matigrucha15 utworzono 27 czerwca 2011 utworzono 27 czerwca 2011 (edytowane) Witam serdecznie wszystkich użytkowników, jestem tutaj nowy. Mój problem polega na tym, że co kilkanaście sekund AVAST (wersja testowa) wykrywa to samo zagrożenie na dysku C i D, za każdym razem działanie to "usunięto". Poniżej screen: [IMG]http://i56.tinypic.com/dcrpe.jpg[/IMG] Bardzo proszę o pomoc..
wirusolog komentarz 27 czerwca 2011 komentarz 27 czerwca 2011 Infekcja z pendrive - starocie. [b]1.[/b] Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]USBFix[/url][/b][/color][/u] z opcji [b][color="#FFA500"]DELETION[/color][/b]. Pokaż raport z usuwania (wszystko opisane jest w poradniku)! [b]2.[/b] Daj komplet logów: [url=http://www.forumpc.pl/index.php?showtopic=104338][b][color=blue][u]OTL i RSIT[/url][/b][/color][/u] + [url=http://www.forumpc.pl/index.php?showtopic=116175][b][color=blue][u]GMER[/url][/b][/color][/u].
matigrucha15 komentarz 27 czerwca 2011 Autor komentarz 27 czerwca 2011 (edytowane) Raport z UsbFix. Plik "UsbFix_Upload_Me_PC.zip" ma 488MB (w większości usunięte MP3-ki) więc go nigdzie nie będę wysyłał. [log]############################## | UsbFix 7.048 | [Deletion] User: SysOp (Administrator) # PC [ ] Updated 11/06/2011 by TeamXscript Started at 11:02:31 | 27/06/2011 Website: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-50 CPU 2: AMD Turion(tm) 64 X2 Mobile Technology TL-50 Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 Windows Firewall: Enabled RAM -> 3071 Mb C:\ (%systemdrive%) -> Fixed drive # 49 Gb (5 Mb free - 10%) [] # NTFS D:\ -> Fixed drive # 184 Gb (6 Mb free - 3%) [] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> Removable drive # 2 Gb (569 Mb free - 30%) [NOKIA 2GB] # FAT ################## | Files # Infected Folders | Deleted ! C:\Recycler\S-1-5-21-606747145-2025429265-1177238915-1001 Deleted ! D:\Recycler\S-1-5-21-606747145-2025429265-1177238915-1001 ################## | Registry | ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{11e621bf-ee34-11df-b4b4-0016d34d777c} Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{580e32ba-6934-11e0-b4e7-0016d34d777c} Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{9fd482b0-9272-11de-b38b-0016cfb26ce8} Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f48a5ef0-0f55-11df-b403-0016d34d777c} ################## | Listing | [06/04/2011 - 20:39:00 | D ] C:\$AVG [02/02/2010 - 20:03:46 | D ] C:\6852b472aa94b7a18f [01/02/2010 - 22:47:48 | D ] C:\Acer [09/08/2009 - 16:16:09 | N | 0] C:\AUTOEXEC.BAT [27/06/2011 - 10:40:20 | RASHD ] C:\Autorun.inf [30/10/2010 - 08:17:20 | N | 223] C:\boot.ini [22/07/2001 - 01:13:54 | N | 4952] C:\Bootfont.bin [25/06/2011 - 10:59:59 | D ] C:\Config.Msi [09/08/2009 - 16:16:09 | N | 0] C:\CONFIG.SYS [18/09/2010 - 10:13:09 | N | 256] C:\dk2.mem [09/08/2009 - 16:18:02 | D ] C:\Documents and Settings [13/05/2010 - 17:32:29 | D ] C:\Gry [27/06/2011 - 10:57:11 | ASH | 3219828736] C:\hiberfil.sys [09/08/2009 - 16:16:09 | N | 0] C:\IO.SYS [09/08/2009 - 16:16:09 | N | 0] C:\MSDOS.SYS [11/01/2011 - 18:58:43 | D ] C:\My Music [27/03/2011 - 19:23:13 | D ] C:\My Recordings [13/04/2008 - 21:13:04 | N | 47564] C:\NTDETECT.COM [13/04/2008 - 23:02:00 | N | 251152] C:\ntldr [09/08/2009 - 23:14:10 | D ] C:\NVIDIA [11/08/2010 - 11:15:42 | D ] C:\output [27/06/2011 - 10:57:06 | ASH | 2145386496] C:\pagefile.sys [08/05/2010 - 23:30:14 | D ] C:\Pajacyk [24/06/2011 - 18:42:36 | D ] C:\Program Files [27/06/2011 - 11:07:31 | SHD ] C:\RECYCLER [25/10/2009 - 23:15:47 | SHD ] C:\System Volume Information [29/03/2010 - 22:29:01 | D ] C:\temp [27/06/2011 - 11:07:32 | D ] C:\UsbFix [27/06/2011 - 11:07:33 | A | 1028] C:\UsbFix.txt [27/06/2011 - 10:41:58 | N | 505129107] C:\UsbFix_Upload_Me_PC.zip [12/05/2011 - 21:33:10 | D ] C:\videooutput [27/06/2011 - 10:58:59 | D ] C:\WINDOWS [25/10/2009 - 23:14:52 | D ] C:\_OTL [27/06/2011 - 10:40:20 | RASHD ] D:\Autorun.inf [02/10/2009 - 16:07:42 | D ] D:\GTA San Andreas User Files [27/09/2009 - 16:20:30 | N | 957872128] D:\gta3.img [11/02/2004 - 16:16:26 | N | 16384] D:\hpqimgrc.resources.dll [27/06/2011 - 10:05:58 | D ] D:\Instalki [03/06/2010 - 12:20:20 | D ] D:\Mateusz [07/03/2010 - 10:49:15 | D ] D:\Program Files [27/06/2011 - 07:55:39 | D ] D:\Programy [27/06/2011 - 11:07:32 | SHD ] D:\RECYCLER [29/07/2010 - 21:07:30 | D ] D:\Sniper Ghost Warrior [27/01/2010 - 23:29:52 | SHD ] D:\System Volume Information [27/06/2011 - 10:40:22 | RASHD ] H:\Autorun.inf [27/06/2011 - 10:57:06 | N | 1464] H:\BOOTEX.LOG [27/05/2011 - 01:04:08 | RSHD ] H:\RECYCLER [07/11/2010 - 13:13:16 | D ] H:\ALE URWAŁ !!! [15/04/2011 - 12:20:10 | N | 9221332] H:\Hemp Gru - Jedność.mp3 [27/01/2011 - 15:40:24 | HD ] H:\System [19/05/2011 - 19:32:30 | N | 5910289] H:\Grubson - Człowiek.mp3 [29/01/2011 - 15:03:26 | N | 2453687] H:\2-16. List do K..mp3 [07/11/2010 - 13:16:40 | D ] H:\Reggae. HH [24/06/2011 - 19:30:22 | N | 4475956] H:\Miuosh - Piąta Strona Świata.mp3 [07/11/2010 - 13:20:08 | D ] H:\Zdjęcia [18/03/2011 - 19:40:56 | D ] H:\Pliki wideo ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) H:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_PC.zip http://www.teamxscript.org/Upload.php Thank you for your contribution. ################## | E.O.F | [/log] Dodam, że przy skanie w programie OTL wyświetlił się BlueScreen i tam komunikat: "Pojawił się problem i system windows zostanie zamknięty, aby zapobiec uszkodzeniu komputera [...] Informacje techniczne: *** STOP: 0x0000000A (0x00000023, 0x00000002, 0x00000000, 0x8050C633)" Już nie pierwszy raz coś takiego mi się stało. Przez tego BlueScreena utraciłem pierwszy raport z UsbFix. Mój system: [IMG]http://i56.tinypic.com/ncgq9u.jpg[/IMG] Za chwilę zrobie skany w pozostałych programach i jak nie będzie kolejnego błędu to wstawię tutaj logi. Edit: OTL Extras: [log]OTL Extras logfile created on: 2011-06-27 11:29:49 - Run 3 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free 4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 5,03 Gb Free Space | 10,30% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,87 Gb Free Space | 3,19% Space Free | Partition Type: NTFS Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application "D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation) "D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil "C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve) "C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform "{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{11C86A01-3C83-4EE3-ADC1-8DE5C3037772}" = Enigma "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20 "{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects "{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable "{2FF5FC32-B2AC-4505-A381-350670AA46D4}" = Fuse Drivers "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers "{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI "{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam "{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86) "{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8714DAB9-5656-45CC-B8C4-EAEC9ACB74B0}" = Phoenix Service Software "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects "{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen "{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director "{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates "{B85B4400-C4E3-48CB-BB5C-1D15CED1CC57}" = VoIP Phone Charger "{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare "{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{d08d9f98-1c78-4704-87e6-368b0023d831}" = RelevantKnowledge "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010 "{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial "{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations "{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009 "avast" = avast! Pro Antivirus "Avidemux 2.5" = Avidemux 2.5 "Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor "CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600 "conduitEngine" = Conduit Engine "CWK" = CWK (Czasowy Wyłącznik Komputera) "CZATeriaKam" = CZATeriaKam 2.6.2 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a "Drumaxx" = Drumaxx "DVD Shrink_is1" = DVD Shrink 3.2 "Easy GIF Animator_is1" = Easy GIF Animator 5.2 "Elasto