x-kom hosting

Problem z wykrywaniem wirusa - AVAST [screen]

matigrucha15
utworzono
utworzono (edytowane)

Witam serdecznie wszystkich użytkowników, jestem tutaj nowy.

Mój problem polega na tym, że co kilkanaście sekund AVAST (wersja testowa) wykrywa to samo zagrożenie na dysku C i D, za każdym razem działanie to "usunięto".
Poniżej screen:

[IMG]http://i56.tinypic.com/dcrpe.jpg[/IMG]


Bardzo proszę o pomoc..

wirusolog
komentarz
komentarz

Infekcja z pendrive - starocie.

[b]1.[/b] Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]USBFix[/url][/b][/color][/u] z opcji [b][color="#FFA500"]DELETION[/color][/b].
Pokaż raport z usuwania (wszystko opisane jest w poradniku)!

[b]2.[/b] Daj komplet logów: [url=http://www.forumpc.pl/index.php?showtopic=104338][b][color=blue][u]OTL i RSIT[/url][/b][/color][/u] + [url=http://www.forumpc.pl/index.php?showtopic=116175][b][color=blue][u]GMER[/url][/b][/color][/u].

matigrucha15
komentarz
komentarz (edytowane)

Raport z UsbFix.
Plik "UsbFix_Upload_Me_PC.zip" ma 488MB (w większości usunięte MP3-ki) więc go nigdzie nie będę wysyłał.

[log]############################## | UsbFix 7.048 | [Deletion]

User: SysOp (Administrator) # PC [ ]
Updated 11/06/2011 by TeamXscript
Started at 11:02:31 | 27/06/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-50
CPU 2: AMD Turion(tm) 64 X2 Mobile Technology TL-50
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
Internet Explorer 7.0.5730.13

Windows Firewall: Enabled
RAM -> 3071 Mb
C:\ (%systemdrive%) -> Fixed drive # 49 Gb (5 Mb free - 10%) [] # NTFS
D:\ -> Fixed drive # 184 Gb (6 Mb free - 3%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Removable drive # 2 Gb (569 Mb free - 30%) [NOKIA 2GB] # FAT

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-606747145-2025429265-1177238915-1001
Deleted ! D:\Recycler\S-1-5-21-606747145-2025429265-1177238915-1001

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{11e621bf-ee34-11df-b4b4-0016d34d777c}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{580e32ba-6934-11e0-b4e7-0016d34d777c}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{9fd482b0-9272-11de-b38b-0016cfb26ce8}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f48a5ef0-0f55-11df-b403-0016d34d777c}

################## | Listing |

[06/04/2011 - 20:39:00 | D ] C:\$AVG
[02/02/2010 - 20:03:46 | D ] C:\6852b472aa94b7a18f
[01/02/2010 - 22:47:48 | D ] C:\Acer
[09/08/2009 - 16:16:09 | N | 0] C:\AUTOEXEC.BAT
[27/06/2011 - 10:40:20 | RASHD ] C:\Autorun.inf
[30/10/2010 - 08:17:20 | N | 223] C:\boot.ini
[22/07/2001 - 01:13:54 | N | 4952] C:\Bootfont.bin
[25/06/2011 - 10:59:59 | D ] C:\Config.Msi
[09/08/2009 - 16:16:09 | N | 0] C:\CONFIG.SYS
[18/09/2010 - 10:13:09 | N | 256] C:\dk2.mem
[09/08/2009 - 16:18:02 | D ] C:\Documents and Settings
[13/05/2010 - 17:32:29 | D ] C:\Gry
[27/06/2011 - 10:57:11 | ASH | 3219828736] C:\hiberfil.sys
[09/08/2009 - 16:16:09 | N | 0] C:\IO.SYS
[09/08/2009 - 16:16:09 | N | 0] C:\MSDOS.SYS
[11/01/2011 - 18:58:43 | D ] C:\My Music
[27/03/2011 - 19:23:13 | D ] C:\My Recordings
[13/04/2008 - 21:13:04 | N | 47564] C:\NTDETECT.COM
[13/04/2008 - 23:02:00 | N | 251152] C:\ntldr
[09/08/2009 - 23:14:10 | D ] C:\NVIDIA
[11/08/2010 - 11:15:42 | D ] C:\output
[27/06/2011 - 10:57:06 | ASH | 2145386496] C:\pagefile.sys
[08/05/2010 - 23:30:14 | D ] C:\Pajacyk
[24/06/2011 - 18:42:36 | D ] C:\Program Files
[27/06/2011 - 11:07:31 | SHD ] C:\RECYCLER
[25/10/2009 - 23:15:47 | SHD ] C:\System Volume Information
[29/03/2010 - 22:29:01 | D ] C:\temp
[27/06/2011 - 11:07:32 | D ] C:\UsbFix
[27/06/2011 - 11:07:33 | A | 1028] C:\UsbFix.txt
[27/06/2011 - 10:41:58 | N | 505129107] C:\UsbFix_Upload_Me_PC.zip
[12/05/2011 - 21:33:10 | D ] C:\videooutput
[27/06/2011 - 10:58:59 | D ] C:\WINDOWS
[25/10/2009 - 23:14:52 | D ] C:\_OTL
[27/06/2011 - 10:40:20 | RASHD ] D:\Autorun.inf
[02/10/2009 - 16:07:42 | D ] D:\GTA San Andreas User Files
[27/09/2009 - 16:20:30 | N | 957872128] D:\gta3.img
[11/02/2004 - 16:16:26 | N | 16384] D:\hpqimgrc.resources.dll
[27/06/2011 - 10:05:58 | D ] D:\Instalki
[03/06/2010 - 12:20:20 | D ] D:\Mateusz
[07/03/2010 - 10:49:15 | D ] D:\Program Files
[27/06/2011 - 07:55:39 | D ] D:\Programy
[27/06/2011 - 11:07:32 | SHD ] D:\RECYCLER
[29/07/2010 - 21:07:30 | D ] D:\Sniper Ghost Warrior
[27/01/2010 - 23:29:52 | SHD ] D:\System Volume Information
[27/06/2011 - 10:40:22 | RASHD ] H:\Autorun.inf
[27/06/2011 - 10:57:06 | N | 1464] H:\BOOTEX.LOG
[27/05/2011 - 01:04:08 | RSHD ] H:\RECYCLER
[07/11/2010 - 13:13:16 | D ] H:\ALE URWAŁ !!!
[15/04/2011 - 12:20:10 | N | 9221332] H:\Hemp Gru - Jedność.mp3
[27/01/2011 - 15:40:24 | HD ] H:\System
[19/05/2011 - 19:32:30 | N | 5910289] H:\Grubson - Człowiek.mp3
[29/01/2011 - 15:03:26 | N | 2453687] H:\2-16. List do K..mp3
[07/11/2010 - 13:16:40 | D ] H:\Reggae. HH
[24/06/2011 - 19:30:22 | N | 4475956] H:\Miuosh - Piąta Strona Świata.mp3
[07/11/2010 - 13:20:08 | D ] H:\Zdjęcia
[18/03/2011 - 19:40:56 | D ] H:\Pliki wideo

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
H:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PC.zip
http://www.teamxscript.org/Upload.php
Thank you for your contribution.

