drivers\atksgt.sys 2011-06-02 21:39:48 ----A---- I:\WINDOWS\system32\drivers\lirsgt.sys 2011-05-28 10:00:19 ----SHD---- I:\Documents and Settings\All Users\Dane aplikacji\DSS 2011-05-28 10:00:18 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\Codemasters 2011-05-28 09:57:45 ----A---- I:\WINDOWS\system32\rapture3d_oal.dll 2011-05-28 09:57:45 ----A---- I:\WINDOWS\system32\mkl_blueripple.dll 2011-05-28 09:57:44 ----D---- I:\Program Files\BRS 2011-05-27 22:39:19 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\Elephant Games 2011-05-27 22:39:19 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\Elephant Games 2011-05-26 20:15:12 ----D---- I:\Program Files\Iceberg Interactive 2011-05-25 21:23:21 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\Vast Studios ======List of files/folders modified in the last 1 months====== 2011-06-20 14:14:12 ----RD---- I:\Program Files 2011-06-20 14:14:12 ----D---- I:\WINDOWS\Temp 2011-06-20 14:01:43 ----SHD---- I:\WINDOWS\Installer 2011-06-20 13:31:32 ----D---- I:\WINDOWS\system32 2011-06-20 13:31:32 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI 2011-06-20 13:27:33 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2011-06-20 12:07:15 ----A---- I:\WINDOWS\SchedLgU.Txt 2011-06-20 06:34:39 ----D---- I:\WINDOWS 2011-06-20 00:43:51 ----HD---- I:\WINDOWS\inf 2011-06-20 00:43:51 ----D---- I:\WINDOWS\system32\drivers 2011-06-20 00:40:33 ----D---- I:\WINDOWS\system32\DirectX 2011-06-20 00:40:08 ----RSD---- I:\WINDOWS\assembly 2011-06-20 00:39:56 ----D---- I:\WINDOWS\system32\CatRoot2 2011-06-20 00:39:48 ----D---- I:\WINDOWS\Prefetch 2011-06-20 00:39:41 ----D---- I:\WINDOWS\Logs 2011-06-20 00:25:34 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\teamspeak2 2011-06-20 00:16:42 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\AIMP 2011-06-19 09:41:24 ----D---- I:\Program Files\Mozilla Firefox 2011-06-18 10:24:00 ----RSD---- I:\WINDOWS\Fonts 2011-06-18 10:09:53 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\Adobe 2011-06-18 10:09:50 ----D---- I:\Program Files\Common Files 2011-06-16 22:46:31 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\uTorrent 2011-06-16 17:59:22 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\OpenFM 2011-06-15 23:46:05 ----AD---- I:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-06-12 21:44:53 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\TS3Client 2011-06-12 20:55:43 ----D---- I:\Program Files\Xfire 2011-06-09 16:53:09 ----D---- I:\Program Files\TeamSpeak 3 Client 2011-06-05 22:56:12 ----D---- I:\Documents and Settings\Wojtas\Dane aplikacji\PriceGong 2011-06-05 22:53:04 ----D---- I:\Program Files\TeamViewer 2011-06-05 22:49:51 ----HD---- I:\Program Files\InstallShield Installation Information 2011-06-05 22:48:16 ----D---- I:\Program Files\Hotspot Shield 2011-06-05 22:48:04 ----D---- I:\Hotspot Shield 2011-06-04 20:55:09 ----D---- I:\Program Files\Microsoft Games for Windows - LIVE 2011-06-04 20:54:52 ----D---- I:\Program Files\Common Files\Microsoft Shared 2011-06-04 20:53:42 ----D---- I:\WINDOWS\WinSxS 2011-06-03 15:49:48 ----D---- I:\Program Files\uTorrentBar 2011-06-03 15:49:45 ----D---- I:\Program Files\ConduitEngine 2011-05-29 13:15:10 ----D---- I:\Documents and Settings\All Users\Dane aplikacji\Playrix Entertainment 2011-05-28 20:35:32 ----D---- I:\Program Files\Shockwave.com 2011-05-28 09:57:30 ----A---- I:\WINDOWS\system32\wrap_oal.dll 2011-05-28 09:57:30 ----A---- I:\WINDOWS\system32\OpenAL32.dll 2011-05-28 09:35:45 ----SD---- I:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2011-05-26 20:20:27 ----D---- I:\Program Files\Common Files\Wise Installation Wizard ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ftsata2;ftsata2; I:\WINDOWS\system32\drivers\ftsata2.sys [2008-05-20 175104] R0 kl1;Kl1; I:\WINDOWS\system32\drivers\kl1.sys [2009-06-15 128016] R0 klbg;Kaspersky Lab Boot Guard Driver; I:\WINDOWS\system32\drivers\klbg.sys [2008-12-15 33808] R0 ohci1394;Kontroler hosta Texas Instruments IEEE 1394 zgodny z OHCI; I:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 sptd;sptd; I:\WINDOWS\System32\Drivers\sptd.sys [2011-04-29 436792] R1 AmdK8;AMD Processor Driver; I:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; I:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-26 218688] R1 KLIF;Kaspersky Lab Driver; I:\WINDOWS\system32\DRIVERS\klif.sys [2011-03-25 296976] R1 SCDEmu;SCDEmu; I:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388] R1 vcdrom;Virtual CD-ROM Device Driver; \??\I:\Program Files\System\CPL Bonus\Vcdrom.sys [] R2 atksgt;atksgt; I:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-06-02 278984] R2 lirsgt;lirsgt; I:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-06-02 25416] R3 AmdLLD;AMD Low Level Device Driver; I:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304] R3 Arp1394;Protokół klienta 1394 ARP; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-22 60800] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-14 4429312] R3 klim5;Kaspersky Anti-Virus NDIS Filter; I:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760] R3 klmouflt;Kaspersky Lab KLMOUFLT; I:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472] R3 mouhid;Sterownik myszy HID; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-22 12160] R3 NIC1394;Sterownik sieci 1394; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-22 61824] R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-19 9624096] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; I:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-06-28 45824] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; I:\WINDOWS\system32\drivers\nvhda32.sys [2010-09-07 100712] R3 nvnetbus;NVIDIA Network Bus Enumerator; I:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-06-28 20480] R3 usbstor;Sterownik magazynu masowego USB; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S1 kbdhid;Sterownik klawiatury HID; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 arn0eiwv;arn0eiwv; I:\WINDOWS\system32\drivers\arn0eiwv.sys [] S3 ati2mtag;ati2mtag; I:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-24 4463104] S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; I:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-18 95232] S3 cpuz130;cpuz130; \??\I:\DOCUME~1\Wojtas\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [] S3 EagleXNt;EagleXNt; \??\I:\WINDOWS\system32\drivers\EagleXNt.sys [] S3 ENTECH;ENTECH; \??\I:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys [] S3 MSICDSetup;MSICDSetup; \??\G:\CDriver.sys [] S3 taphss;Anchorfree HSS Adapter; I:\WINDOWS\system32\DRIVERS\taphss.sys [2011-04-15 32768] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Klasa PRINTER USB Microsoft; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; I:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-22 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-22 82944] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; I:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security; I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-03-25 311680] R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2011-04-14 153376] R2 NAUpdate;@I:\Program Files\Nero\Update\NASvc.exe,-200; I:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080] R2 nvsvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-10-19 156776] R2 StarWindServiceAE;StarWind AE Service; I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688] R2 wlidsvc;Windows Live ID Sign-in Assistant; I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] S2 Ati HotKey Poller;Ati HotKey Poller; I:\WINDOWS\system32\Ati2evxx.exe [2009-11-24 602112] S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120] S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; I:\Program Files\Windows Media Player\wmpnetwk.exe [2006-12-01 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] [log]OTL Extras logfile created on: 2011-06-20 14:08:38 - Run 3 OTL by OldTimer - Version 3.2.23.0 Folder = J:\Mozilla Download Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,40% Memory free 3,84 Gb Paging File | 3,29 Gb Available in Paging File | 85,64% Paging File free Paging file location(s): I:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files Drive E: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive I: | 52,60 Gb Total Space | 38,67 Gb Free Space | 73,52% Space Free | Partition Type: NTFS Drive J: | 439,45 Gb Total Space | 268,34 Gb Free Space | 61,06% Space Free | Partition Type: NTFS Drive K: | 439,45 Gb Total Space | 356,67 Gb Free Space | 81,16% Space Free | Partition Type: NTFS Computer Name: VVOJTAS | User Name: Wojtas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 4 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "58003:TCP" = 58003:TCP:*:Enabled:Pando Media Booster "58003:UDP" = 58003:UDP:*:Enabled:Pando Media Booster [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "I:\Program Files\Pando Networks\Media Booster\PMB.exe" = I:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "I:\Program Files\uTorrent\uTorrent.exe" = I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "K:\Gta\Grand Theft Auto IV\LaunchGTAIV.exe" = K:\Gta\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "K:\Bohemia Interactive\ArmA 2 REINFORCEMENTS\arma2RFT.exe" = K:\Bohemia Interactive\ArmA 2 REINFORCEMENTS\arma2RFT.exe:*:Enabled:ArmA 2 Operation Arrowhead -- (Bohemia Interactive) "I:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = I:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "K:\Symulator Farmy 2011\FarmingSimulator2011.exe" = K:\Symulator Farmy 2011\FarmingSimulator2011.exe:*:Enabled:Symulator Farmy 2011 -- (GIANTS Software GmbH) "K:\Symulator Farmy 2011\game.exe" = K:\Symulator Farmy 2011\game.exe:*:Enabled:Symulator Farmy 2011 -- (GIANTS Software GmbH) "K:\Dirt 3\dirt3_game.exe" = K:\Dirt 3\dirt3_game.exe:*:Enabled:DiRT 3 -- (Codemasters Software Company Limited) "K:\Operation Flashpoint\RedRiver.exe" = K:\Operation Flashpoint\RedRiver.exe:*:Enabled:Operation Flashpoint ®: Red River -- (Codemasters Software Company Limited) "K:\Operation Flashpoint\RedRiverLauncher.exe" = K:\Operation Flashpoint\RedRiverLauncher.exe:*:Enabled:Operation Flashpoint ®: Red River -- (Sony DADC Austria AG) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0743122B-5C12-4F99-A92F-9DCDBF7EE221}" = WebKeySoft Process Manager 2 Lite "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{49FC50FC-F965-40D9-89B4-CBFF80941PLK}" = Windows Movie Maker 2.