Mania" = Elasto Mania "Exact Audio Copy" = Exact Audio Copy 0.99pb5 "foobar2000" = foobar2000 v0.9.6.9 beta 1 "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "German Truck Simulator" = German Truck Simulator 1.00 "Google Updater" = Aktualizator Google "GridVista" = Acer GridVista "Guitar Pro 5_is1" = Guitar Pro 5.2 "Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel "Hardcore" = Hardcore "HP Photo & Imaging" = HP Image Zone 4.0 "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "ipla" = ipla 1.2.1 "IrfanView" = IrfanView (remove only) "IVONA - syntezator mowy, wersja demonstracyjna" = IVONA - syntezator mowy, wersja demonstracyjna "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "LManager" = Launch Manager "Magic AAC to MP3 Converter_is1" = Magic AAC to MP3 Converter 3.72 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Monkey's Audio_is1" = Monkey's Audio "Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17) "Mp3 Knife_is1" = Mp3 Knife 3.2 "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NewSaver" = NewSaver "Nokia Ovi Suite" = Nokia Ovi Suite "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "Opera 11.11.2109" = Opera 11.11 "Phoenix Service Software 2010.24.003.43250_is1" = Phoenix Service Software 2010.24.003.43250 "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "PoiZone" = PoiZone "RealPlayer 12.0" = RealPlayer "Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99 "Sakura" = Sakura "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Sawer" = Sawer "Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar "speed" = speed "Steam App 10" = Counter-Strike "Steam App 130" = Half-Life: Blue Shift "Steam App 150" = Counter-Strike Steamworks Beta "Steam App 20" = Team Fortress Classic "Steam App 30" = Day of Defeat "Steam App 40" = Deathmatch Classic "Steam App 50" = Half-Life: Opposing Force "Steam App 60" = Ricochet "Steam App 70" = Half-Life "TC UP" = Total Commander Ultima Prime 4.9.0.0 "The Sims_is1" = The Sims "Toxic Biohazard" = Toxic Biohazard "Tunatic" = Tunatic "Usbfix" = UsbFix By TeamXscript "WAV MP3 Converter_is1" = WAV MP3 Converter 1.30 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WinGimp-2.0_is1" = GIMP 2.6.7 "WinRAR archiver" = Archiwizator WinRAR "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 "XP Codec Pack" = XP Codec Pack [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-24 12:39:35 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd skype.exe, wersja 5.0.0.152, moduł powodujący błąd skype.exe, wersja 5.0.0.152, adres błędu 0x0014c7b9. Error - 2011-06-24 13:43:18 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd avastui.exe, wersja 6.0.999.0, adres błędu 0x0020445f. Error - 2011-06-25 05:01:03 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa LockServ niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log] OTL: [log]OTL logfile created on: 2011-06-27 11:29:49 - Run 3 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 72,85% Memory free 4,84 Gb Paging File | 4,23 Gb Available in Paging File | 87,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 5,03 Gb Free Space | 10,30% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,87 Gb Free Space | 3,19% Space Free | Partition Type: NTFS Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe PRC - [2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2001-10-26 20:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2001-02-20 13:09:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CTFMON.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2008-12-03 19:15:58 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-12-03 19:13:10 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-12-03 19:12:22 | 001,392,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-12-03 19:10:11 | 001,420,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-12-03 19:10:06 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-12-03 18:39:57 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-11-09 18:03:58 | 025,531,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-07-11 06:06:54 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (ALG) SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ) SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo) DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo) DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY) DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX) DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver) DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver) DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport) DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport) DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-04 15:58:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-04 15:59:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] [2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions [2011-06-25 19:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions [2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-01-11 18:36:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\engine@conduit.com [2011-06-25 19:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-12 00:32:11 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O3 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BroadcomWireless] File not found O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( ) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe () O4 - HKLM..\Run: [lsass] File not found O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKLM..\RunOnce: [] File not found O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer) O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal) O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:12 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ] O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - D:\Programy\HP\digital imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk - D:\Programy\HP\digital imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk - D:\Programy\UniSpiker-2.6\uni_spiker-2.6.exe - () MsConfig - StartUpReg: [b]Acer ePresentation HPD[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.) MsConfig - StartUpReg: [b]ACU[/b] - hkey= - key= - C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - D:\Programy\Adobe Reader 9.2\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - D:\Programy\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]Boot[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePower\Boot.exe () MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Programy\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]eMuleAutoStart[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]ePower_DMC[/b] - hkey= - key= - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () MsConfig - StartUpReg: [b]HP Component Manager[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - D:\Programy\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company) MsConfig - StartUpReg: [b]HPDJ Taskbar Utility[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]HPHmon06[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]HPHUPD06[/b] - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: [b]IPLA![/b] - hkey= - key= - C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) MsConfig - StartUpReg: [b]Nokia Internet Modem[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe (SmartCom) MsConfig - StartUpReg: [b]PC Suite Tray[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]SkyTel[/b] - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: [b]Steam[/b] - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation) MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]voip phone charger[/b] - hkey= - key= - C:\Program Files\Acer\VoIP Phone Charger\voip phone charger.exe () MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-26 23:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent [2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus [2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu [2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2) [2011-05-19 16:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\LO5 [2011-05-15 12:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 [2011-05-12 21:33:10 | 000,000,000 | ---D | C] -- C:\videooutput [2011-05-12 21:33:07 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax [2011-05-12 21:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software [2011-05-12 21:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft [2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe [2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-27 11:22:08 | 000,119,144 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\cats2.jpg [2011-06-27 11:10:19 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job [2011-06-27 11:10:19 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job [2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-27 10:59:03 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-06-27 10:57:50 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-06-27 10:57:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-06-27 10:57:11 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys [2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-27 08:14:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job [2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-24 18:37:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk [2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db [2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI [2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011-06-01 23:14:54 | 000,295,042 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll [2011-06-01 23:14:24 | 000,327,742 | ---- | M] () -- C:\WINDOWS\System32\drivers\str.sys [2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [2011-05-28 22:48:02 | 000,006,666 | ---- | M] () -- C:\Documents and Settings\SysOp\.recently-used.xbel [2011-05-27 16:49:24 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg [2011-05-04 18:12:00 | 014,712,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-27 11:22:07 | 000,119,144 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\cats2.jpg [2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp [2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp [2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys [2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg [2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-06-01 23:14:29 | 000,295,042 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll [2011-06-01 23:14:21 | 000,327,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys [2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel [2011-05-27 16:49:23 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg [2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-05-04 19:49:54 | 014,712,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp [2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat [2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini [2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL [2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe [2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat [2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini [2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini [2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI [2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys [2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys [2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe [2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini [2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini [2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat [2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini [2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat [2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat [2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI [2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe [2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL [2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF [2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools [2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6 [2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo [2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10 [2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux [2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer [2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite [2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog [2011-06-27 10:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000 [2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet [2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo [2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0 [2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6 [2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon [2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla [2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech [2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World [2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia [2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu [2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera [2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite [2011-06-27 11:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong [2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol [2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer [2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-10-30 08:17:20 | 000,000,223 | ---- | M] () -- C:\boot.ini [2001-07-22 01:13:54 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-09-18 10:13:09 | 000,000,256 | ---- | M] () -- C:\dk2.mem [2011-06-27 10:57:11 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2008-04-13 21:13:04 | 000,047,564 | ---- | M] () -- C:\NTDETECT.COM [2008-04-13 23:02:00 | 000,251,152 | ---- | M] () -- C:\ntldr [2011-06-27 10:57:06 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2011-06-27 11:10:09 | 000,004,635 | ---- | M] () -- C:\UsbFix.txt [2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-12-03 19:26:12 | 018,057,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-05-02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys [2008-05-02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys [2008-05-02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) MD5=335813EACD16E84F3047A3326F6E5473 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] RSIT log: [log]Logfile of random's system information tool 1.08 (written by random/random) Run by SysOp at 2011-06-27 11:36:09 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 5 GB (10%) free of 50 GB Total RAM: 3071 MB (67% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:36:24, on 2011-06-27 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Opera\Opera.exe D:\Programy\AQQ\AQQ.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Documents and Settings\SysOp\Pulpit\OTL.exe C:\WINDOWS\notepad.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\SysOp\Pulpit\RSIT.exe C:\Program Files\trend micro\SysOp.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [lsas] C:\Windows\lsass\lsas.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [TkBellExe] "D:\programy\update\realsched.exe" -osboot O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [Boxoft Tools] "C:\Documents and Settings\All Users\Dane aplikacji\Boxtools\Boxofttoolbox.exe" -autorun O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Canon IJ Status Monitor Canon iP1600.lnk = ? O4 - Global Startup: Acer Empowering Technology.lnk = ? O4 - Global Startup: Acer VCM.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: mdhcp32 - mdhcp32.dll (file missing) O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Usługa bramy warstwy aplikacji (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8327 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\HP Usg Daily.