################## | E.O.F |
[/log]

Dodam, że przy skanie w programie OTL wyświetlił się BlueScreen i tam komunikat:

"Pojawił się problem i system windows zostanie zamknięty, aby zapobiec uszkodzeniu komputera [...] Informacje techniczne:
*** STOP: 0x0000000A (0x00000023, 0x00000002, 0x00000000, 0x8050C633)"

Już nie pierwszy raz coś takiego mi się stało. Przez tego BlueScreena utraciłem pierwszy raport z UsbFix.

Mój system:

[IMG]http://i56.tinypic.com/ncgq9u.jpg[/IMG]

Za chwilę zrobie skany w pozostałych programach i jak nie będzie kolejnego błędu to wstawię tutaj logi.

Edit:

OTL Extras:

[log]OTL Extras logfile created on: 2011-06-27 11:29:49 - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free
4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 5,03 Gb Free Space | 10,30% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,87 Gb Free Space | 3,19% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.)
"C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation)
"D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil
"C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve)
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{11C86A01-3C83-4EE3-ADC1-8DE5C3037772}" = Enigma
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2FF5FC32-B2AC-4505-A381-350670AA46D4}" = Fuse Drivers
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8714DAB9-5656-45CC-B8C4-EAEC9ACB74B0}" = Phoenix Service Software
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B85B4400-C4E3-48CB-BB5C-1D15CED1CC57}" = VoIP Phone Charger
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d08d9f98-1c78-4704-87e6-368b0023d831}" = RelevantKnowledge
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
"46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"avast" = avast! Pro Antivirus
"Avidemux 2.5" = Avidemux 2.5
"Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor
"CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600
"conduitEngine" = Conduit Engine
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"CZATeriaKam" = CZATeriaKam 2.6.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a
"Drumaxx" = Drumaxx
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy GIF Animator_is1" = Easy GIF Animator 5.2
"Elasto Mania" = Elasto Mania
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"foobar2000" = foobar2000 v0.9.6.9 beta 1
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"German Truck Simulator" = German Truck Simulator 1.00
"Google Updater" = Aktualizator Google
"GridVista" = Acer GridVista
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"Hardcore" = Hardcore
"HP Photo & Imaging" = HP Image Zone 4.0
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"ipla" = ipla 1.2.1
"IrfanView" = IrfanView (remove only)
"IVONA - syntezator mowy, wersja demonstracyjna" = IVONA - syntezator mowy, wersja demonstracyjna
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"LManager" = Launch Manager
"Magic AAC to MP3 Converter_is1" = Magic AAC to MP3 Converter 3.72
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2
"NewSaver" = NewSaver
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"Phoenix Service Software 2010.24.003.43250_is1" = Phoenix Service Software 2010.24.003.43250
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"RealPlayer 12.0" = RealPlayer
"Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99
"Sakura" = Sakura
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Sawer" = Sawer
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"speed" = speed
"Steam App 10" = Counter-Strike
"Steam App 130" = Half-Life: Blue Shift
"Steam App 150" = Counter-Strike Steamworks Beta
"Steam App 20" = Team Fortress Classic
"Steam App 30" = Day of Defeat
"Steam App 40" = Deathmatch Classic
"Steam App 50" = Half-Life: Opposing Force
"Steam App 60" = Ricochet
"Steam App 70" = Half-Life
"TC UP" = Total Commander Ultima Prime 4.9.0.0
"The Sims_is1" = The Sims
"Toxic Biohazard" = Toxic Biohazard
"Tunatic" = Tunatic
"Usbfix" = UsbFix By TeamXscript
"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = Archiwizator WinRAR
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XP Codec Pack" = XP Codec Pack

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-24 12:39:35 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący
błąd skype.exe, wersja 5.0.0.152, adres błędu 0x0014c7b9.

Error - 2011-06-24 13:43:18 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd avastui.exe, wersja 6.0.999.0, adres błędu 0x0020445f.

Error - 2011-06-25 05:01:03 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

[ System Events ]
Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa LockServ niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.


< End of report >
[/log]

OTL:

[log]OTL logfile created on: 2011-06-27 11:29:49 - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free
4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 5,03 Gb Free Space | 10,30% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,87 Gb Free Space | 3,19% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe
PRC - [2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2001-10-26 20:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2001-02-20 13:09:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CTFMON.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008-12-03 19:15:58 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-12-03 19:13:10 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-12-03 19:12:22 | 001,392,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-12-03 19:10:11 | 001,420,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-12-03 19:10:06 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-12-03 18:39:57 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-11-09 18:03:58 | 025,531,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-07-11 06:06:54 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (ALG)
SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ)
SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo)
DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo)
DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY)
DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver)
DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-04 15:58:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-04 15:59:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]

[2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions
[2011-06-25 19:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions
[2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011-01-11 18:36:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\engine@conduit.com
[2011-06-25 19:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-12-12 00:32:11 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BroadcomWireless] File not found
O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( )
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe ()
O4 - HKLM..\Run: [lsass] File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer)
O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal)
O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:12 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ]
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - D:\Programy\HP\digital imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk - D:\Programy\HP\digital imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk - D:\Programy\UniSpiker-2.6\uni_spiker-2.6.exe - ()
MsConfig - StartUpReg: [b]Acer ePresentation HPD[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
MsConfig - StartUpReg: [b]ACU[/b] - hkey= - key= - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - D:\Programy\Adobe Reader 9.2\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - D:\Programy\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]Boot[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePower\Boot.exe ()
MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Programy\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: [b]eMuleAutoStart[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]ePower_DMC[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MsConfig - StartUpReg: [b]HP Component Manager[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - D:\Programy\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]HPDJ Taskbar Utility[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HPHmon06[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]HPHUPD06[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)
MsConfig - StartUpReg: [b]Nokia Internet Modem[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe (SmartCom)
MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]SkyTel[/b] - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]voip phone charger[/b] - hkey= - key= - C:\Program Files\Acer\VoIP Phone Charger\voip phone charger.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-26 23:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent
[2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus
[2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu
[2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2)
[2011-05-19 16:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\LO5
[2011-05-15 12:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2011-05-12 21:33:10 | 000,000,000 | ---D | C] -- C:\videooutput
[2011-05-12 21:33:07 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax
[2011-05-12 21:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software
[2011-05-12 21:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft
[2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-06-27 11:22:08 | 000,119,144 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\cats2.jpg
[2011-06-27 11:10:19 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job
[2011-06-27 11:10:19 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job
[2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-06-27 10:59:03 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-06-27 10:57:50 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-27 10:57:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-06-27 10:57:11 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-27 08:14:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-24 18:37:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk
[2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db
[2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011-06-01 23:14:54 | 000,295,042 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll
[2011-06-01 23:14:24 | 000,327,742 | ---- | M] () -- C:\WINDOWS\System32\drivers\str.sys
[2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg
[2011-05-28 22:48:02 | 000,006,666 | ---- | M] () -- C:\Documents and Settings\SysOp\.recently-used.xbel
[2011-05-27 16:49:24 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg
[2011-05-04 18:12:00 | 014,712,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-27 11:22:07 | 000,119,144 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\cats2.jpg
[2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp
[2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp
[2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys
[2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg
[2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-06-01 23:14:29 | 000,295,042 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2011-06-01 23:14:21 | 000,327,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys
[2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg
[2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel
[2011-05-27 16:49:23 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg
[2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-05-04 19:49:54 | 014,712,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp
[2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat
[2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL
[2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat
[2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini
[2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe
[2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini
[2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF
[2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools
[2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6
[2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo
[2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10
[2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux
[2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer
[2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite
[2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog
[2011-06-27 10:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000
[2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet
[2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo
[2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0
[2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6
[2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon
[2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla
[2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech
[2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World
[2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia
[2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu
[2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera
[2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite
[2011-06-27 11:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong
[2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol
[2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer
[2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-30 08:17:20 | 000,000,223 | ---- | M] () -- C:\boot.ini
[2001-07-22 01:13:54 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin
[2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-09-18 10:13:09 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2011-06-27 10:57:11 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys
[2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2008-04-13 21:13:04 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM
[2008-04-13 23:02:00 | 000,251,152 | ---- | M] () -- C:\ntldr
[2011-06-27 10:57:06 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2011-06-27 11:10:09 | 000,004,635 | ---- | M] () -- C:\UsbFix.txt
[2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-05-02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008-05-02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008-05-02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) MD5=335813EACD16E84F3047A3326F6E5473 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