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 261.01 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 261.01 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.1.9.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{E397F6F0-AEE4-4236-BB05-1351350F8365}" = War Rock "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 4.57 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Afterburner" = MSI Afterburner 2.0.0 "AIMP2" = AIMP2 "ARMA 2 REINFORCEMENTS" = ARMA 2 REINFORCEMENTS Uninstall "ATI Display Driver" = ATI Display Driver "CCleaner" = CCleaner "conduitEngine" = Conduit Engine "CPLBonus" = Kels' CPL Bonus Pack! "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Darkness Within 2: The Dark Lineage_is1" = Darkness Within 2: The Dark Lineage "Driver Magician_is1" = Driver Magician 3.28 "DriveSpace" = Drive Space Indicator "Duke Nukem Forever_is1" = Duke Nukem Forever "FarmingSimulator2011PL_is1" = Symulator Farmy 2011 "Fishdom™ 2" = Fishdom™ 2 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameSpy Arcade" = GameSpy Arcade "German Truck Simulator" = German Truck Simulator 1.02 "GFWL_{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "GMailFS" = GMail Drive Shell Extension "Hexus1.0.0" = Hexus "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic) "Lost Chronicles Fall of Caesar 1.00" = Lost Chronicles Fall of Caesar 1.00 "Magical Mysteries Path of the Sorceress 1.00" = Magical Mysteries Path of the Sorceress 1.00 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17) "Native Instruments Traktor DJ Mixer v1.0" = Native Instruments Traktor DJ Mixer v1.0 "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "OpenAL" = OpenAL "Picasa 3" = Picasa 3 "PowerISO" = PowerISO "RealAlt_is1" = Real Alternative 1.9.0 Lite "SubEdit-Player_is1" = SubEdit-Player "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "uTorrent" = µTorrent "uTorrentBar Toolbar" = uTorrentBar Toolbar "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VisualTaskTips" = Visual Task Tips 2.3 "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "Woodville Chronicles 1.00" = Woodville Chronicles 1.00 "Xfire" = Xfire (remove only) "XP Codec Pack" = XP Codec Pack "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "Polish Leauge Patch 11 beta" = Polish Leauge Patch 11 beta "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-19 17:24:53 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2011-06-20 00:38:33 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 00:38:33 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 00:38:33 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2011-06-20 04:42:55 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 04:42:55 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 04:42:55 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2011-06-20 07:31:29 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 07:31:29 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2011-06-20 07:31:29 | Computer Name = VVOJTAS | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). [ System Events ] Error - 2011-04-23 18:35:40 | Computer Name = VVOJTAS | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.100 dla karty sieciowej o adresie 001A4DF67D37 został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-04-25 13:49:22 | Computer Name = VVOJTAS | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.100 dla karty sieciowej o adresie 001A4DF67D37 został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-04-25 20:34:57 | Computer Name = VVOJTAS | Source = Service Control Manager | ID = 7006 Description = Wywołanie ScRegSetValueExW dla Type nie powiodło się i wystąpił następujący błąd: %%5. Error - 2011-04-25 20:43:55 | Computer Name = VVOJTAS | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 10.14.40.23 dla karty sieciowej o adresie 00FFF98AFE1E został zabroniony przez serwer DHCP 10.89.31.254 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-04-25 21:00:41 | Computer Name = VVOJTAS | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 10.89.24.19 dla karty sieciowej o adresie 00FFF98AFE1E został zabroniony przez serwer DHCP 10.5.71.254 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-04-25 21:06:51 | Computer Name = VVOJTAS | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 10.5.64.21 dla karty sieciowej o adresie 00FFF98AFE1E został zabroniony przez serwer DHCP 10.25.31.254 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-04-26 16:57:03 | Computer Name = VVOJTAS | Source = SideBySide | ID = 16842810 Description = Błąd składniowy w pliku manifestu lub w pliku zasad "I:\Program Files\Outlook Express\msimn.exe" w wierszu 0. Error - 2011-04-26 16:57:03 | Computer Name = VVOJTAS | Source = SideBySide | ID = 16842811 Description = Generate Activation Context nie powiodło się dla I:\Program Files\Outlook Express\msimn.exe. Odpowiedni komunikat o błędzie: Operacja ukończona pomyślnie. . < End of report > [/log] [log]OTL logfile created on: 2011-06-20 14:08:38 - Run 3 OTL by OldTimer - Version 3.2.23.0 Folder = J:\Mozilla Download Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,40% Memory free 3,84 Gb Paging File | 3,29 Gb Available in Paging File | 85,64% Paging File free Paging file location(s): I:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files Drive E: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive I: | 52,60 Gb Total Space | 38,67 Gb Free Space | 73,52% Space Free | Partition Type: NTFS Drive J: | 439,45 Gb Total Space | 268,34 Gb Free Space | 61,06% Space Free | Partition Type: NTFS Drive K: | 439,45 Gb Total Space | 356,67 Gb Free Space | 81,16% Space Free | Partition Type: NTFS Computer Name: VVOJTAS | User Name: Wojtas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-10 11:04:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- J:\Mozilla Download\OTL.exe PRC - [2011-05-21 19:17:57 | 000,566,784 | RHS- | M] ( ) -- I:\Documents and Settings\All Users\jushed.exe PRC - [2011-05-05 14:44:38 | 013,345,376 | ---- | M] (GG Network S.A.) -- I:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2011-04-21 01:36:29 | 000,016,856 | ---- | M] (Mozilla Corporation) -- I:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-04-21 01:36:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- I:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-04-14 05:08:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- I:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011-01-07 13:12:22 | 000,253,672 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-10-19 01:30:22 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- I:\WINDOWS\system32\nvsvc32.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- I:\Program Files\Nero\Update\NASvc.exe PRC - [2010-04-12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- I:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-05-22 17:11:08 | 001,503,232 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\explorer.exe PRC - [2008-05-22 17:10:06 | 000,040,448 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\ctfmon.exe PRC - [2008-05-19 01:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\msiexec.exe PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\csrss.exe PRC - [2007-09-05 12:20:12 | 000,036,352 | ---- | M] (VisualTaskTips.com) -- I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe PRC - [2007-06-13 08:49:22 | 016,377,344 | R--- | M] (Realtek Semiconductor Corp.) -- I:\WINDOWS\RTHDCPL.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-10 11:04:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- J:\Mozilla Download\OTL.exe MOD - [2008-05-22 17:18:56 | 000,487,424 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\user32.dll MOD - [2008-05-22 17:17:58 | 000,078,336 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\srclient.dll MOD - [2008-05-22 17:17:33 | 000,499,200 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\shlwapi.dll MOD - [2008-05-22 17:17:22 | 016,057,344 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\shell32.dll MOD - [2008-05-22 17:16:33 | 002,589,184 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\setupapi.dll MOD - [2008-05-22 17:09:38 | 001,526,784 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\comres.dll MOD - [2008-05-22 17:09:26 | 000,333,824 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\comdlg32.dll MOD - [2008-05-22 14:45:02 | 000,219,648 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- I:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-09-05 12:20:04 | 000,007,680 | ---- | M] () -- I:\Program Files\Utilities\VisualTaskTips\VttHooks.