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-04 386264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-01-17 175912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-08-26 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-01-17 175912] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BroadcomWireless"=C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016] "UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "eLockMonitor"=C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe [2006-03-31 16384] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-24 630784] "lsas"=C:\Windows\lsass\lsas.exe [2010-05-08 309635] "lsass"= [] "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-07-18 438272] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-10 16269312] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-08-10 69632] "NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [] "TkBellExe"=D:\programy\update\realsched.exe [2011-06-04 273544] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] ""= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AQQ"=D:\Programy\AQQ\AQQ.exe [2009-07-22 4777472] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2001-02-20 8192] ""= [] "NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360] "Boxoft Tools"=C:\Documents and Settings\All Users\Dane aplikacji\Boxtools\Boxofttoolbox.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-06-07 208896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACU] C:\Program Files\Atheros\ACU.exe [2005-01-31 253952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] D:\Programy\Adobe Reader 9.2\Reader\Reader_sl.exe [2010-04-04 36272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] D:\Programy\ALLPlayer\ALLUpdate.exe [2009-06-04 869888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot] C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\Programy\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] D:\Programy\eMule\emule.exe -AutoStart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-07-18 438272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] D:\Programy\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe [2004-04-06 172032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] C:\Program Files\ipla\ipla.exe [2009-09-01 4726168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia Internet Modem] C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe [2009-03-06 1958552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2010-10-11 14940040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] C:\WINDOWS\SkyTel.EXE [2009-08-10 2879488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] c:\program files\steam\steam.exe [2010-11-26 1242448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-26 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\voip phone charger] C:\Program Files\Acer\VoIP Phone Charger\voip phone charger.exe [2006-01-10 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk] C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] D:\Programy\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk] D:\Programy\HP\DIGITA~1\bin\hpqthb08.exe [2004-05-28 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe] C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Ashampoo Burning Studio Updater.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk] D:\Mateusz\Gry\NFSUND~1\Support\EAREGI~1.EXE /remind /language=PL /PRID=GAME-NFSU09 /WHPR=Need for Speed™ Undercover /PRNM=Electronic Arts Product [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^UniSpiker-2.6.lnk] D:\Programy\UNISPI~1.6\UNI_SP~1.EXE [2006-03-06 86016] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart Canon IJ Status Monitor Canon iP1600.lnk - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32] mdhcp32.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-03 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 "NoSMConfigurePrograms"=1 "NoDriveAutoRun"=3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=3 "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Programy\AQQ\AQQ.exe"="D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator" "C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe"="C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype " "D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2" "C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG" "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process " "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater" "D:\Programy\Opera\opera.exe"="D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser" "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil" "C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike" "C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2011-06-27 11:36:10 ----D---- C:\Program Files\trend micro 2011-06-27 11:36:09 ----D---- C:\rsit 2011-06-27 11:08:10 ----RASHD---- C:\Autorun.inf 2011-06-27 10:31:43 ----A---- C:\UsbFix.txt 2011-06-27 10:31:41 ----D---- C:\UsbFix 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys 2011-06-24 19:22:54 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2011-06-24 19:22:53 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys 2011-06-24 19:22:05 ----A---- C:\WINDOWS\system32\aswBoot.exe 2011-06-24 18:42:36 ----D---- C:\Program Files\AVAST Software 2011-06-24 18:42:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2011-06-24 18:35:07 ----ASH---- C:\hiberfil.sys 2011-06-24 11:25:29 ----A---- C:\WINDOWS\ntbtlog.txt 2011-06-01 23:14:29 ----A---- C:\WINDOWS\system32\shimg.dll 2011-06-01 23:14:21 ----A---- C:\WINDOWS\system32\drivers\str.sys ======List of files/folders modified in the last 1 months====== 2011-06-27 11:36:10 ----D---- C:\Program Files 2011-06-27 11:36:05 ----D---- C:\WINDOWS\Prefetch 2011-06-27 11:13:01 ----D---- C:\WINDOWS\TEMP 2011-06-27 11:10:18 ----SD---- C:\WINDOWS\Tasks 2011-06-27 11:10:16 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong 2011-06-27 11:07:31 ----SHD---- C:\RECYCLER 2011-06-27 11:03:43 ----D---- C:\WINDOWS\system32 2011-06-27 11:03:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-06-27 10:58:59 ----D---- C:\WINDOWS 2011-06-27 10:57:22 ----SHD---- C:\WINDOWS\CSC 2011-06-27 10:42:58 ----D---- C:\Program Files\Softonic-Eng7 2011-06-27 10:42:56 ----D---- C:\Program Files\ConduitEngine 2011-06-27 10:42:56 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp 2011-06-27 10:13:33 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000 2011-06-27 09:50:54 ----D---- C:\Program Files\Mozilla Firefox 2011-06-27 07:56:16 ----D---- C:\WINDOWS\system32\CatRoot2 2011-06-26 20:14:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-06-25 10:59:59 ----D---- C:\Config.Msi 2011-06-24 19:22:54 ----D---- C:\WINDOWS\system32\drivers 2011-06-24 19:22:20 ----SHD---- C:\WINDOWS\Installer 2011-06-24 19:22:18 ----D---- C:\WINDOWS\WinSxS 2011-06-24 18:56:34 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\Skype 2011-06-24 18:37:31 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\skypePM 2011-06-24 18:34:30 ----D---- C:\WINDOWS\system32\config 2011-06-24 18:34:08 ----D---- C:\WINDOWS\system32\wbem 2011-06-24 18:34:07 ----D---- C:\WINDOWS\Registration 2011-06-24 18:33:43 ----D---- C:\WINDOWS\system32\drivers\UMDF 2011-06-24 01:45:49 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite 2011-06-17 16:21:09 ----D---- C:\WINDOWS\system32\NtmsData 2011-06-17 16:18:35 ----D---- C:\WINDOWS\pss 2011-06-17 16:18:35 ----A---- C:\WINDOWS\win.ini 2011-06-17 16:18:35 ----A---- C:\WINDOWS\system.ini 2011-06-17 16:10:53 ----D---- C:\WINDOWS\system32\ReinstallBackups 2011-06-13 13:18:09 ----D---- C:\Program Files\Steam 2011-06-11 22:34:01 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog 2011-06-04 21:43:46 ----A---- C:\WINDOWS\AviSplitter.INI 2011-06-04 21:42:30 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer 2011-06-04 15:59:54 ----D---- C:\Program Files\Common Files\Real 2011-06-04 15:58:42 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Real 2011-06-04 15:58:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2011-06-04 15:57:55 ----A---- C:\WINDOWS\system32\pndx5032.dll 2011-06-04 15:57:55 ----A---- C:\WINDOWS\system32\pndx5016.dll 2011-06-04 15:57:53 ----A---- C:\WINDOWS\system32\pncrt.dll 2011-06-04 15:57:49 ----A---- C:\WINDOWS\system32\msvcr71.dll 2011-06-04 15:57:49 ----A---- C:\WINDOWS\system32\msvcp71.dll 2011-05-28 22:48:02 ----D---- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-01-28 99584] R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2008-12-03 105344] R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-11-12 145952] R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680] R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040] R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832] R0 