RSIT log:

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by SysOp at 2011-06-27 11:36:09
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 5 GB (10%) free of 50 GB
Total RAM: 3071 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:36:24, on 2011-06-27
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\Opera.exe
D:\Programy\AQQ\AQQ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Documents and Settings\SysOp\Pulpit\OTL.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
C:\Program Files\trend micro\SysOp.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [lsas] C:\Windows\lsass\lsas.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [TkBellExe] "D:\programy\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [Boxoft Tools] "C:\Documents and Settings\All Users\Dane aplikacji\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Canon IJ Status Monitor Canon iP1600.lnk = ?
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: mdhcp32 - mdhcp32.dll (file missing)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Usługa bramy warstwy aplikacji (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8327 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\HP Usg Daily.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-04 386264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-26 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BroadcomWireless"=C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"eLockMonitor"=C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe [2006-03-31 16384]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-24 630784]
"lsas"=C:\Windows\lsass\lsas.exe [2010-05-08 309635]
"lsass"= []
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-07-18 438272]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-10 16269312]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-08-10 69632]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"TkBellExe"=D:\programy\update\realsched.exe [2011-06-04 273544]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AQQ"=D:\Programy\AQQ\AQQ.exe [2009-07-22 4777472]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2001-02-20 8192]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]
"Boxoft Tools"=C:\Documents and Settings\All Users\Dane aplikacji\Boxtools\Boxofttoolbox.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-06-07 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACU]
C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programy\Adobe Reader 9.2\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
D:\Programy\ALLPlayer\ALLUpdate.exe [2009-06-04 869888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
D:\Programy\eMule\emule.exe -AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-07-18 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Programy\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe [2004-04-06 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
C:\Program Files\ipla\ipla.exe [2009-09-01 4726168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem]
C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe [2009-03-06 1958552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-10-11 14940040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2009-08-10 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-11-26 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-26 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\voip phone charger]
C:\Program Files\Acer\VoIP Phone Charger\voip phone charger.exe [2006-01-10 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
D:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk]
D:\Programy\HP\DIGITA~1\bin\hpqthb08.exe [2004-05-28 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe]
C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Ashampoo Burning Studio Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk]
D:\Mateusz\Gry\NFSUND~1\Support\EAREGI~1.EXE /remind /language=PL /PRID=GAME-NFSU09 /WHPR=Need for Speed™ Undercover /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk]
D:\Programy\UNISPI~1.6\UNI_SP~1.EXE [2006-03-06 86016]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart
Canon IJ Status Monitor Canon iP1600.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32]
mdhcp32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-03 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoSMConfigurePrograms"=1
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\AQQ\AQQ.exe"="D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator"
"C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe"="C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater"
"D:\Programy\Opera\opera.exe"="D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil"
"C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike"
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-06-27 11:36:10 ----D---- C:\Program Files\trend micro
2011-06-27 11:36:09 ----D---- C:\rsit
2011-06-27 11:08:10 ----RASHD---- C:\Autorun.inf
2011-06-27 10:31:43 ----A---- C:\UsbFix.txt
2011-06-27 10:31:41 ----D---- C:\UsbFix
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-24 19:22:53 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-06-24 19:22:05 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-06-24 18:42:36 ----D---- C:\Program Files\AVAST Software
2011-06-24 18:42:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2011-06-24 18:35:07 ----ASH---- C:\hiberfil.sys
2011-06-24 11:25:29 ----A---- C:\WINDOWS\ntbtlog.txt
2011-06-01 23:14:29 ----A---- C:\WINDOWS\system32\shimg.dll
2011-06-01 23:14:21 ----A---- C:\WINDOWS\system32\drivers\str.sys