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-03-25 19:17:14 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- I:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-06-02 21:39:49 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- I:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-06-02 21:39:48 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- I:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-04-29 19:57:51 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- I:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-04-15 01:18:08 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2011-03-26 02:20:05 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- I:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-03-25 18:59:32 | 000,296,976 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- I:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2011-03-25 17:21:21 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-09-07 22:08:58 | 000,100,712 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2010-04-12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- I:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2009-11-24 16:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-11-18 12:24:26 | 000,095,232 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-06-15 15:01:00 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- I:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-05-16 21:59:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-05-13 18:46:52 | 000,031,760 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2008-12-15 21:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- I:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2008-05-20 15:11:10 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- I:\WINDOWS\System32\drivers\ftsata2.sys -- (ftsata2) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2007-06-28 12:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-06-28 12:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007-06-14 10:41:58 | 004,429,312 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-06-19 05:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- I:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2001-12-19 12:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- I:\Program Files\System\CPL Bonus\vcdrom.sys -- (vcdrom) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie_rsearch.html IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Hotspot Shield Private Search" FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..keyword.URL: "http://search.hotspotshield.com/g/results.php?c=s&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2011-06-02 20:55:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2011-04-21 01:36:29 | 000,066,520 | ---- | M] (mozilla.org) FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011-03-25 18:59:50 | 000,000,000 | ---D | M] [2011-05-05 15:05:30 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Extensions [2011-06-19 09:31:22 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\extensions [2011-05-27 12:30:21 | 000,000,000 | ---D | M] (DownloadHelper) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-03-21 16:12:42 | 000,000,863 | ---- | M] () -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\searchplugins\conduit.xml [2011-03-26 02:19:54 | 000,002,059 | ---- | M] () -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\searchplugins\daemon-search.xml [2011-06-19 09:31:22 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions [2011-04-29 14:50:11 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-04-29 20:22:40 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-05 02:11:07 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2011-03-25 19:00:07 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- I:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-04-29 14:49:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- I:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-04-21 01:10:05 | 000,002,767 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-04-21 01:10:05 | 000,001,406 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-21 01:10:05 | 000,000,917 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-04-21 01:10:05 | 000,000,858 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-04-21 01:10:05 | 000,001,183 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-04-21 01:10:05 | 000,001,683 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-08-23 14:00:00 | 000,000,742 | ---- | M]) - I:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] I:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [amd_dc_opt] I:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [AVP] I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [NvCplDaemon] I:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] I:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] I:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [PWRISOVM.EXE] I:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKU\.DEFAULT..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-18..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-20..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [AlcoholAutomount] I:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [Gadu-Gadu 10] I:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [jushed] I:\Documents and Settings\All Users\jushed.exe ( ) O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [Pando Media Booster] I:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - I:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Dodaj do blokowanych banerów - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O15 - HKU\.DEFAULT\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-20\..Trusted Domains: google.com ([mail] https in Trusted sites) O15 - HKU\S-1-5-21-1292428093-220523388-1801674531-1001\..Trusted Domains: google.com ([mail] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - AppInit_DLLs: (I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - I:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - I:\WINDOWS\system32\klogon.dll - I:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-06-11 14:24:48 | 000,000,065 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{c4078676-573e-11e0-85a5-001a4df67d37}\Shell - "" = AutoRun O33 - MountPoints2\{c4078676-573e-11e0-85a5-001a4df67d37}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011-06-11 14:24:48 | 000,530,669 | R--- | M] (2K Games ) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-20 13:58:37 | 000,000,000 | ---D | C] -- I:\Program Files\WebKeySoft [2011-06-20 13:58:37 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\WebKeySoft [2011-06-20 12:07:08 | 000,000,000 | RH-D | C] -- I:\Documents and Settings\Wojtas\Recent [2011-06-20 00:47:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Duke Nukem Forever [2011-06-20 00:43:49 | 000,034,304 | ---- | C] (AMD, Inc.) -- I:\WINDOWS\System32\drivers\AmdLLD.sys [2011-06-20 00:43:47 | 000,000,000 | ---D | C] -- I:\Program Files\AMD [2011-06-20 00:43:36 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2011-06-20 00:33:50 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\2K Games [2011-06-18 11:45:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Pulpit\Ryby [2011-06-18 10:23:59 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\Virtual DJ [2011-06-18 10:23:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\VirtualDJ [2011-06-18 10:23:20 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\Native Instruments Traktor DJ Mixer [2011-06-18 10:09:50 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\Adobe [2011-06-18 10:09:50 | 000,000,000 | ---D | C] -- I:\Program Files\Adobe [2011-06-05 22:45:20 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\DailyMagic [2011-06-04 20:55:10 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games for Windows Marketplace [2011-05-29 18:57:56 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy [2011-05-28 10:00:19 | 000,000,000 | -HSD | C] -- I:\Documents and Settings\All Users\Dane aplikacji\DSS [2011-05-28 10:00:18 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-05-28 10:00:13 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dokumenty\microsoft [2011-05-28 09:57:47 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Blue Ripple Sound [2011-05-28 09:57:45 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- I:\WINDOWS\System32\rapture3d_oal.dll [2011-05-28 09:57:44 | 000,000,000 | ---D | C] -- I:\Program Files\BRS [2011-05-28 09:39:49 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-05-27 22:39:19 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Elephant Games [2011-05-27 22:39:19 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\Elephant Games [2011-05-27 13:17:42 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\My Cheat Tables [2011-05-26 20:19:27 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Iceberg Interactive [2011-05-26 20:15:12 | 000,000,000 | ---D | C] -- I:\Program Files\Iceberg Interactive [2011-05-25 21:23:21 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Vast Studios [2011-05-25 21:22:53 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar [2011-05-21 21:08:52 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\The Witcher 2 [2011-05-21 20:22:46 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\The Witcher 2 [2011-05-21 19:17:57 | 007,987,953 | ---- | C] (CCCP Project ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe [2011-05-21 19:17:57 | 000,566,784 | RHS- | C] ( ) -- I:\Documents and Settings\All Users\jushed.exe [2011-05-21 19:17:57 | 000,566,784 | ---- | C] ( ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe [2011-05-21 19:17:57 | 000,347,136 | RHS- | C] (NirSoft) -- I:\Documents and Settings\All Users\nircmd.exe [2011-05-21 19:17:57 | 000,347,136 | ---- | C] (NirSoft) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe [2011-05-21 14:25:48 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Witcher 2 [2011-05-21 14:25:48 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\The Witcher 2 [2011-05-20 20:20:07 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\German Truck Simulator [2011-05-20 20:19:55 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\German Truck Simulator [2011-05-15 19:22:44 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Techland [2011-05-15 19:02:48 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\DreamWorks [2011-05-15 13:29:32 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\GameSpy Arcade [2011-05-15 13:29:25 | 000,000,000 | ---D | C] -- I:\Program Files\GameSpy Arcade [2011-05-15 12:52:08 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher [2011-05-15 12:26:30 | 000,000,000 | ---D | C] -- I:\Program Files\Ubisoft [2011-05-14 19:59:14 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\ERS Game Studios [2011-05-08 21:21:14 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\dj3 [2011-05-08 19:45:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\AlderGames [2011-05-08 17:32:46 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\PlayFirst [2011-05-08 17:32:46 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\PlayFirst [2011-05-08 14:09:36 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\BlackLegend D3D [2011-05-07 10:33:04 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Vogat Interactive [2011-05-06 10:14:59 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Funswitch [2011-05-06 10:13:23 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\The Secrets Of Hildegard [2011-05-05 15:05:24 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox [2011-05-05 02:02:30 | 000,000,000 | ---D | C] -- I:\Program Files\CCleaner [2011-05-04 20:22:54 | 000,000,000 | ---D | C] -- I:\Program Files\FunWebProducts [2011-05-04 20:06:58 | 000,282,928 | ---- | C] (My Privacy Tools, Inc.) -- I:\WINDOWS\System32\HMIPCore.dll [2011-04-29 20:06:31 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\PowerISO [2011-04-29 20:06:30 | 000,000,000 | ---D | C] -- I:\Program Files\PowerISO [2011-04-29 20:02:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Alcohol 120% [2011-04-29 20:00:47 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 120% [2011-04-29 20:00:41 | 000,000,000 | ---D | C] -- I:\Program Files\Alcohol Soft [2011-04-29 17:35:51 | 000,000,000 | ---D | C] -- I:\Documents and Settings\NetworkService\Dane aplikacji\Xfire [2011-04-29 14:51:27 | 000,000,000 | ---D | C] -- I:\Program Files\SystemRequirementsLab [2011-04-29 14:51:25 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\SystemRequirementsLab [2011-04-29 14:51:18 | 000,000,000 | ---D | C] -- I:\WINDOWS\Sun [2011-04-29 14:51:04 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\Sun [2011-04-26 13:55:52 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\My Logo Design Studio Trial Projects [2011-04-26 13:55:32 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\My Logo Design Studio Projects [2011-04-26 13:55:08 | 000,000,000 | ---D | C] -- I:\Program Files\Summitsoft [2011-04-26 13:55:08 | 000,000,000 | ---D | C] -- I:\WINDOWS\Logo Design Studio [2011-04-26 02:34:36 | 000,000,000 | ---D | C] -- I:\Hotspot Shield [2011-04-26 02:34:31 | 000,000,000 | ---D | C] -- I:\Program Files\Hotspot Shield [2011-04-26 01:01:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Xfire [2011-04-26 01:01:04 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Xfire [2011-04-26 01:01:02 | 000,000,000 | ---D | C] -- I:\Program Files\Xfire [2011-04-25 23:53:11 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\TeamViewer [2011-04-25 23:52:59 | 000,000,000 | ---D | C] -- I:\Program Files\TeamViewer [2011-04-22 16:46:41 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\.gstreamer-0.10 [2011-04-22 16:45:58 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\OpenFM [2011-04-22 16:45:58 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- I:\WINDOWS\System32\drvc.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-20 14:01:43 | 000,002,595 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\WebKeySoft Process Manager 2 Lite.lnk [2011-06-20 13:31:32 | 000,615,452 | ---- | M] () -- I:\WINDOWS\System32\perfh015.dat [2011-06-20 13:31:32 | 000,518,180 | ---- | M] () -- I:\WINDOWS\System32\perfh009.dat [2011-06-20 13:31:32 | 000,145,192 | ---- | M] () -- I:\WINDOWS\System32\perfc015.dat [2011-06-20 13:31:32 | 000,115,542 | ---- | M] () -- I:\WINDOWS\System32\perfc009.dat [2011-06-20 13:27:33 | 000,000,002 | ---- | M] () -- I:\Documents and Settings\All Users\timerxfile [2011-06-20 13:27:33 | 000,000,002 | ---- | M] () -- I:\Documents and Settings\All Users\datesavefile [2011-06-20 13:27:33 | 000,000,001 | ---- | M] () -- I:\Documents and Settings\All Users\varsavefile [2011-06-20 13:27:11 | 000,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat [2011-06-20 00:33:51 | 000,000,703 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Duke Nukem Forever.lnk [2011-06-19 13:13:31 | 000,000,462 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\PLP 11 Center.lnk [2011-06-19 12:44:23 | 000,002,465 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Nero BurnLite 10.lnk [2011-06-18 14:26:53 | 000,095,072 | ---- | M] () -- I:\WINDOWS\System32\FNTCACHE.DAT [2011-06-18 10:23:59 | 000,000,499 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Virtual DJ.lnk [2011-06-05 23:16:14 | 000,000,966 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\DarkDimensions_CityOfFog.exe.lnk [2011-06-04 20:53:25 | 000,001,503 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Operation Flashpoint ® Red River.lnk [2011-06-02 21:39:49 | 000,278,984 | ---- | M] () -- I:\WINDOWS\System32\drivers\atksgt.sys [2011-06-02 21:39:48 | 000,025,416 | ---- | M] () -- I:\WINDOWS\System32\drivers\lirsgt.sys [2011-06-02 14:28:53 | 000,002,206 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl [2011-06-02 11:38:54 | 000,000,627 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Royal_Envoy.exe.lnk [2011-05-30 18:14:31 | 000,000,431 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy.lnk [2011-05-28 09:57:30 | 000,444,952 | ---- | M] (Creative Labs) -- I:\WINDOWS\System32\wrap_oal.dll [2011-05-28 09:56:56 | 000,001,374 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\DiRT 3.lnk [2011-05-27 22:40:12 | 000,000,879 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\MysteryTrackers_Raincliff_CE.exe.lnk [2011-05-26 20:19:28 | 000,000,975 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Darkness Within 2.lnk [2011-05-25 21:23:03 | 000,001,861 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar.lnk [2011-05-23 16:22:10 | 000,115,369 | ---- | M] () -- I:\WINDOWS\System32\drivers\klin.dat [2011-05-22 15:16:42 | 000,000,492 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Launcher.lnk [2011-05-21 20:36:20 | 007,987,953 | ---- | M] (CCCP Project ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe [2011-05-21 20:36:20 | 000,566,784 | ---- | M] ( ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe [2011-05-21 20:36:20 | 000,347,136 | RHS- | M] (NirSoft) -- I:\Documents and Settings\All Users\nircmd.exe [2011-05-21 20:36:20 | 000,347,136 | ---- | M] (NirSoft) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe [2011-05-21 20:36:20 | 000,004,768 | ---- | M] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\operaprefs.ini [2011-05-21 20:36:20 | 000,004,768 | ---- | M] () -- I:\Documents and Settings\All Users\operaprefs.ini [2011-05-21 19:17:57 | 000,566,784 | RHS- | M] ( ) -- I:\Documents and Settings\All Users\jushed.exe [2011-05-20 20:19:55 | 000,000,920 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\German Truck Simulator.lnk [2011-05-20 16:20:17 | 000,240,592 | ---- | M] () -- I:\WINDOWS\System32\nvdrsdb0.bin [2011-05-20 16:20:17 | 000,000,001 | ---- | M] () -- I:\WINDOWS\System32\nvdrssel.bin [2011-05-20 16:20:14 | 000,240,592 | ---- | M] () -- I:\WINDOWS\System32\nvdrsdb1.bin [2011-05-20 16:20:14 | 000,000,000 | ---- | M] () -- I:\WINDOWS\System32\nvdrswr.lk [2011-05-15 19:22:44 | 000,000,625 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Symulator Farmy 2011 .lnk [2011-05-15 12:22:34 | 000,000,210 | ---- | M] () -- I:\WINDOWS\System32\spupdsvc.inf [2011-05-14 18:21:50 | 000,000,916 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Magical Mysteries Path of the Sorceress.lnk [2011-05-13 20:43:26 | 000,000,632 | ---- | M] () -- I:\WINDOWS\Thps3.INI [2011-05-09 17:01:39 | 005,760,054 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\DreamChronicles5 wllppr_05.bmp [2011-05-08 14:13:58 | 000,786,416 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\14.9 Pub..zip [2011-05-08 14:13:27 | 000,000,000 | ---- | M] () -- I:\Documents and Settings\Wojtas\14.9 Pub..zip [2011-05-08 14:08:44 | 003,237,961 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\BlackLegend D3D.rar [2011-05-08 14:07:22 | 000,000,000 | ---- | M] () -- I:\Documents and Settings\Wojtas\BlackLegend D3D.rar [2011-05-07 18:07:23 | 000,000,754 | ---- | M] () -- I:\WINDOWS\WORDPAD.INI [2011-05-07 09:38:26 | 000,736,256 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Pub.dll [2011-05-05 15:05:24 | 000,001,611 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-05-05 02:02:36 | 000,000,691 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\CCleaner.lnk [2011-05-04 20:27:57 | 000,000,167 | ---- | M] () -- I:\WINDOWS\wininit.ini [2011-05-02 13:31:49 | 000,001,984 | ---- | M] () -- I:\WINDOWS\System32\d3d9caps.dat [2011-04-29 20:05:22 | 000,000,247 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\ax_files.xml [2011-04-26 01:28:48 | 000,000,647 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Xfire.lnk [2011-04-24 18:20:00 | 003,340,238 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Siro's pub 8.6.zip [2011-04-24 18:18:48 | 000,000,000 | ---- | M] () -- I:\Documents and Settings\Wojtas\Siro's pub 8.6.zip [2011-04-22 21:59:00 | 000,461,750 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\S6300245.JPG [2011-04-22 21:56:49 | 000,065,064 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\nikaa.