Si3112;Si3112; C:\WINDOWS\system32\drivers\Si3112.sys [2008-12-03 62208] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-05 721904] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904] R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680] R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520] R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368] R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872] R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-09 17801] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544] R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232] R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [] R2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys [] R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys [] R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys [] R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys [] R3 BCM43XX;Sterownik karty sieciowej Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-06-25 564224] R3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-06-30 775936] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-10 4394496] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056] R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2006-05-17 162560] S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [] S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [] S3 aslrbwme;aslrbwme; C:\WINDOWS\system32\drivers\aslrbwme.sys [] S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [] S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [] S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-18 51088] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-18 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-18 21744] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048] S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040] S3 nokiacpo;Nokia Internet Stick CS-10 Wireless Modem Service Install; C:\WINDOWS\system32\DRIVERS\nokiacpo.sys [2009-03-03 19072] S3 nokiappo;Nokia Internet Stick CS-10 Wireless Modem Power Policy Service; C:\WINDOWS\system32\DRIVERS\nokiappo.sys [2009-03-03 27008] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys [] S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [] S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-03 38528] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672] S2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864] S2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-12-18 457248] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-26 194032] S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] S2 LockServ;LockServ; C:\Acer\Empowering Technology\eLock\LockServ.exe [2006-06-28 520192] S2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-12-18 191008] S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536] S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-02-02 183112] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] RSIT info: [log]info.txt logfile of random's system information tool 1.08 2011-06-27 11:36:29 ======Uninstall list====== -->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x9 -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x15 -removeonly Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x9 -removeonly Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI Acer OrbiCam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\Setup.exe" -l0x9 Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x9 -removeonly Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin Adobe Reader 9.3.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001} Aktualizator Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall ALLPlayer V4.X-->"D:\Programy\ALLPlayer\unins000.exe" Archiwizator WinRAR-->D:\Programy\WinRAR\uninstall.exe Ashampoo Burning Studio 2009-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe" Atheros Client Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92F31257-15BA-46EE-887D-3C18C0790ACE}\setup.exe" -l0x9 -removeonly avast! Pro Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Avidemux 2.5-->D:\Programy\Avidemux 2.5\uninstall.exe Batch PPTX to PPT Converter 2010-->"D:\Programy\Ppt-2-Ppt\unins000.exe" Boxoft Batch Photo Processor-->"C:\Program Files\Boxoft Batch Photo Processor\unins000.exe" Broadcom Wireless LAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}\Setup.exe" -l0x9 UNINSTALL Canon iP1600-->C:\WINDOWS\system32\CNMCP75.exe "-PRINTERNAMECanon iP1600" "-HELPERDLLC:\Documents and Settings\All Users\Dane aplikacji\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0415.dll" CDBurnerXP Pro 3-->MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C} Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Conduit Engine -->C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe engine Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19 Counter-Strike Steamworks Beta-->"C:\Program Files\Steam\steam.exe" steam://uninstall/150 Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10 Crystal Reports for .NET Framework 2.0 (x86)-->MsiExec.exe /I{7C05EEDD-E565-4E2B-ADE4-0C784C17311C} CWK (Czasowy Wyłącznik Komputera)-->"D:\Programy\CWK\CWK.exe" /uninstall CZATeriaKam 2.6.2-->D:\Programy\CZATeria\uninst.exe DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe Day of Defeat-->"C:\Program Files\Steam\steam.exe" steam://uninstall/30 Deathmatch Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/40 Diablo II + Diablo II - Lord of Destruction PL 1.12a-->D:\Mateusz\Gry\Diablo II LOD\Uninstall.exe Drumaxx-->C:\Program Files\Image-Line\Drumaxx\uninstall.exe DVD Shrink 3.2-->"D:\Programy\DVD Shrink\unins000.exe" Easy GIF Animator 5.2-->"C:\Program Files\Easy GIF Animator\unins000.exe" Elasto Mania-->C:\PROGRA~1\ELASTO~1\UNWISE.EXE C:\PROGRA~1\ELASTO~1\INSTALL.LOG Enigma-->MsiExec.exe /X{11C86A01-3C83-4EE3-ADC1-8DE5C3037772} Exact Audio Copy 0.99pb5-->C:\Program Files\Exact Audio Copy\uninst.exe foobar2000 v0.9.6.9 beta 1-->"D:\Programy\foobar2000\uninstall.exe" _?=D:\Programy\foobar2000 FREE Hi-Q Recorder 1.92-->"C:\Program Files\FREE Hi-Q Recorder\unins000.exe" Freez FLV to AVI/MPEG/WMV Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe" Fuse Drivers-->MsiExec.exe /I{2FF5FC32-B2AC-4505-A381-350670AA46D4} GameDesire-Pool & Snooker-->C:\Program Files\Ganymede\billiards_uninstall.exe German Truck Simulator 1.00-->C:\Gry\German Truck Simulator\uninst.exe GIMP 2.6.7-->"D:\Programy\GIMP-2.0\setup\unins000.exe" GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" Half-Life: Blue Shift-->"C:\Program Files\Steam\steam.exe" steam://uninstall/130 Half-Life: Opposing Force-->"C:\Program Files\Steam\steam.exe" steam://uninstall/50 Half-Life-->"C:\Program Files\Steam\steam.exe" steam://uninstall/70 Hard Truck 18 Wheels of Steel-->C:\PROGRA~1\HARDTR~1\UNWISE.EXE C:\PROGRA~1\HARDTR~1\INSTALL.LOG Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" HP Image Zone 4.0-->D:\Programy\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2} Icy Tower v1.4-->"D:\Gry\Icy Tower 1.4\unins000.exe" ipla 1.2.1-->C:\Program Files\ipla\uninst.exe IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe IVONA - syntezator mowy, wersja demonstracyjna-->D:\Programy\Ivona_Demo-1.0\UsunIvonaDemoBeta.exe Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF} K-Lite Codec Pack 6.0.4 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI Magic AAC to MP3 Converter 3.72-->"C:\Program Files\Magic AAC to MP3 Converter\unins000.exe" Malwarebytes' Anti-Malware-->"D:\Programy\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Polish Language Pack-->MsiExec.exe /X{64CB2553-C109-4132-AA51-1F421B515FD1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606} Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe" Mozilla Firefox (3.6.