======List of files/folders modified in the last 1 months======

2011-06-27 11:36:10 ----D---- C:\Program Files
2011-06-27 11:36:05 ----D---- C:\WINDOWS\Prefetch
2011-06-27 11:13:01 ----D---- C:\WINDOWS\TEMP
2011-06-27 11:10:18 ----SD---- C:\WINDOWS\Tasks
2011-06-27 11:10:16 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong
2011-06-27 11:07:31 ----SHD---- C:\RECYCLER
2011-06-27 11:03:43 ----D---- C:\WINDOWS\system32
2011-06-27 11:03:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-06-27 10:58:59 ----D---- C:\WINDOWS
2011-06-27 10:57:22 ----SHD---- C:\WINDOWS\CSC
2011-06-27 10:42:58 ----D---- C:\Program Files\Softonic-Eng7
2011-06-27 10:42:56 ----D---- C:\Program Files\ConduitEngine
2011-06-27 10:42:56 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-06-27 10:13:33 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000
2011-06-27 09:50:54 ----D---- C:\Program Files\Mozilla Firefox
2011-06-27 07:56:16 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-26 20:14:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-06-25 10:59:59 ----D---- C:\Config.Msi
2011-06-24 19:22:54 ----D---- C:\WINDOWS\system32\drivers
2011-06-24 19:22:20 ----SHD---- C:\WINDOWS\Installer
2011-06-24 19:22:18 ----D---- C:\WINDOWS\WinSxS
2011-06-24 18:56:34 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\Skype
2011-06-24 18:37:31 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\skypePM
2011-06-24 18:34:30 ----D---- C:\WINDOWS\system32\config
2011-06-24 18:34:08 ----D---- C:\WINDOWS\system32\wbem
2011-06-24 18:34:07 ----D---- C:\WINDOWS\Registration
2011-06-24 18:33:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-06-24 01:45:49 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite
2011-06-17 16:21:09 ----D---- C:\WINDOWS\system32\NtmsData
2011-06-17 16:18:35 ----D---- C:\WINDOWS\pss
2011-06-17 16:18:35 ----A---- C:\WINDOWS\win.ini
2011-06-17 16:18:35 ----A---- C:\WINDOWS\system.ini
2011-06-17 16:10:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 13:18:09 ----D---- C:\Program Files\Steam
2011-06-11 22:34:01 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog
2011-06-04 21:43:46 ----A---- C:\WINDOWS\AviSplitter.INI
2011-06-04 21:42:30 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer
2011-06-04 15:59:54 ----D---- C:\Program Files\Common Files\Real
2011-06-04 15:58:42 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Real
2011-06-04 15:58:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2011-06-04 15:57:55 ----A---- C:\WINDOWS\system32\pndx5032.dll
2011-06-04 15:57:55 ----A---- C:\WINDOWS\system32\pndx5016.dll
2011-06-04 15:57:53 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-06-04 15:57:49 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-06-04 15:57:49 ----A---- C:\WINDOWS\system32\msvcp71.dll
2011-05-28 22:48:02 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-01-28 99584]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2008-12-03 105344]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-11-12 145952]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2008-12-03 62208]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-05 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-09 17801]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-06-25 564224]
R3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-06-30 775936]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-10 4394496]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2006-05-17 162560]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S3 aslrbwme;aslrbwme; C:\WINDOWS\system32\drivers\aslrbwme.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-18 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-18 21744]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nokiacpo;Nokia Internet Stick CS-10 Wireless Modem Service Install; C:\WINDOWS\system32\DRIVERS\nokiacpo.sys [2009-03-03 19072]
S3 nokiappo;Nokia Internet Stick CS-10 Wireless Modem Power Policy Service; C:\WINDOWS\system32\DRIVERS\nokiappo.sys [2009-03-03 27008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-03 38528]
S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
S2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
S2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-12-18 457248]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-26 194032]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
S2 LockServ;LockServ; C:\Acer\Empowering Technology\eLock\LockServ.exe [2006-06-28 520192]
S2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-12-18 191008]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-02-02 183112]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

RSIT info:

[log]info.txt logfile of random's system information tool 1.08 2011-06-27 11:36:29

======Uninstall list======

-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x9 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x15 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x9 -removeonly
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer OrbiCam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\Setup.exe" -l0x9
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Adobe Reader 9.3.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001}
Aktualizator Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
ALLPlayer V4.X-->"D:\Programy\ALLPlayer\unins000.exe"
Archiwizator WinRAR-->D:\Programy\WinRAR\uninstall.exe
Ashampoo Burning Studio 2009-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe"
Atheros Client Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92F31257-15BA-46EE-887D-3C18C0790ACE}\setup.exe" -l0x9 -removeonly
avast! Pro Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Avidemux 2.5-->D:\Programy\Avidemux 2.5\uninstall.exe
Batch PPTX to PPT Converter 2010-->"D:\Programy\Ppt-2-Ppt\unins000.exe"
Boxoft Batch Photo Processor-->"C:\Program Files\Boxoft Batch Photo Processor\unins000.exe"
Broadcom Wireless LAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}\Setup.exe" -l0x9 UNINSTALL
Canon iP1600-->C:\WINDOWS\system32\CNMCP75.exe "-PRINTERNAMECanon iP1600" "-HELPERDLLC:\Documents and Settings\All Users\Dane aplikacji\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0415.dll"
CDBurnerXP Pro 3-->MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conduit Engine -->C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe engine
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Counter-Strike Steamworks Beta-->"C:\Program Files\Steam\steam.exe" steam://uninstall/150
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
Crystal Reports for .NET Framework 2.0 (x86)-->MsiExec.exe /I{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}
CWK (Czasowy Wyłącznik Komputera)-->"D:\Programy\CWK\CWK.exe" /uninstall
CZATeriaKam 2.6.2-->D:\Programy\CZATeria\uninst.exe
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30
Deathmatch Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/40
Diablo II + Diablo II - Lord of Destruction PL 1.12a-->D:\Mateusz\Gry\Diablo II LOD\Uninstall.exe
Drumaxx-->C:\Program Files\Image-Line\Drumaxx\uninstall.exe
DVD Shrink 3.2-->"D:\Programy\DVD Shrink\unins000.exe"
Easy GIF Animator 5.2-->"C:\Program Files\Easy GIF Animator\unins000.exe"
Elasto Mania-->C:\PROGRA~1\ELASTO~1\UNWISE.EXE C:\PROGRA~1\ELASTO~1\INSTALL.LOG
Enigma-->MsiExec.exe /X{11C86A01-3C83-4EE3-ADC1-8DE5C3037772}
Exact Audio Copy 0.99pb5-->C:\Program Files\Exact Audio Copy\uninst.exe
foobar2000 v0.9.6.9 beta 1-->"D:\Programy\foobar2000\uninstall.exe" _?=D:\Programy\foobar2000
FREE Hi-Q Recorder 1.92-->"C:\Program Files\FREE Hi-Q Recorder\unins000.exe"
Freez FLV to AVI/MPEG/WMV Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe"
Fuse Drivers-->MsiExec.exe /I{2FF5FC32-B2AC-4505-A381-350670AA46D4}
GameDesire-Pool & Snooker-->C:\Program Files\Ganymede\billiards_uninstall.exe
German Truck Simulator 1.00-->C:\Gry\German Truck Simulator\uninst.exe
GIMP 2.6.7-->"D:\Programy\GIMP-2.0\setup\unins000.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Half-Life: Blue Shift-->"C:\Program Files\Steam\steam.exe" steam://uninstall/130
Half-Life: Opposing Force-->"C:\Program Files\Steam\steam.exe" steam://uninstall/50
Half-Life-->"C:\Program Files\Steam\steam.exe" steam://uninstall/70
Hard Truck 18 Wheels of Steel-->C:\PROGRA~1\HARDTR~1\UNWISE.EXE C:\PROGRA~1\HARDTR~1\INSTALL.LOG
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
HP Image Zone 4.0-->D:\Programy\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
Icy Tower v1.4-->"D:\Gry\Icy Tower 1.4\unins000.exe"
ipla 1.2.1-->C:\Program Files\ipla\uninst.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
IVONA - syntezator mowy, wersja demonstracyjna-->D:\Programy\Ivona_Demo-1.0\UsunIvonaDemoBeta.exe
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Magic AAC to MP3 Converter 3.72-->"C:\Program Files\Magic AAC to MP3 Converter\unins000.exe"
Malwarebytes' Anti-Malware-->"D:\Programy\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe"
Mozilla Firefox (3.6.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3 Knife 3.2-->"D:\Programy\Mp3 Knife\unins000.exe"
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
NAPIPROJEKT 1.0.6.2-->"D:\Programy\NAPI-PROJEKT\unins000.exe"
Need For Speed™ World-->"C:\Program Files\Electronic Arts\Need For Speed World\unins000.exe"
NewSaver-->D:\Programy\Wygaszacz Peugeot\uninstall.exe
Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F}
Nokia Internet Modem-->MsiExec.exe /X{0687B9DD-4F59-4D05-BF60-875704F3F223}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{3553E875-F00E-4031-BDEC-75FB1DFEB093}
Nokia Ovi Suite-->C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{3FC42713-B6E7-49AA-A553-A224FE9828A8}
Nokia PC Suite-->C:\Documents and Settings\All Users\Dane aplikacji\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_pol.exe
Nokia PC Suite-->MsiExec.exe /I{19DC9559-9C20-4A46-A67D-7ECBA52A2788}
Nokia Service Tool Drivers-->MsiExec.exe /I{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}
Nokia Software Updater-->MsiExec.exe /X{4D568C38-0552-4CDD-A643-01FAFA2957EF}
Nowe Gadu-Gadu-->D:\Programy\Nowe Gadu-Gadu\Uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0415 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Opera 11.11-->"C:\Program Files\Opera\Opera.exe" /uninstall
Ovi Desktop Sync Engine-->MsiExec.exe /X{28191B83-1D60-44B6-9B08-E854EF6632D5}
OviMPlatform-->MsiExec.exe /I{08600005-5228-4BF6-845E-E9A957AFDCB4}
Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1DD56D2122DDFA3E4C3B165E3A5CFA613B48BDC7\amdk8.inf
Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_0777326F40B753DD4E385F058ADB286B70A301FE\nokbtmdm.inf
Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_AAB746D5658CCF4CAE7A35CED5F0ADA3C447A973\nokia_bluetooth.inf
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}
Phoenix Service Software 2010.24.003.43250-->"C:\Program Files\Nokia\Phoenix\unins000.exe"
Phoenix Service Software-->MsiExec.exe /I{8714DAB9-5656-45CC-B8C4-EAEC9ACB74B0}
PhotoScape-->"D:\Programy\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PL-2303 USB-to-Serial-->"C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\setup.exe" -runfromtemp -l0x0009 -removeonly
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->d:\programy\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Red Faction Guerrilla-->"C:\Program Files\InstallShield Installation Information\{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}\setup.exe" -runfromtemp -l0x0409 -removeonly
RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Ricochet-->"C:\Program Files\Steam\steam.exe" steam://uninstall/60
Rzeźnik MPEGów 1.1.99-->"D:\Programy\Rzeźnik MPEGów 1.1.99\unins000.exe"
Sakura-->C:\Program Files\Image-Line\Sakura\uninstall.exe
San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:C:\Program Files\San Andreas Mod Installer\Uninstall\uninstall.xml"
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Softonic-Eng7 Toolbar-->C:\Program Files\Softonic-Eng7\uninstall.exe
Sp5-->MsiExec.exe /I{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}
Sp5Intl-->MsiExec.exe /I{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}
Sp5TTInt-->MsiExec.exe /I{E415C943-37E5-473F-8BAE-043C56734124}
SpCommon-->MsiExec.exe /I{6C3959C6-943E-44B3-BAAD-570B04B134E5}
speed-->D:\Programy\Wygaszacz Speedfight\uninstall.exe
SpPhones-->MsiExec.exe /I{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Team Fortress Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/20
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033
The Sims Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0015
The Sims-->"D:\Mateusz\Gry\The Sims\unins000.exe"
Total Commander Ultima Prime 4.9.0.0-->"C:\Program Files\TC UP\un_TC UP.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Tunatic-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Tunatic
UsbFix By TeamXscript-->C:\UsbFix\Un-UsbFix.exe
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VoIP Phone Charger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B85B4400-C4E3-48CB-BB5C-1D15CED1CC57}\Setup.exe" -l0x9
WapSter AQQ-->D:\Programy\AQQ\uninstall.exe
WAV MP3 Converter 1.30-->"C:\Program Files\AudioToolsFactory\WAV MP3 Converter\unins000.exe"
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe