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-20 13:58:37 | 000,002,595 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\WebKeySoft Process Manager 2 Lite.lnk [2011-06-20 00:33:51 | 000,000,703 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Duke Nukem Forever.lnk [2011-06-19 13:13:31 | 000,000,462 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\PLP 11 Center.lnk [2011-06-18 10:23:59 | 000,000,499 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Virtual DJ.lnk [2011-06-18 10:09:56 | 000,001,804 | ---- | C] () -- I:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk [2011-06-05 23:16:14 | 000,000,966 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\DarkDimensions_CityOfFog.exe.lnk [2011-06-04 20:54:53 | 000,001,094 | ---- | C] () -- I:\Documents and Settings\All Users\Menu Start\Programy\Windows Live ID.lnk [2011-06-04 20:53:25 | 000,001,503 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Operation Flashpoint ® Red River.lnk [2011-06-02 21:39:49 | 000,278,984 | ---- | C] () -- I:\WINDOWS\System32\drivers\atksgt.sys [2011-06-02 21:39:48 | 000,025,416 | ---- | C] () -- I:\WINDOWS\System32\drivers\lirsgt.sys [2011-06-02 11:37:15 | 000,000,627 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Royal_Envoy.exe.lnk [2011-05-30 18:14:31 | 000,000,431 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy.lnk [2011-05-28 09:56:56 | 000,001,374 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\DiRT 3.lnk [2011-05-27 22:40:11 | 000,000,879 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\MysteryTrackers_Raincliff_CE.exe.lnk [2011-05-26 20:19:28 | 000,000,975 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Darkness Within 2.lnk [2011-05-25 21:23:03 | 000,001,861 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar.lnk [2011-05-22 15:16:42 | 000,000,492 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Launcher.lnk [2011-05-21 19:18:09 | 000,000,002 | ---- | C] () -- I:\Documents and Settings\All Users\timerxfile [2011-05-21 19:18:09 | 000,000,002 | ---- | C] () -- I:\Documents and Settings\All Users\datesavefile [2011-05-21 19:18:09 | 000,000,001 | ---- | C] () -- I:\Documents and Settings\All Users\varsavefile [2011-05-21 19:17:57 | 000,004,768 | ---- | C] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\operaprefs.ini [2011-05-21 19:17:57 | 000,004,768 | ---- | C] () -- I:\Documents and Settings\All Users\operaprefs.ini [2011-05-20 20:19:55 | 000,000,920 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\German Truck Simulator.lnk [2011-05-15 22:23:12 | 000,072,258 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Amber Maiden - Track1.tif [2011-05-15 22:23:04 | 002,066,691 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Amber Maiden - Track1.wma [2011-05-15 19:22:44 | 000,000,625 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Symulator Farmy 2011 .lnk [2011-05-15 12:22:34 | 000,000,210 | ---- | C] () -- I:\WINDOWS\System32\spupdsvc.inf [2011-05-13 20:38:07 | 000,000,632 | ---- | C] () -- I:\WINDOWS\Thps3.INI [2011-05-09 17:01:38 | 005,760,054 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\DreamChronicles5 wllppr_05.bmp [2011-05-08 19:02:49 | 000,000,916 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Magical Mysteries Path of the Sorceress.lnk [2011-05-08 14:14:37 | 000,736,256 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Pub.dll [2011-05-08 14:14:37 | 000,201,728 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Pub.exe [2011-05-08 14:13:32 | 000,786,416 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\14.9 Pub..zip [2011-05-08 14:13:27 | 000,000,000 | ---- | C] () -- I:\Documents and Settings\Wojtas\14.9 Pub..zip [2011-05-08 14:07:38 | 003,237,961 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\BlackLegend D3D.rar [2011-05-08 14:07:22 | 000,000,000 | ---- | C] () -- I:\Documents and Settings\Wojtas\BlackLegend D3D.rar [2011-05-07 18:07:23 | 000,000,754 | ---- | C] () -- I:\WINDOWS\WORDPAD.INI [2011-05-05 02:02:36 | 000,000,691 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\CCleaner.lnk [2011-05-04 20:23:58 | 000,000,167 | ---- | C] () -- I:\WINDOWS\wininit.ini [2011-04-29 20:02:27 | 000,000,247 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\ax_files.xml [2011-04-26 01:28:48 | 000,000,647 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Xfire.lnk [2011-04-24 18:18:51 | 003,340,238 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Siro's pub 8.6.zip [2011-04-24 18:18:48 | 000,000,000 | ---- | C] () -- I:\Documents and Settings\Wojtas\Siro's pub 8.6.zip [2011-04-22 21:57:34 | 000,461,750 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\S6300245.JPG [2011-04-22 21:56:24 | 000,065,064 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\nikaa.jpg [2011-04-20 16:17:05 | 000,000,000 | ---- | C] () -- I:\WINDOWS\ativpsrm.bin [2011-04-20 16:16:44 | 000,887,724 | R--- | C] () -- I:\WINDOWS\System32\ativva6x.dat [2011-04-20 16:16:44 | 000,196,565 | R--- | C] () -- I:\WINDOWS\System32\atiicdxx.dat [2011-04-20 16:16:44 | 000,000,003 | R--- | C] () -- I:\WINDOWS\System32\ativva5x.dat [2011-04-20 11:07:10 | 000,240,592 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb0.bin [2011-04-20 11:07:08 | 000,240,592 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb1.bin [2011-04-20 11:07:08 | 000,000,001 | ---- | C] () -- I:\WINDOWS\System32\nvdrssel.bin [2011-04-17 22:15:07 | 000,178,176 | ---- | C] () -- I:\WINDOWS\System32\unrar.dll [2011-04-17 21:57:54 | 000,041,872 | ---- | C] () -- I:\WINDOWS\System32\xfcodec.dll [2011-04-17 21:45:02 | 000,001,984 | ---- | C] () -- I:\WINDOWS\System32\d3d9caps.dat [2011-04-15 13:35:56 | 000,003,584 | ---- | C] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- I:\WINDOWS\System32\xlive.dll.cat [2011-03-26 12:13:28 | 000,002,352 | ---- | C] () -- I:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-03-25 19:08:20 | 000,604,140 | -HS- | C] () -- I:\WINDOWS\System32\drivers\ISwift3.dat [2011-03-25 19:00:03 | 000,115,369 | ---- | C] () -- I:\WINDOWS\System32\drivers\klin.dat [2011-03-25 19:00:03 | 000,097,859 | ---- | C] () -- I:\WINDOWS\System32\drivers\klick.dat [2011-03-25 17:55:50 | 000,001,732 | ---- | C] () -- I:\WINDOWS\System32\drivers\nvphy.bin [2011-03-25 17:53:59 | 000,004,293 | ---- | C] () -- I:\WINDOWS\ODBCINST.INI [2011-03-25 17:46:01 | 000,095,072 | ---- | C] () -- I:\WINDOWS\System32\FNTCACHE.DAT [2011-03-25 17:27:38 | 000,000,000 | ---- | C] () -- I:\WINDOWS\nsreg.dat [2011-03-25 17:19:59 | 000,049,152 | R--- | C] () -- I:\WINDOWS\System32\ChCfg.exe [2011-03-25 17:04:51 | 000,002,048 | --S- | C] () -- I:\WINDOWS\bootstat.dat [2011-03-25 17:04:07 | 000,110,602 | ---- | C] () -- I:\WINDOWS\System32\xcdsfx32.bin [2011-03-25 17:01:25 | 000,021,856 | ---- | C] () -- I:\WINDOWS\System32\emptyregdb.dat [2011-03-25 17:00:15 | 000,394,752 | ---- | C] () -- I:\WINDOWS\System32\cygwinb19.dll [2010-10-08 03:11:00 | 002,293,194 | ---- | C] () -- I:\WINDOWS\System32\nvdata.bin [2009-07-03 16:45:12 | 000,027,507 | ---- | C] () -- I:\WINDOWS\System32\drivers\klopp.dat [2009-02-18 07:55:20 | 000,294,912 | ---- | C] () -- I:\WINDOWS\System32\ATIODE.exe [2009-02-03 10:52:02 | 000,045,056 | ---- | C] () -- I:\WINDOWS\System32\ATIODCLI.exe [2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- I:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- I:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- I:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- I:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- I:\WINDOWS\System32\libmplayer.dll [2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- I:\WINDOWS\System32\Dcache.bin [2008-03-06 03:37:26 | 000,000,183 | ---- | C] () -- I:\WINDOWS\System32\oeminfo.ini [2006-12-31 08:57:08 | 000,004,569 | ---- | C] () -- I:\WINDOWS\System32\secupd.dat [2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- I:\WINDOWS\System32\sherlock2.exe [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- I:\WINDOWS\System32\ff_mpeg2enc.dll [2001-08-23 14:00:00 | 013,107,200 | ---- | C] () -- I:\WINDOWS\System32\oembios.bin [2001-08-23 14:00:00 | 000,673,088 | ---- | C] () -- I:\WINDOWS\System32\mlang.dat [2001-08-23 14:00:00 | 000,615,452 | ---- | C] () -- I:\WINDOWS\System32\perfh015.dat [2001-08-23 14:00:00 | 000,518,180 | ---- | C] () -- I:\WINDOWS\System32\perfh009.dat [2001-08-23 14:00:00 | 000,313,828 | ---- | C] () -- I:\WINDOWS\System32\perfi015.dat [2001-08-23 14:00:00 | 000,272,128 | ---- | C] () -- I:\WINDOWS\System32\perfi009.dat [2001-08-23 14:00:00 | 000,218,003 | ---- | C] () -- I:\WINDOWS\System32\dssec.dat [2001-08-23 14:00:00 | 000,145,192 | ---- | C] () -- I:\WINDOWS\System32\perfc015.dat [2001-08-23 14:00:00 | 000,115,542 | ---- | C] () -- I:\WINDOWS\System32\perfc009.dat [2001-08-23 14:00:00 | 000,046,258 | ---- | C] () -- I:\WINDOWS\System32\mib.bin [2001-08-23 14:00:00 | 000,034,990 | ---- | C] () -- I:\WINDOWS\System32\perfd015.dat [2001-08-23 14:00:00 | 000,028,626 | ---- | C] () -- I:\WINDOWS\System32\perfd009.dat [2001-08-23 14:00:00 | 000,004,463 | ---- | C] () -- I:\WINDOWS\System32\oembios.dat [color=#E56717]========== LOP Check ==========[/color] [2011-05-28 10:00:18 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-03-26 02:19:48 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-05-28 10:00:19 | 000,000,000 | -HSD | M] -- I:\Documents and Settings\All Users\Dane aplikacji\DSS [2011-04-02 12:08:50 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-04-02 12:08:50 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-05-27 22:39:19 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Elephant Games [2011-03-25 18:56:30 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-06-16 17:59:22 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-05-08 17:32:46 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\PlayFirst [2011-05-29 13:15:10 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Playrix Entertainment [2011-03-26 18:52:14 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2011-04-03 18:40:56 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Rumbic Studio [2011-04-02 12:09:10 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2011-06-15 23:46:05 | 000,000,000 | ---D | M] -- I:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-03-25 17:01:26 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Default User\Dane aplikacji\Xentient [2011-06-20 00:16:42 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\AIMP [2011-05-08 19:45:57 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\AlderGames [2011-03-26 02:21:07 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\DAEMON Tools Lite [2011-06-05 22:45:20 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\DailyMagic [2011-05-27 22:39:19 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Elephant Games [2011-05-14 19:59:14 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\ERS Game Studios [2011-05-06 10:14:59 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Funswitch [2011-04-30 22:01:29 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Gadu-Gadu 10 [2011-03-26 20:35:22 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\GameRanger [2011-04-04 09:05:10 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\iMaxGen [2011-03-26 02:33:39 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Leadertech [2011-03-25 18:55:00 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Nowe Gadu-Gadu [2011-04-22 16:45:58 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\OpenFM [2011-05-08 17:32:46 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\PlayFirst [2011-04-09 18:36:52 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Playrix Entertainment [2011-06-05 22:56:12 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\PriceGong [2011-04-26 00:38:40 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\TeamViewer [2011-06-12 21:44:53 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\TS3Client [2011-06-16 22:46:31 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\uTorrent [2011-05-25 21:23:21 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Vast Studios [2011-05-07 10:33:04 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Vogat Interactive [2011-03-25 17:01:26 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Xentient [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-03-25 17:45:23 | 000,000,210 | -HS- | M] () -- I:\boot.ini [2001-08-23 14:00:00 | 000,004,952 | RHS- | M] () -- I:\Bootfont.bin [2011-03-25 17:20:03 | 000,000,206 | ---- | M] () -- I:\csb.log [2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- I:\NTDETECT.COM [2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- I:\ntldr [2011-06-20 13:27:09 | 2145,386,496 | -HS- | M] () -- I:\pagefile.sys [2011-03-25 17:04:06 | 000,001,224 | ---- | M] () -- I:\Silverlight0.log [2011-03-25 17:04:06 | 000,176,474 | ---- | M] () -- I:\SilverlightMSI.log [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- I:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-23 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- I:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- I:\WINDOWS\system32\drivers\cdrom.sys [2011-02-08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- I:\WINDOWS\system32\dllcache\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- I:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- I:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- I:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 193 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF3C50F @Alternate Data Stream - 173 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:587F3582 @Alternate Data Stream - 143 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C2F24DB5 @Alternate Data Stream - 140 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:5FD35242 @Alternate Data Stream - 139 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:9A603EB0 @Alternate Data Stream - 137 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:E7367C77 @Alternate Data Stream - 135 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C36D0DFD @Alternate Data Stream - 131 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:E9EE2AB9 @Alternate Data Stream - 131 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:9E7A0CF1 @Alternate Data Stream - 126 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:6E2D80C8 @Alternate Data Stream - 120 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C48905F4 < End of report > [/log]
Mateusz J. komentarz 20 czerwca 2011 komentarz 20 czerwca 2011 @wojtax Do okna OTL wklej: [code]:OTL PRC - [2011-05-21 19:17:57 | 000,566,784 | RHS- | M] ( ) -- I:\Documents and Settings\All Users\jushed.exe O4 - HKCU..\Run: [jushed] I:\Documents and Settings\All Users\jushed.exe ( ) :file I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe I:\Documents and Settings\All Users\jushed.exe I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe I:\Documents and Settings\All Users\nircmd.exe I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe :reg [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2] :Commands [emptyflash] [emptytemp][/code]Kliknij Wykonaj skrypt, potwierdź ponowne uruchomienie systemu. Tworzysz nowy log i pokazujesz go na forum.
wojtax2 komentarz 20 czerwca 2011 Autor komentarz 20 czerwca 2011 (edytowane) Zrobiłem jak kazałeś i załączam Log po Twojej komendzie. [log]OTL logfile created on: 2011-06-20 15:05:02 - Run 4 OTL by OldTimer - Version 3.2.23.0 Folder = J:\Mozilla Download Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,79% Memory free 3,84 Gb Paging File | 3,49 Gb Available in Paging File | 90,75% Paging File free Paging file location(s): I:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files Drive E: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive I: | 52,60 Gb Total Space | 38,77 Gb Free Space | 73,70% Space Free | Partition Type: NTFS Drive J: | 439,45 Gb Total Space | 268,34 Gb Free Space | 61,06% Space Free | Partition Type: NTFS Drive K: | 439,45 Gb Total Space | 356,67 Gb Free Space | 81,16% Space Free | Partition Type: NTFS Computer Name: VVOJTAS | User Name: Wojtas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-10 11:04:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- J:\Mozilla Download\OTL.exe PRC - [2011-05-21 19:17:57 | 000,566,784 | RHS- | M] ( ) -- I:\Documents and Settings\All Users\jushed.exe PRC - [2011-04-21 01:36:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- I:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- I:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- I:\Program Files\Nero\Update\NASvc.exe PRC - [2010-04-12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- I:\Program Files\PowerISO\PWRISOVM.EXE PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2008-05-22 17:11:08 | 001,503,232 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\explorer.exe PRC - [2007-09-05 12:20:12 | 000,036,352 | ---- | M] (VisualTaskTips.com) -- I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-10 11:04:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- J:\Mozilla Download\OTL.exe MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- I:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-09-05 12:20:04 | 000,007,680 | ---- | M] () -- I:\Program Files\Utilities\VisualTaskTips\VttHooks.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-03-25 19:17:14 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2010-05-04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- I:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-06-02 21:39:49 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- I:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-06-02 21:39:48 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- I:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-04-29 19:57:51 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- I:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-04-15 01:18:08 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2011-03-26 02:20:05 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- I:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-03-25 18:59:32 | 000,296,976 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- I:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2011-03-25 17:21:21 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-09-07 22:08:58 | 000,100,712 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2010-04-12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- I:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2009-11-24 16:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-11-18 12:24:26 | 000,095,232 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- I:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-06-15 15:01:00 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- I:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009-05-16 21:59:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-05-13 18:46:52 | 000,031,760 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2008-12-15 21:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- I:\WINDOWS\system32\drivers\klbg.sys -- (klbg) DRV - [2008-05-20 15:11:10 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- I:\WINDOWS\System32\drivers\ftsata2.sys -- (ftsata2) DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2007-06-28 12:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-06-28 12:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007-06-14 10:41:58 | 004,429,312 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- I:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-06-19 05:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- I:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2001-12-19 12:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- I:\Program Files\System\CPL Bonus\vcdrom.sys -- (vcdrom) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie_rsearch.