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mp3 Knife 3.2-->"D:\Programy\Mp3 Knife\unins000.exe" MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D} MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} NAPIPROJEKT 1.0.6.2-->"D:\Programy\NAPI-PROJEKT\unins000.exe" Need For Speed™ World-->"C:\Program Files\Electronic Arts\Need For Speed World\unins000.exe" NewSaver-->D:\Programy\Wygaszacz Peugeot\uninstall.exe Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F} Nokia Internet Modem-->MsiExec.exe /X{0687B9DD-4F59-4D05-BF60-875704F3F223} Nokia Ovi Suite Software Updater-->MsiExec.exe /X{3553E875-F00E-4031-BDEC-75FB1DFEB093} Nokia Ovi Suite-->C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer.exe Nokia Ovi Suite-->MsiExec.exe /X{3FC42713-B6E7-49AA-A553-A224FE9828A8} Nokia PC Suite-->C:\Documents and Settings\All Users\Dane aplikacji\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_pol.exe Nokia PC Suite-->MsiExec.exe /I{19DC9559-9C20-4A46-A67D-7ECBA52A2788} Nokia Service Tool Drivers-->MsiExec.exe /I{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8} Nokia Software Updater-->MsiExec.exe /X{4D568C38-0552-4CDD-A643-01FAFA2957EF} Nowe Gadu-Gadu-->D:\Programy\Nowe Gadu-Gadu\Uninstall.exe NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0415 -removeonly NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD} NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U Opera 11.11-->"C:\Program Files\Opera\Opera.exe" /uninstall Ovi Desktop Sync Engine-->MsiExec.exe /X{28191B83-1D60-44B6-9B08-E854EF6632D5} OviMPlatform-->MsiExec.exe /I{08600005-5228-4BF6-845E-E9A957AFDCB4} Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1DD56D2122DDFA3E4C3B165E3A5CFA613B48BDC7\amdk8.inf Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_0777326F40B753DD4E385F058ADB286B70A301FE\nokbtmdm.inf Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_AAB746D5658CCF4CAE7A35CED5F0ADA3C447A973\nokia_bluetooth.inf Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444} Phoenix Service Software 2010.24.003.43250-->"C:\Program Files\Nokia\Phoenix\unins000.exe" Phoenix Service Software-->MsiExec.exe /I{8714DAB9-5656-45CC-B8C4-EAEC9ACB74B0} PhotoScape-->"D:\Programy\PhotoScape\uninstall.exe" Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" PL-2303 USB-to-Serial-->"C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\setup.exe" -runfromtemp -l0x0009 -removeonly PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} RealPlayer-->d:\programy\Update\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} Red Faction Guerrilla-->"C:\Program Files\InstallShield Installation Information\{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}\setup.exe" -runfromtemp -l0x0409 -removeonly RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge Ricochet-->"C:\Program Files\Steam\steam.exe" steam://uninstall/60 Rzeźnik MPEGów 1.1.99-->"D:\Programy\Rzeźnik MPEGów 1.1.99\unins000.exe" Sakura-->C:\Program Files\Image-Line\Sakura\uninstall.exe San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:C:\Program Files\San Andreas Mod Installer\Uninstall\uninstall.xml" Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} Softonic-Eng7 Toolbar-->C:\Program Files\Softonic-Eng7\uninstall.exe Sp5-->MsiExec.exe /I{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C} Sp5Intl-->MsiExec.exe /I{FD4B33E1-24AE-4535-AA7B-162B30FB57CD} Sp5TTInt-->MsiExec.exe /I{E415C943-37E5-473F-8BAE-043C56734124} SpCommon-->MsiExec.exe /I{6C3959C6-943E-44B3-BAAD-570B04B134E5} speed-->D:\Programy\Wygaszacz Speedfight\uninstall.exe SpPhones-->MsiExec.exe /I{4DFF1415-4C29-44A8-BFD4-2BCE249C4991} Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Team Fortress Classic-->"C:\Program Files\Steam\steam.exe" steam://uninstall/20 Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033 The Sims Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0015 The Sims-->"D:\Mateusz\Gry\The Sims\unins000.exe" Total Commander Ultima Prime 4.9.0.0-->"C:\Program Files\TC UP\un_TC UP.exe" Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe Tunatic-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Tunatic UsbFix By TeamXscript-->C:\UsbFix\Un-UsbFix.exe Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} VoIP Phone Charger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B85B4400-C4E3-48CB-BB5C-1D15CED1CC57}\Setup.exe" -l0x9 WapSter AQQ-->D:\Programy\AQQ\uninstall.exe WAV MP3 Converter 1.30-->"C:\Program Files\AudioToolsFactory\WAV MP3 Converter\unins000.exe" Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe ======System event log====== Computer Name: PC Event Code: 7036 Message: Usługa ServiceLayer weszła w stan uruchomienia. Record Number: 31631 Source Name: Service Control Manager Time Written: 20110504141657.000000+120 Event Type: informacje User: Computer Name: PC Event Code: 7035 Message: Do usługi eLock2BurnerLockDriver został pomyślnie wysłany kod sterowania uruchom. Record Number: 31630 Source Name: Service Control Manager Time Written: 20110504141657.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: PC Event Code: 7035 Message: Do usługi Usługa odnajdywania SSDP został pomyślnie wysłany kod sterowania uruchom. Record Number: 31629 Source Name: Service Control Manager Time Written: 20110504141657.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: PC Event Code: 7035 Message: Do usługi ServiceLayer został pomyślnie wysłany kod sterowania uruchom. Record Number: 31628 Source Name: Service Control Manager Time Written: 20110504141657.000000+120 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: PC Event Code: 7036 Message: Usługa Menedżer połączeń usługi Dostęp zdalny weszła w stan uruchomienia. Record Number: 31627 Source Name: Service Control Manager Time Written: 20110504141657.000000+120 Event Type: informacje User: =====Application event log===== Computer Name: PC Event Code: 0 Message: Record Number: 25929 Source Name: gusvc Time Written: 20110503125100.000000+120 Event Type: informacje User: Computer Name: PC Event Code: 0 Message: Record Number: 25928 Source Name: gusvc Time Written: 20110503125000.000000+120 Event Type: informacje User: Computer Name: PC Event Code: 101 Message: wuauclt (6424) Aparat bazy danych został zatrzymany. Record Number: 25927 Source Name: ESENT Time Written: 20110503115703.000000+120 Event Type: informacje User: Computer Name: PC Event Code: 103 Message: wuaueng.dll (6424) SUS20ClientDataStore: Aparat bazy danych zatrzymał wystąpienie (0). Record Number: 25926 Source Name: ESENT Time Written: 20110503115703.000000+120 Event Type: informacje User: Computer Name: PC Event Code: 0 Message: Record Number: 25925 Source Name: gusvc Time Written: 20110503115410.000000+120 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\TC UP\PLUGINS\Library "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=4802 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log] Logi z GMER za kilkanaście minut.
wirusolog komentarz 27 czerwca 2011 komentarz 27 czerwca 2011 (edytowane) [b]1.[/b] Odzyskaj swoją muzykę z kwarantanny USBFix'a, punkt [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]4c.[/url][/b][/color][/u]. [b]2.[/b] Ściągnij [url=http://www.searchengines.pl/phpbb203/pliki/Lacrymosa/OTL/OTL.scr][b][color=blue][u]OTL.scr[/url][/b][/color][/u] i spróbój wykonać z niego loga w Trybie Awaryjnym (F8 przed ładowaniem się systemu). Jeżeli logi będą - wyślij. EDIT: [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found MsConfig - StartUpReg: HPHmon06 - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: HPHUPD06 - hkey= - key= - Reg Error: Value error. File not found MsConfig - StartUpReg: HP Component Manager - hkey= - key= - File not found MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - File not found MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found O4 - HKLM..\RunOnce: [] File not found O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe () O4 - HKLM..\Run: [lsass] File not found O4 - HKLM..\Run: [BroadcomWireless] File not found O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe :Files C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job C:\WINDOWS\lsass C:\WINDOWS\System32\shimg.dll C:\WINDOWS\System32\drivers\str.sys C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\HP Usg Daily.job :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] W panelu sterowania ([b]dodaj lub usuń programy[/b]) odinstaluj śmietka: [b]Softonic-Eng7 Toolbar[/b] , [b]ConduitEngine[/b] [b]3.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [b]Clean[/b] Pokaż raport z tego narzędzia. [b]4.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.