======System event log======

Computer Name: PC
Event Code: 7036
Message: Usługa ServiceLayer weszła w stan uruchomienia.

Record Number: 31631
Source Name: Service Control Manager
Time Written: 20110504141657.000000+120
Event Type: informacje
User:

Computer Name: PC
Event Code: 7035
Message: Do usługi eLock2BurnerLockDriver został pomyślnie wysłany kod sterowania uruchom.

Record Number: 31630
Source Name: Service Control Manager
Time Written: 20110504141657.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PC
Event Code: 7035
Message: Do usługi Usługa odnajdywania SSDP został pomyślnie wysłany kod sterowania uruchom.

Record Number: 31629
Source Name: Service Control Manager
Time Written: 20110504141657.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PC
Event Code: 7035
Message: Do usługi ServiceLayer został pomyślnie wysłany kod sterowania uruchom.

Record Number: 31628
Source Name: Service Control Manager
Time Written: 20110504141657.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: PC
Event Code: 7036
Message: Usługa Menedżer połączeń usługi Dostęp zdalny weszła w stan uruchomienia.

Record Number: 31627
Source Name: Service Control Manager
Time Written: 20110504141657.000000+120
Event Type: informacje
User:

=====Application event log=====

Computer Name: PC
Event Code: 0
Message:
Record Number: 25929
Source Name: gusvc
Time Written: 20110503125100.000000+120
Event Type: informacje
User:

Computer Name: PC
Event Code: 0
Message:
Record Number: 25928
Source Name: gusvc
Time Written: 20110503125000.000000+120
Event Type: informacje
User:

Computer Name: PC
Event Code: 101
Message: wuauclt (6424) Aparat bazy danych został zatrzymany.

Record Number: 25927
Source Name: ESENT
Time Written: 20110503115703.000000+120
Event Type: informacje
User:

Computer Name: PC
Event Code: 103
Message: wuaueng.dll (6424) SUS20ClientDataStore: Aparat bazy danych zatrzymał wystąpienie (0).

Record Number: 25926
Source Name: ESENT
Time Written: 20110503115703.000000+120
Event Type: informacje
User:

Computer Name: PC
Event Code: 0
Message:
Record Number: 25925
Source Name: gusvc
Time Written: 20110503115410.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\TC UP\PLUGINS\Library
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4802
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[/log]

Logi z GMER za kilkanaście minut.

wirusolog
komentarz
komentarz (edytowane)

[b]1.[/b] Odzyskaj swoją muzykę z kwarantanny USBFix'a, punkt [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]4c.[/url][/b][/color][/u].

[b]2.[/b] Ściągnij [url=http://www.searchengines.pl/phpbb203/pliki/Lacrymosa/OTL/OTL.scr][b][color=blue][u]OTL.scr[/url][/b][/color][/u] i spróbój wykonać z niego loga w Trybie Awaryjnym (F8 przed ładowaniem się systemu). Jeżeli logi będą - wyślij.

EDIT:

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:OTL
MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found
MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found
MsConfig - StartUpReg: HPHmon06 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: HPHUPD06 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: HP Component Manager - hkey= - key= - File not found
MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found
O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found
O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe ()
O4 - HKLM..\Run: [lsass] File not found
O4 - HKLM..\Run: [BroadcomWireless] File not found
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe

:Files
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job
C:\WINDOWS\lsass
C:\WINDOWS\System32\shimg.dll
C:\WINDOWS\System32\drivers\str.sys
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\HP Usg Daily.job

:Commands
[emptyflash]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] W panelu sterowania ([b]dodaj lub usuń programy[/b]) odinstaluj śmietka: [b]Softonic-Eng7 Toolbar[/b] , [b]ConduitEngine[/b]

[b]3.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [b]Clean[/b]
Pokaż raport z tego narzędzia.