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Hotspot Shield Private Search" FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..keyword.URL: "http://search.hotspotshield.com/g/results.php?c=s&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2011-06-02 20:55:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2011-04-21 01:36:29 | 000,066,520 | ---- | M] (mozilla.org) FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011-03-25 18:59:50 | 000,000,000 | ---D | M] [2011-05-05 15:05:30 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Extensions [2011-06-19 09:31:22 | 000,000,000 | ---D | M] (No name found) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\extensions [2011-05-27 12:30:21 | 000,000,000 | ---D | M] (DownloadHelper) -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-03-21 16:12:42 | 000,000,863 | ---- | M] () -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\searchplugins\conduit.xml [2011-03-26 02:19:54 | 000,002,059 | ---- | M] () -- I:\Documents and Settings\Wojtas\Dane aplikacji\Mozilla\Firefox\Profiles\b8ryxoaa.default\searchplugins\daemon-search.xml [2011-06-19 09:31:22 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions [2011-04-29 14:50:11 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-04-29 20:22:40 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-05 02:11:07 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2011-03-25 19:00:07 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- I:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-04-29 14:49:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- I:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-04-21 01:10:05 | 000,002,767 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-04-21 01:10:05 | 000,001,406 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-21 01:10:05 | 000,000,917 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-04-21 01:10:05 | 000,000,858 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-04-21 01:10:05 | 000,001,183 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-04-21 01:10:05 | 000,001,683 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-08-23 14:00:00 | 000,000,742 | ---- | M]) - I:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - I:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - I:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - I:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] I:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [amd_dc_opt] I:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [AVP] I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [NvCplDaemon] I:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] I:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] I:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [PWRISOVM.EXE] I:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKCU..\Run: [AlcoholAutomount] I:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu 10] I:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [jushed] I:\Documents and Settings\All Users\jushed.exe ( ) O4 - HKCU..\Run: [VisualTaskTips] I:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (VisualTaskTips.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - I:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Dodaj do blokowanych banerów - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - AppInit_DLLs: (I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (I:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - I:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - I:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - I:\WINDOWS\system32\klogon.dll - I:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-06-11 14:24:48 | 000,000,065 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{c4078676-573e-11e0-85a5-001a4df67d37}\Shell - "" = AutoRun O33 - MountPoints2\{c4078676-573e-11e0-85a5-001a4df67d37}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011-06-11 14:24:48 | 000,530,669 | R--- | M] (2K Games ) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-20 14:14:12 | 000,000,000 | ---D | C] -- I:\Program Files\trend micro [2011-06-20 14:14:11 | 000,000,000 | ---D | C] -- I:\rsit [2011-06-20 13:58:37 | 000,000,000 | ---D | C] -- I:\Program Files\WebKeySoft [2011-06-20 13:58:37 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\WebKeySoft [2011-06-20 12:07:08 | 000,000,000 | RH-D | C] -- I:\Documents and Settings\Wojtas\Recent [2011-06-20 00:47:06 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Duke Nukem Forever [2011-06-20 00:43:49 | 000,034,304 | ---- | C] (AMD, Inc.) -- I:\WINDOWS\System32\drivers\AmdLLD.sys [2011-06-20 00:43:47 | 000,000,000 | ---D | C] -- I:\Program Files\AMD [2011-06-20 00:43:36 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Downloaded Installations [2011-06-20 00:33:50 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\2K Games [2011-06-18 11:45:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Pulpit\Ryby [2011-06-18 10:23:59 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\Virtual DJ [2011-06-18 10:23:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\VirtualDJ [2011-06-18 10:23:20 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Menu Start\Programy\Native Instruments Traktor DJ Mixer [2011-06-18 10:09:50 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\Adobe [2011-06-18 10:09:50 | 000,000,000 | ---D | C] -- I:\Program Files\Adobe [2011-06-05 22:45:20 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\DailyMagic [2011-06-04 20:55:10 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Games for Windows Marketplace [2011-05-29 18:57:56 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy [2011-05-28 10:00:19 | 000,000,000 | -HSD | C] -- I:\Documents and Settings\All Users\Dane aplikacji\DSS [2011-05-28 10:00:18 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-05-28 10:00:13 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dokumenty\microsoft [2011-05-28 09:57:47 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Blue Ripple Sound [2011-05-28 09:57:45 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- I:\WINDOWS\System32\mkl_blueripple.dll [2011-05-28 09:57:45 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- I:\WINDOWS\System32\rapture3d_oal.dll [2011-05-28 09:57:44 | 000,000,000 | ---D | C] -- I:\Program Files\BRS [2011-05-28 09:39:49 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Codemasters [2011-05-27 22:39:19 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Elephant Games [2011-05-27 22:39:19 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Dane aplikacji\Elephant Games [2011-05-27 13:17:42 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\My Cheat Tables [2011-05-26 20:19:27 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\Iceberg Interactive [2011-05-26 20:15:12 | 000,000,000 | ---D | C] -- I:\Program Files\Iceberg Interactive [2011-05-25 21:23:21 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Dane aplikacji\Vast Studios [2011-05-25 21:22:53 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar [2011-05-21 21:08:52 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Menu Start\Programy\The Witcher 2 [2011-05-21 20:22:46 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Wojtas\Moje dokumenty\The Witcher 2 [2011-05-21 19:17:57 | 007,987,953 | ---- | C] (CCCP Project ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe [2011-05-21 19:17:57 | 000,566,784 | RHS- | C] ( ) -- I:\Documents and Settings\All Users\jushed.exe [2011-05-21 19:17:57 | 000,566,784 | ---- | C] ( ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe [2011-05-21 19:17:57 | 000,347,136 | RHS- | C] (NirSoft) -- I:\Documents and Settings\All Users\nircmd.exe [2011-05-21 19:17:57 | 000,347,136 | ---- | C] (NirSoft) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe [2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) -- I:\WINDOWS\System32\drvc.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-20 15:02:36 | 000,000,002 | ---- | M] () -- I:\Documents and Settings\All Users\timerxfile [2011-06-20 15:02:36 | 000,000,002 | ---- | M] () -- I:\Documents and Settings\All Users\datesavefile [2011-06-20 15:02:36 | 000,000,001 | ---- | M] () -- I:\Documents and Settings\All Users\varsavefile [2011-06-20 15:02:25 | 000,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat [2011-06-20 14:01:43 | 000,002,595 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\WebKeySoft Process Manager 2 Lite.lnk [2011-06-20 13:31:32 | 000,615,452 | ---- | M] () -- I:\WINDOWS\System32\perfh015.dat [2011-06-20 13:31:32 | 000,518,180 | ---- | M] () -- I:\WINDOWS\System32\perfh009.dat [2011-06-20 13:31:32 | 000,145,192 | ---- | M] () -- I:\WINDOWS\System32\perfc015.dat [2011-06-20 13:31:32 | 000,115,542 | ---- | M] () -- I:\WINDOWS\System32\perfc009.dat [2011-06-20 00:33:51 | 000,000,703 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Duke Nukem Forever.lnk [2011-06-19 13:13:31 | 000,000,462 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\PLP 11 Center.lnk [2011-06-19 12:44:23 | 000,002,465 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Nero BurnLite 10.lnk [2011-06-18 14:26:53 | 000,095,072 | ---- | M] () -- I:\WINDOWS\System32\FNTCACHE.DAT [2011-06-18 10:23:59 | 000,000,499 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Virtual DJ.lnk [2011-06-05 23:16:14 | 000,000,966 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\DarkDimensions_CityOfFog.exe.lnk [2011-06-04 20:53:25 | 000,001,503 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Operation Flashpoint ® Red River.lnk [2011-06-02 21:39:49 | 000,278,984 | ---- | M] () -- I:\WINDOWS\System32\drivers\atksgt.sys [2011-06-02 21:39:48 | 000,025,416 | ---- | M] () -- I:\WINDOWS\System32\drivers\lirsgt.sys [2011-06-02 14:28:53 | 000,002,206 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl [2011-06-02 11:38:54 | 000,000,627 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Royal_Envoy.exe.lnk [2011-05-30 18:14:31 | 000,000,431 | ---- | M] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy.lnk [2011-05-28 09:57:30 | 000,444,952 | ---- | M] (Creative Labs) -- I:\WINDOWS\System32\wrap_oal.dll [2011-05-28 09:57:30 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- I:\WINDOWS\System32\OpenAL32.dll [2011-05-28 09:56:56 | 000,001,374 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\DiRT 3.lnk [2011-05-27 22:40:12 | 000,000,879 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\MysteryTrackers_Raincliff_CE.exe.lnk [2011-05-26 20:19:28 | 000,000,975 | ---- | M] () -- I:\Documents and Settings\All Users\Pulpit\Darkness Within 2.lnk [2011-05-25 21:23:03 | 000,001,861 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar.lnk [2011-05-23 16:22:10 | 000,115,369 | ---- | M] () -- I:\WINDOWS\System32\drivers\klin.dat [2011-05-22 15:16:42 | 000,000,492 | ---- | M] () -- I:\Documents and Settings\Wojtas\Pulpit\Launcher.lnk [2011-05-21 20:36:20 | 007,987,953 | ---- | M] (CCCP Project ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe [2011-05-21 20:36:20 | 000,566,784 | ---- | M] ( ) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe [2011-05-21 20:36:20 | 000,347,136 | RHS- | M] (NirSoft) -- I:\Documents and Settings\All Users\nircmd.exe [2011-05-21 20:36:20 | 000,347,136 | ---- | M] (NirSoft) -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe [2011-05-21 20:36:20 | 000,004,768 | ---- | M] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\operaprefs.ini [2011-05-21 20:36:20 | 000,004,768 | ---- | M] () -- I:\Documents and Settings\All Users\operaprefs.ini [2011-05-21 19:17:57 | 000,566,784 | RHS- | M] ( ) -- I:\Documents and Settings\All Users\jushed.