[b]4.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.

matigrucha15
komentarz
komentarz

Raport z OTL po restarcie:

[log]All processes killed
Error: Unable to interpret <MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: HPHmon06 - hkey= - key= - Reg Error: Value error. File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: HPHUPD06 - hkey= - key= - Reg Error: Value error. File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: HP Component Manager - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found> in the current context!
Error: Unable to interpret <O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\RunOnce: [] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [UserFaultCheck] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [lsass] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [BroadcomWireless] File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe> in the current context!
========== FILES ==========
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job moved successfully.
C:\WINDOWS\lsass folder moved successfully.
C:\WINDOWS\System32\shimg.dll moved successfully.
C:\WINDOWS\System32\drivers\str.sys moved successfully.
C:\WINDOWS\tasks\Google Software Updater.job moved successfully.
C:\WINDOWS\tasks\HP Usg Daily.job moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 41 bytes

User: LocalService

User: NetworkService

User: SysOp
->Flash cache emptied: 156456 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 53918 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: SysOp
->Temp folder emptied: 255771930 bytes
->Temporary Internet Files folder emptied: 63926787 bytes
->Java cache emptied: 54688806 bytes
->FireFox cache emptied: 52521848 bytes
->Opera cache emptied: 29838319 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1768448 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29807424 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 466,00 mb


OTL by OldTimer - Version 3.2.24.1 log created on 06272011_161742

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...
[/log]

Nowe logi z OTL.txt:

[log]OTL logfile created on: 2011-06-27 16:31:46 - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,55% Memory free
4,84 Gb Paging File | 3,99 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 5,94 Gb Free Space | 12,16% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,90 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-06-27 16:21:56 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Temp\RtkBtMnt.exe
PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
PRC - [2011-06-04 15:57:51 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- D:\Programy\Update\realsched.exe
PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-01-31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-11-23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-11-16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-11-15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010-05-11 11:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe
PRC - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-09-28 19:47:12 | 000,385,024 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2006-07-24 18:07:56 | 000,630,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2006-07-18 12:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2006-06-29 11:45:00 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
PRC - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe
PRC - [2006-06-28 13:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
PRC - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008-04-14 21:50:36 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2005-10-11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2001-10-26 20:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (ALG)
SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ)
SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo)
DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo)
DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY)
DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver)
DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 11:37:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 11:37:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]

[2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions
[2011-06-27 16:29:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions
[2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011-06-27 14:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
[2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BroadcomWireless] File not found
O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( )
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lsas] File not found
O4 - HKLM..\Run: [lsass] File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer)
O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal)
O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:12 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ]
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe
O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-06-27 16:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011-06-27 16:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon
[2011-06-27 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-06-27 11:36:09 | 000,000,000 | ---D | C] -- C:\rsit
[2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-26 23:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent
[2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus
[2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu
[2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2)
[2011-05-19 16:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\LO5
[2011-05-15 12:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2011-05-12 21:33:10 | 000,000,000 | ---D | C] -- C:\videooutput
[2011-05-12 21:33:07 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax
[2011-05-12 21:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software
[2011-05-12 21:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft
[2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-06-27 16:28:33 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk
[2011-06-27 16:22:20 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-06-27 16:21:15 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-27 16:20:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-06-27 16:20:34 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-27 15:54:03 | 209,220,479 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar
[2011-06-27 15:34:14 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar
[2011-06-27 14:56:10 | 000,000,011 | R--- | M] () -- C:\WINDOWS\amunres.lsl
[2011-06-27 14:38:03 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar
[2011-06-27 12:28:18 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar
[2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-24 18:37:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk
[2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db
[2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg
[2011-05-28 22:48:02 | 000,006,666 | ---- | M] () -- C:\Documents and Settings\SysOp\.recently-used.xbel
[2011-05-27 16:49:24 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg
[2011-05-04 18:12:00 | 014,712,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-27 16:28:33 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk
[2011-06-27 16:22:10 | 000,000,972 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-06-27 15:38:00 | 209,220,479 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar
[2011-06-27 15:10:23 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar
[2011-06-27 14:56:10 | 000,000,011 | R--- | C] () -- C:\WINDOWS\amunres.lsl
[2011-06-27 13:42:57 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar
[2011-06-27 12:00:13 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar
[2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp
[2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp
[2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys
[2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg
[2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg
[2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel
[2011-05-27 16:49:23 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg
[2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-05-04 19:49:54 | 014,712,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp
[2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat
[2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL
[2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat
[2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini
[2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe
[2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini
[2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF
[2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools
[2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6
[2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo
[2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10
[2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux
[2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer
[2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite
[2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog
[2011-06-27 10:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000
[2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet
[2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo
[2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0
[2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6
[2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon
[2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla
[2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech
[2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World
[2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia
[2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu
[2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera
[2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite
[2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol
[2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer
[2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]

Extras.txt:

[log]OTL Extras logfile created on: 2011-06-27 16:31:46 - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,55% Memory free
4,84 Gb Paging File | 3,99 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 5,94 Gb Free Space | 12,16% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,90 Gb Free Space | 3,20% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.)
"C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation)
"D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil
"C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve)
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
"46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover par C_XX
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"avast" = avast! Pro Antivirus
"Avidemux 2.5" = Avidemux 2.5
"Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor
"CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"CZATeriaKam" = CZATeriaKam 2.6.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a
"Drumaxx" = Drumaxx
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy GIF Animator_is1" = Easy GIF Animator 5.2
"Elasto Mania" = Elasto Mania
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"foobar2000" = foobar2000 v0.9.6.9 beta 1
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Aktualizator Google
"GridVista" = Acer GridVista
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"Hardcore" = Hardcore
"HP Photo & Imaging" = HP Image Zone 4.0
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"ipla" = ipla 1.2.1
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2
"NewSaver" = NewSaver
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"RealPlayer 12.0" = RealPlayer
"Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99
"Sakura" = Sakura
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Sawer" = Sawer
"speed" = speed
"Steam App 10" = Counter-Strike
"Steam App 150" = Counter-Strike Steamworks Beta
"Steam App 70" = Half-Life
"TC UP" = Total Commander Ultima Prime 4.9.0.0
"The Sims_is1" = The Sims
"Toxic Biohazard" = Toxic Biohazard
"Usbfix" = UsbFix By TeamXscript
"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = Archiwizator WinRAR
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XP Codec Pack" = XP Codec Pack

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-25 05:01:03 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 09:00:06 | Computer Name = PC | Source = MsiInstaller | ID = 11905
Description = Product: Phoenix Service Software -- Error 1905.Module C:\Program
Files\Nokia\Phoenix\gsmgautotuneui.dll failed to unregister. HRESULT -2147220472.
Contact your support personnel.

Error - 2011-06-27 10:22:02 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

[ System Events ]
Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7031
Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.

Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 10:23:05 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu: %%2


< End of report >
[/log]





Raport z Ad-Remover:

[log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 16:28:39 on 27/06/2011, Normal boot

Microsoft Windows XP Professional Dodatek Service Pack 3 (X86)
SysOp@PC ( )

============== ACTION(S) ==============


Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\conduit
Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\ConduitEngine
Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\extensions\engine@conduit.com
Folder deleted: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Conduit
Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong

(!) -- Temporary files deleted.


-- File opened: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\Prefs.js --
Line deleted: user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/DEFAULT", "\"...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/PL", "\"0\"")...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2405280", ...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63443493058760...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2405280/CT2405280...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...
Line deleted: user_pref("CommunityToolbar.EngineOwner", "CT2405280");
Line deleted: user_pref("CommunityToolbar.EngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}");
Line deleted: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-eng7");
Line deleted: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2405280");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-eng7");
Line deleted: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Line deleted: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2405280");
Line deleted: user_pref("CommunityToolbar.ToolbarsList2", "CT2405280");
Line deleted: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line deleted: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 23:23:32 GMT+0200");
Line deleted: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.locale", "en");
Line deleted: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line deleted: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 23:23:32 GMT+0200");
Line deleted: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line deleted: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line deleted: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line deleted: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line deleted: user_pref("CommunityToolbar.alert.userId", "b9bd7644-03a5-41e5-84b4-7243a450a8c2");
Line deleted: user_pref("ConduitEngine.FirstServerDate", "01/13/2011 00");
Line deleted: user_pref("ConduitEngine.FirstTime", true);
Line deleted: user_pref("ConduitEngine.FirstTimeFF3", true);
Line deleted: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line deleted: user_pref("ConduitEngine.Initialize", true);
Line deleted: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line deleted: user_pref("ConduitEngine.InstalledDate", "Wed Jan 12 2011 22:07:01 GMT+0100");
Line deleted: user_pref("ConduitEngine.IsMulticommunity", false);
Line deleted: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line deleted: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line deleted: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jun 26 2011 23:23:35 GMT+0200");
Line deleted: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jun 27 2011 13:52:08 GMT+0200");
Line deleted: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line deleted: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line deleted: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jun 27 2011 13:52:07 GMT+0200");
Line deleted: user_pref("ConduitEngine.UserID", "UN37866952036134565");
Line deleted: user_pref("ConduitEngine.engineLocale", "pl");
Line deleted: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jun 26 2011 23:23:35 GMT+0200");
Line deleted: user_pref("ConduitEngine.initDone", true);
-- File closed --


Key deleted: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key deleted: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key deleted: HKLM\Software\Classes\Conduit.Engine
Key deleted: HKLM\Software\Classes\Toolbar.CT2405280
Key deleted: HKLM\Software\Conduit
Key deleted: HKCU\Software\PriceGong
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\RelevantKnowledge
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}

Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|{6E19037A-12E3-4295-8915-ED48BC341614}


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [3.6.18 (pl)] ****

Plugins\npganymedenet.dll ( )
HKLM_MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0 (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&amp;sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&amp;fraza={searchTerms}&amp;skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&amp;r=T&amp;szukaj={searchTerms})
HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

-- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default --
Extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} (Softonic-Eng7 Community Toolbar)
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

========================================

**** Internet Explorer Version [7.0.5730.13] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 92 File(s)
C:\Program Files\Ad-Remover\Backup: 14 File(s)

C:\Ad-Report-CLEAN[1].txt - 27/06/2011 16:28:49 (9941 Byte(s))

End at: 16:29:57, 27/06/2011

============== E.O.F ==============
[/log]


Problem wirusa już zniknął, wielkie dzięki.
Co mogę tam jeszcze mieć nie tak?

Chciałbym mieć czystego kompa bez wirusów, bo kiedyś często się zdarzało, że przy podłączeniu jakiejś pamięci przenośnej na nią wpieprzał się wirus.
Skanowałem całego kompa w Avast i miałem chyba 70 wykrytych zagrożeń, dałem wszystko do kwarantanny ale wyświetla mi, że mam za mało miejsca na dysku, ile tego muszę mieć? Mam teraz 7GB wolnego.

wirusolog
komentarz
komentarz

Nie wykonał się w całości skrypt bo został upuszczony element (pewnie pomyliłeś się podczas kopiowania skryptu) [size="4"][b]:OTL[/b][/size]
Daje kolejny skrypt, tym razem skopiuj wszystko włącznie z [size="4"][b]:OTL[/b][/size]

[hr]
[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:OTL
SRV - File not found [On_Demand | Stopped] -- -- (ALG)
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
[2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
O4 - HKLM..\Run: [BroadcomWireless] File not found
O4 - HKLM..\Run: [lsas] File not found
O4 - HKLM..\Run: [lsass] File not found
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found
O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found

:Files
C:\WINDOWS\tasks\Google Software Updater.job

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]

:Commands
[clearallrestorepoints]
[emptytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.

matigrucha15
komentarz
komentarz

Raport z restartu:

[log]All processes killed
========== OTL ==========
Service ALG stopped successfully!
Service ALG deleted successfully!
Prefs.js: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 removed from extensions.enabledItems
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
Prefs.js: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 removed from extensions.enabledItems
Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 removed from extensions.enabledItems
Prefs.js: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2 removed from extensions.enabledItems
Prefs.js: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 removed from extensions.enabledItems
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\lib folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome folder moved successfully.
C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BroadcomWireless deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lsas deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lsass deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Boxoft Tools deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32\ deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\Google Software Updater.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ deleted successfully.
========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: SysOp
->Temp folder emptied: 599257 bytes
->Temporary Internet Files folder emptied: 94927 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 16185143 bytes
->Flash cache emptied: 642 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 16,00 mb


OTL by OldTimer - Version 3.2.24.1 log created on 06272011_213223

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_e4c.dat moved successfully.

Registry entries deleted on Reboot...
[/log]

OTL.txt:

[log]OTL logfile created on: 2011-06-27 21:45:09 - Run 5
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,21% Memory free
4,84 Gb Paging File | 3,93 Gb Available in Paging File | 81,24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 7,87 Gb Free Space | 16,12% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,92 Gb Free Space | 3,21% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-06-27 21:35:07 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Temp\RtkBtMnt.exe
PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
PRC - [2011-06-04 15:57:51 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- D:\Programy\Update\realsched.exe
PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-01-31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-11-23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-11-16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-11-15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010-05-11 11:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-08-10 20:51:08 | 016,269,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe
PRC - [2009-01-30 09:12:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-12-03 19:14:43 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-09-28 19:47:12 | 000,385,024 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2006-07-24 18:07:56 | 000,630,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2006-07-18 12:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2006-06-29 11:45:00 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
PRC - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe
PRC - [2006-06-28 13:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
PRC - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2001-10-26 20:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2001-02-20 13:09:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CTFMON.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2008-12-03 19:15:58 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-12-03 19:13:10 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-12-03 19:12:22 | 001,392,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-12-03 19:10:11 | 001,420,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-12-03 19:10:06 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-12-03 18:39:57 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-11-09 18:03:58 | 025,531,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 21:50:36 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-07-11 06:06:54 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2005-10-11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2001-10-26 20:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ)
SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo)
DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo)
DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY)
DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver)
DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\TVicPort.sys -- (tvicport)
DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\zntport.sys -- (zntport)
DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\tifm21.sys -- (tifm21)
DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 11:37:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 11:37:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M]

[2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions
[2011-06-27 21:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011-06-27 14:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
[2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( )
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.116.100.65 79.163.127.70
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-06-27 17:04:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent
[2011-06-27 16:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011-06-27 16:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon
[2011-06-27 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-06-27 11:36:09 | 000,000,000 | ---D | C] -- C:\rsit
[2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus
[2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu
[2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2)
[2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-06-27 21:39:21 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-06-27 21:34:31 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-06-27 21:33:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-06-27 21:33:50 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-27 16:28:33 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk
[2011-06-27 15:54:03 | 209,220,479 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar
[2011-06-27 15:34:14 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar
[2011-06-27 14:56:10 | 000,000,011 | R--- | M] () -- C:\WINDOWS\amunres.lsl
[2011-06-27 14:38:03 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar
[2011-06-27 12:28:18 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar
[2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe
[2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db
[2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-06-27 21:35:17 | 000,000,972 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-06-27 16:28:33 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk
[2011-06-27 15:38:00 | 209,220,479 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar
[2011-06-27 15:10:23 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar
[2011-06-27 14:56:10 | 000,000,011 | R--- | C] () -- C:\WINDOWS\amunres.lsl
[2011-06-27 13:42:57 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar
[2011-06-27 12:00:13 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar
[2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip
[2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe
[2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe
[2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp
[2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp
[2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3
[2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys
[2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp
[2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4
[2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg
[2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp
[2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp
[2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg
[2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3
[2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg
[2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel
[2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat
[2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL
[2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat
[2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini
[2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe
[2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini
[2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo
[2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10
[2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux
[2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer
[2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite
[2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog
[2011-06-27 21:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000
[2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet
[2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo
[2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0
[2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6
[2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon
[2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla
[2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech
[2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World
[2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia
[2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu
[2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera
[2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite
[2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol
[2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer
[2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall
[2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF
[2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10
[2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools
[2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6
[2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]

Extras.txt:

[log]OTL Extras logfile created on: 2011-06-27 21:45:10 - Run 5
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,21% Memory free
4,84 Gb Paging File | 3,93 Gb Available in Paging File | 81,24% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 7,87 Gb Free Space | 16,12% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 5,92 Gb Free Space | 3,21% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: SysOp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.)
"C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation)
"D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil
"C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve)
"C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
"46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover par C_XX
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"avast" = avast! Pro Antivirus
"Avidemux 2.5" = Avidemux 2.5
"Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor
"CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"CZATeriaKam" = CZATeriaKam 2.6.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a
"Drumaxx" = Drumaxx
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy GIF Animator_is1" = Easy GIF Animator 5.2
"Elasto Mania" = Elasto Mania
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"foobar2000" = foobar2000 v0.9.6.9 beta 1
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Aktualizator Google
"GridVista" = Acer GridVista
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"Hardcore" = Hardcore
"HP Photo & Imaging" = HP Image Zone 4.0
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"ipla" = ipla 1.2.1
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2
"NewSaver" = NewSaver
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"RealPlayer 12.0" = RealPlayer
"Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99
"Sakura" = Sakura
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Sawer" = Sawer
"speed" = speed
"Steam App 10" = Counter-Strike
"Steam App 150" = Counter-Strike Steamworks Beta
"Steam App 70" = Half-Life
"TC UP" = Total Commander Ultima Prime 4.9.0.0
"The Sims_is1" = The Sims
"Toxic Biohazard" = Toxic Biohazard
"Usbfix" = UsbFix By TeamXscript
"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = Archiwizator WinRAR
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XP Codec Pack" = XP Codec Pack

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący
błąd , wersja 0.0.0.0, adres błędu 0x00000000.

Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 09:00:06 | Computer Name = PC | Source = MsiInstaller | ID = 11905
Description = Product: Phoenix Service Software -- Error 1905.Module C:\Program
Files\Nokia\Phoenix\gsmgautotuneui.dll failed to unregister. HRESULT -2147220472.
Contact your support personnel.

Error - 2011-06-27 10:22:02 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2011-06-27 15:35:17 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

[ System Events ]
Error - 2011-06-27 10:23:05 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu: %%2

Error - 2011-06-27 15:16:54 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.115 dla karty sieciowej o adresie 0016D34D777C
został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK).

Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Atheros Configuration Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa LockServ niespodziewanie zakończyła pracę. Wystąpiło to razy:
1.

Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.

Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-06-27 15:32:29 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.


< End of report >
[/log]

Jak mam przywrócić te piosenki, które się skasowały? One są z przyrostkiem .vir
Muszę zmieniać nazwę każdego z osobna czy jak? W tamtym temacie o UsbFix nic nie pisze o tym w jaki sposób to przywrócić.

wirusolog
komentarz
komentarz

Logi są czyste.

Co do tych piosenek - normalnie wyciągasz je z kwarantanny, niestety z każdego pliku trzeba usunąć przedrostek [b]*.vir[/b].
Gdzieś czytałem, że podobno za pierwszym razem da się usunąć te przedrostki, pisali też o programie [url=http://www.dobreprogramy.pl/Total-Commander,Program,Windows,12316.html][b][color=blue][u]Total Commander[/url][/b][/color][/u]. Spróbój nim pokombinować, jeżeli nie będziesz umiał (sam też nie umiem) to zostaje Ci każdy plik osobno usuwać ten przedrostek.

[hr]
Jeżeli uda Ci się zrobić te porządki z muzyką, ,,ogarnąć ją" to wykonuj kroki końcowe:

[b]1.[/b] Uruchom USBFix i wciśnij [b]UNINSTALL[/b].

[b]2.[/b] Uruchom Ad-Remover'a i wciśnij [b]UNINSTALL[/b].

[b]3.[/b] Uruchom OTL i wciśnij w nim [b]Sprzątanie[/b].

[b]4.[/b] Aktualizacja zabezpieczeń:
[quote]
Internet Explorer [b](Version = 7.0.5730.13)[/b]
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" =[b] Java™ 6 Update 20[/b]
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = [b]Adobe Reader 9.3.2 - Polish[/b]
"Adobe Flash Player Plugin" = [b]Adobe Flash Player 10 Plugin[/b]
[/quote]
[url="http://windows.microsoft.com/pl-PL/internet-explorer/downloads/ie-8"][color="#0000FF"][b]Internet Explorer 8[/b][/color][/url] / [url="http://www.oracle.com/technetwork/java/javase/downloads/index.html"][b][color="#0000FF"]Java 6 Update 26[/color][/b][/url] / [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] / [url="http://get.adobe.com/flashplayer/"][color="#0000FF"][b]Adobe Flash Player 10.3.181.26[/b][/color][/url] / (nie wiem z jakiej wersji Avasta używasz - napisz).

[b]5.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.