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-20 13:58:37 | 000,002,595 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\WebKeySoft Process Manager 2 Lite.lnk [2011-06-20 00:33:51 | 000,000,703 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Duke Nukem Forever.lnk [2011-06-19 13:13:31 | 000,000,462 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\PLP 11 Center.lnk [2011-06-18 10:23:59 | 000,000,499 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Virtual DJ.lnk [2011-06-18 10:09:56 | 000,001,804 | ---- | C] () -- I:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk [2011-06-05 23:16:14 | 000,000,966 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\DarkDimensions_CityOfFog.exe.lnk [2011-06-04 20:54:53 | 000,001,094 | ---- | C] () -- I:\Documents and Settings\All Users\Menu Start\Programy\Windows Live ID.lnk [2011-06-04 20:53:25 | 000,001,503 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Operation Flashpoint ® Red River.lnk [2011-06-02 21:39:49 | 000,278,984 | ---- | C] () -- I:\WINDOWS\System32\drivers\atksgt.sys [2011-06-02 21:39:48 | 000,025,416 | ---- | C] () -- I:\WINDOWS\System32\drivers\lirsgt.sys [2011-06-02 11:37:15 | 000,000,627 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Royal_Envoy.exe.lnk [2011-05-30 18:14:31 | 000,000,431 | ---- | C] () -- I:\Documents and Settings\Wojtas\Moje dokumenty\Royal Envoy.lnk [2011-05-28 09:56:56 | 000,001,374 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\DiRT 3.lnk [2011-05-27 22:40:11 | 000,000,879 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\MysteryTrackers_Raincliff_CE.exe.lnk [2011-05-26 20:19:28 | 000,000,975 | ---- | C] () -- I:\Documents and Settings\All Users\Pulpit\Darkness Within 2.lnk [2011-05-25 21:23:03 | 000,001,861 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Lost Chronicles Fall of Caesar.lnk [2011-05-22 15:16:42 | 000,000,492 | ---- | C] () -- I:\Documents and Settings\Wojtas\Pulpit\Launcher.lnk [2011-05-21 19:18:09 | 000,000,002 | ---- | C] () -- I:\Documents and Settings\All Users\timerxfile [2011-05-21 19:18:09 | 000,000,002 | ---- | C] () -- I:\Documents and Settings\All Users\datesavefile [2011-05-21 19:18:09 | 000,000,001 | ---- | C] () -- I:\Documents and Settings\All Users\varsavefile [2011-05-21 19:17:57 | 000,004,768 | ---- | C] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\operaprefs.ini [2011-05-21 19:17:57 | 000,004,768 | ---- | C] () -- I:\Documents and Settings\All Users\operaprefs.ini [2011-05-13 20:38:07 | 000,000,632 | ---- | C] () -- I:\WINDOWS\Thps3.INI [2011-05-07 18:07:23 | 000,000,754 | ---- | C] () -- I:\WINDOWS\WORDPAD.INI [2011-05-04 20:23:58 | 000,000,167 | ---- | C] () -- I:\WINDOWS\wininit.ini [2011-04-20 16:17:05 | 000,000,000 | ---- | C] () -- I:\WINDOWS\ativpsrm.bin [2011-04-20 16:16:44 | 000,887,724 | R--- | C] () -- I:\WINDOWS\System32\ativva6x.dat [2011-04-20 16:16:44 | 000,196,565 | R--- | C] () -- I:\WINDOWS\System32\atiicdxx.dat [2011-04-20 16:16:44 | 000,000,003 | R--- | C] () -- I:\WINDOWS\System32\ativva5x.dat [2011-04-20 11:07:10 | 000,240,592 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb0.bin [2011-04-20 11:07:08 | 000,240,592 | ---- | C] () -- I:\WINDOWS\System32\nvdrsdb1.bin [2011-04-20 11:07:08 | 000,000,001 | ---- | C] () -- I:\WINDOWS\System32\nvdrssel.bin [2011-04-17 22:15:07 | 000,178,176 | ---- | C] () -- I:\WINDOWS\System32\unrar.dll [2011-04-17 21:57:54 | 000,041,872 | ---- | C] () -- I:\WINDOWS\System32\xfcodec.dll [2011-04-17 21:45:02 | 000,001,984 | ---- | C] () -- I:\WINDOWS\System32\d3d9caps.dat [2011-04-15 13:35:56 | 000,003,584 | ---- | C] () -- I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- I:\WINDOWS\System32\xlive.dll.cat [2011-03-26 12:13:28 | 000,002,352 | ---- | C] () -- I:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-03-25 19:08:20 | 000,604,140 | -HS- | C] () -- I:\WINDOWS\System32\drivers\ISwift3.dat [2011-03-25 19:00:03 | 000,115,369 | ---- | C] () -- I:\WINDOWS\System32\drivers\klin.dat [2011-03-25 19:00:03 | 000,097,859 | ---- | C] () -- I:\WINDOWS\System32\drivers\klick.dat [2011-03-25 17:55:50 | 000,001,732 | ---- | C] () -- I:\WINDOWS\System32\drivers\nvphy.bin [2011-03-25 17:53:59 | 000,004,293 | ---- | C] () -- I:\WINDOWS\ODBCINST.INI [2011-03-25 17:46:01 | 000,095,072 | ---- | C] () -- I:\WINDOWS\System32\FNTCACHE.DAT [2011-03-25 17:27:38 | 000,000,000 | ---- | C] () -- I:\WINDOWS\nsreg.dat [2011-03-25 17:19:59 | 000,049,152 | R--- | C] () -- I:\WINDOWS\System32\ChCfg.exe [2011-03-25 17:04:51 | 000,002,048 | --S- | C] () -- I:\WINDOWS\bootstat.dat [2011-03-25 17:04:07 | 000,110,602 | ---- | C] () -- I:\WINDOWS\System32\xcdsfx32.bin [2011-03-25 17:01:25 | 000,021,856 | ---- | C] () -- I:\WINDOWS\System32\emptyregdb.dat [2011-03-25 17:00:15 | 000,394,752 | ---- | C] () -- I:\WINDOWS\System32\cygwinb19.dll [2010-10-08 03:11:00 | 002,293,194 | ---- | C] () -- I:\WINDOWS\System32\nvdata.bin [2009-07-03 16:45:12 | 000,027,507 | ---- | C] () -- I:\WINDOWS\System32\drivers\klopp.dat [2009-02-18 07:55:20 | 000,294,912 | ---- | C] () -- I:\WINDOWS\System32\ATIODE.exe [2009-02-03 10:52:02 | 000,045,056 | ---- | C] () -- I:\WINDOWS\System32\ATIODCLI.exe [2008-12-19 16:15:58 | 004,338,246 | ---- | C] () -- I:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 000,884,237 | ---- | C] () -- I:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 000,093,184 | ---- | C] () -- I:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 000,057,344 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 000,239,247 | ---- | C] () -- I:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 000,560,802 | ---- | C] () -- I:\WINDOWS\System32\libmplayer.dll [2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- I:\WINDOWS\System32\Dcache.bin [2008-03-06 03:37:26 | 000,000,183 | ---- | C] () -- I:\WINDOWS\System32\oeminfo.ini [2006-12-31 08:57:08 | 000,004,569 | ---- | C] () -- I:\WINDOWS\System32\secupd.dat [2006-11-02 17:10:16 | 000,080,912 | ---- | C] () -- I:\WINDOWS\System32\sherlock2.exe [2004-10-03 18:50:54 | 000,129,024 | ---- | C] () -- I:\WINDOWS\System32\ff_mpeg2enc.dll [2001-08-23 14:00:00 | 013,107,200 | ---- | C] () -- I:\WINDOWS\System32\oembios.bin [2001-08-23 14:00:00 | 000,673,088 | ---- | C] () -- I:\WINDOWS\System32\mlang.dat [2001-08-23 14:00:00 | 000,615,452 | ---- | C] () -- I:\WINDOWS\System32\perfh015.dat [2001-08-23 14:00:00 | 000,518,180 | ---- | C] () -- I:\WINDOWS\System32\perfh009.dat [2001-08-23 14:00:00 | 000,313,828 | ---- | C] () -- I:\WINDOWS\System32\perfi015.dat [2001-08-23 14:00:00 | 000,272,128 | ---- | C] () -- I:\WINDOWS\System32\perfi009.dat [2001-08-23 14:00:00 | 000,218,003 | ---- | C] () -- I:\WINDOWS\System32\dssec.dat [2001-08-23 14:00:00 | 000,145,192 | ---- | C] () -- I:\WINDOWS\System32\perfc015.dat [2001-08-23 14:00:00 | 000,115,542 | ---- | C] () -- I:\WINDOWS\System32\perfc009.dat [2001-08-23 14:00:00 | 000,046,258 | ---- | C] () -- I:\WINDOWS\System32\mib.bin [2001-08-23 14:00:00 | 000,034,990 | ---- | C] () -- I:\WINDOWS\System32\perfd015.dat [2001-08-23 14:00:00 | 000,028,626 | ---- | C] () -- I:\WINDOWS\System32\perfd009.dat [2001-08-23 14:00:00 | 000,004,463 | ---- | C] () -- I:\WINDOWS\System32\oembios.dat [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 193 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF3C50F @Alternate Data Stream - 173 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:587F3582 @Alternate Data Stream - 143 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C2F24DB5 @Alternate Data Stream - 140 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:5FD35242 @Alternate Data Stream - 139 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:9A603EB0 @Alternate Data Stream - 137 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:E7367C77 @Alternate Data Stream - 135 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C36D0DFD @Alternate Data Stream - 131 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:E9EE2AB9 @Alternate Data Stream - 131 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:9E7A0CF1 @Alternate Data Stream - 126 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:6E2D80C8 @Alternate Data Stream - 120 bytes -> I:\Documents and Settings\All Users\Dane aplikacji\TEMP:C48905F4 < End of report > [/log]
Mateusz J. komentarz 20 czerwca 2011 komentarz 20 czerwca 2011 Wykonaj poprzedni post ponownie. Skrypt się nie wykonał, na pewno po wklejeniu komenda dałeś Wykonaj skrypt?
wojtax2 komentarz 21 czerwca 2011 Autor komentarz 21 czerwca 2011 Może tak zrobiłem ale teraz zrobiłem to ponownie tylko na pewno dałem "wykonaj skrypt".
Mateusz J. komentarz 21 czerwca 2011 komentarz 21 czerwca 2011 Następny skrypt: [code] :files I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\operaprefs.ini I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\Codecs.exe I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\jushed.exe I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\nircmd.exe I:\Documents and Settings\All Users\timerxfile I:\Documents and Settings\All Users\datesavefile I:\Documents and Settings\All Users\varsavefile :Reg [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="about:blank" :Commands [emptyflash] [emptytemp] [reboot][/code]
Mateusz J. komentarz 22 czerwca 2011 komentarz 22 czerwca 2011 Usuń ręcznie plik: [code]I:\Documents and Settings\Wojtas\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[/code] Następnie użyj opcji czyszczenia w OTL. Logi czyste.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.