matigrucha15 komentarz 27 czerwca 2011 Autor komentarz 27 czerwca 2011 Raport z OTL po restarcie: [log]All processes killed Error: Unable to interpret <MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpReg: HPHmon06 - hkey= - key= - Reg Error: Value error. File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpReg: HPHUPD06 - hkey= - key= - Reg Error: Value error. File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpReg: HP Component Manager - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpReg: eMuleAutoStart - hkey= - key= - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Ashampoo Burning Studio Updater.exe - - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^SysOp^Menu Start^Programy^Autostart^Rejestracja Need for Speed™ Undercover.lnk - - File not found> in the current context! Error: Unable to interpret <MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk - - File not found> in the current context! Error: Unable to interpret <O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\RunOnce: [] File not found> in the current context! Error: Unable to interpret <O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [UserFaultCheck] File not found> in the current context! Error: Unable to interpret <O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [lsas] C:\WINDOWS\lsass\lsas.exe ()> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [lsass] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [BroadcomWireless] File not found> in the current context! Error: Unable to interpret <O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe> in the current context! ========== FILES ========== C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-2025429265-1177238915-1001.job moved successfully. C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-2025429265-1177238915-1001.job moved successfully. C:\WINDOWS\lsass folder moved successfully. C:\WINDOWS\System32\shimg.dll moved successfully. C:\WINDOWS\System32\drivers\str.sys moved successfully. C:\WINDOWS\tasks\Google Software Updater.job moved successfully. C:\WINDOWS\tasks\HP Usg Daily.job moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User ->Flash cache emptied: 41 bytes User: LocalService User: NetworkService User: SysOp ->Flash cache emptied: 156456 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 53918 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: SysOp ->Temp folder emptied: 255771930 bytes ->Temporary Internet Files folder emptied: 63926787 bytes ->Java cache emptied: 54688806 bytes ->FireFox cache emptied: 52521848 bytes ->Opera cache emptied: 29838319 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 1768448 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 29807424 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 466,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06272011_161742 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found! Registry entries deleted on Reboot... [/log] Nowe logi z OTL.txt: [log]OTL logfile created on: 2011-06-27 16:31:46 - Run 4 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,55% Memory free 4,84 Gb Paging File | 3,99 Gb Available in Paging File | 82,53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 5,94 Gb Free Space | 12,16% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,90 Gb Free Space | 3,20% Space Free | Partition Type: NTFS Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-27 16:21:56 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Temp\RtkBtMnt.exe PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe PRC - [2011-06-04 15:57:51 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- D:\Programy\Update\realsched.exe PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-01-31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe PRC - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010-11-23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010-11-16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-11-15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe PRC - [2010-05-11 11:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe PRC - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-09-28 19:47:12 | 000,385,024 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2006-07-24 18:07:56 | 000,630,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2006-07-18 12:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2006-06-29 11:45:00 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe PRC - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe PRC - [2006-06-28 13:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe PRC - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe PRC - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2008-04-14 21:50:36 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2005-10-11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2001-10-26 20:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (ALG) SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ) SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo) DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo) DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY) DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX) DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver) DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver) DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport) DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport) DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 11:37:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 11:37:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] [2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions [2011-06-27 16:29:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions [2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-06-27 14:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM [2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} [2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BroadcomWireless] File not found O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( ) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lsas] File not found O4 - HKLM..\Run: [lsass] File not found O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer) O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal) O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:12 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT ] O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\AutoRun\command - "" = I:\albkpq3.exe O33 - MountPoints2\{60bae9bb-c13f-11de-b3e2-0016cfb26ce8}\Shell\open\Command - "" = I:\albkpq3.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-27 16:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011-06-27 16:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon [2011-06-27 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-06-27 11:36:09 | 000,000,000 | ---D | C] -- C:\rsit [2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-26 23:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent [2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus [2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu [2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2) [2011-05-19 16:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\LO5 [2011-05-15 12:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 [2011-05-12 21:33:10 | 000,000,000 | ---D | C] -- C:\videooutput [2011-05-12 21:33:07 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\WINDOWS\System32\xvid.ax [2011-05-12 21:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Freez software [2011-05-12 21:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Smallvideosoft [2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe [2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-27 16:28:33 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk [2011-06-27 16:22:20 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-06-27 16:21:15 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-06-27 16:20:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-06-27 16:20:34 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys [2011-06-27 15:54:03 | 209,220,479 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar [2011-06-27 15:34:14 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar [2011-06-27 14:56:10 | 000,000,011 | R--- | M] () -- C:\WINDOWS\amunres.lsl [2011-06-27 14:38:03 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar [2011-06-27 12:28:18 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar [2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-24 18:37:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk [2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db [2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI [2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [2011-05-28 22:48:02 | 000,006,666 | ---- | M] () -- C:\Documents and Settings\SysOp\.recently-used.xbel [2011-05-27 16:49:24 | 000,039,760 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg [2011-05-04 18:12:00 | 014,712,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-27 16:28:33 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk [2011-06-27 16:22:10 | 000,000,972 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-06-27 15:38:00 | 209,220,479 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar [2011-06-27 15:10:23 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar [2011-06-27 14:56:10 | 000,000,011 | R--- | C] () -- C:\WINDOWS\amunres.lsl [2011-06-27 13:42:57 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar [2011-06-27 12:00:13 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar [2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp [2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp [2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys [2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg [2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel [2011-05-27 16:49:23 | 000,039,760 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Avatar.jpg [2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-05-04 19:49:54 | 014,712,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Pompa.3gp [2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat [2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini [2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL [2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe [2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat [2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini [2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini [2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI [2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys [2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys [2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe [2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini [2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini [2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat [2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini [2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat [2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat [2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI [2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe [2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL [2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF [2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools [2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6 [2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo [2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10 [2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux [2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer [2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite [2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog [2011-06-27 10:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000 [2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet [2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo [2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0 [2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6 [2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon [2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla [2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech [2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World [2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia [2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu [2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera [2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite [2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol [2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer [2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] Extras.txt: [log]OTL Extras logfile created on: 2011-06-27 16:31:46 - Run 4 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,55% Memory free 4,84 Gb Paging File | 3,99 Gb Available in Paging File | 82,53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 5,94 Gb Free Space | 12,16% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,90 Gb Free Space | 3,20% Space Free | Partition Type: NTFS Drive H: | 1,83 Gb Total Space | 0,56 Gb Free Space | 30,34% Space Free | Partition Type: FAT Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application "D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation) "D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil "C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve) "C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform "{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20 "{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects "{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI "{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam "{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86) "{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects "{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen "{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director "{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates "{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare "{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010 "{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial "{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations "{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover par C_XX "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009 "avast" = avast! Pro Antivirus "Avidemux 2.5" = Avidemux 2.5 "Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor "CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600 "CWK" = CWK (Czasowy Wyłącznik Komputera) "CZATeriaKam" = CZATeriaKam 2.6.2 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a "Drumaxx" = Drumaxx "DVD Shrink_is1" = DVD Shrink 3.2 "Easy GIF Animator_is1" = Easy GIF Animator 5.2 "Elasto Mania" = Elasto Mania "Exact Audio Copy" = Exact Audio Copy 0.99pb5 "foobar2000" = foobar2000 v0.9.6.9 beta 1 "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Google Updater" = Aktualizator Google "GridVista" = Acer GridVista "Guitar Pro 5_is1" = Guitar Pro 5.2 "Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel "Hardcore" = Hardcore "HP Photo & Imaging" = HP Image Zone 4.0 "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "ipla" = ipla 1.2.1 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18) "Mp3 Knife_is1" = Mp3 Knife 3.2 "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NewSaver" = NewSaver "Nokia Ovi Suite" = Nokia Ovi Suite "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "Opera 11.11.2109" = Opera 11.11 "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "PoiZone" = PoiZone "RealPlayer 12.0" = RealPlayer "Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99 "Sakura" = Sakura "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Sawer" = Sawer "speed" = speed "Steam App 10" = Counter-Strike "Steam App 150" = Counter-Strike Steamworks Beta "Steam App 70" = Half-Life "TC UP" = Total Commander Ultima Prime 4.9.0.0 "The Sims_is1" = The Sims "Toxic Biohazard" = Toxic Biohazard "Usbfix" = UsbFix By TeamXscript "WAV MP3 Converter_is1" = WAV MP3 Converter 1.30 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WinGimp-2.0_is1" = GIMP 2.6.7 "WinRAR archiver" = Archiwizator WinRAR "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 "XP Codec Pack" = XP Codec Pack [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-25 05:01:03 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 09:00:06 | Computer Name = PC | Source = MsiInstaller | ID = 11905 Description = Product: Phoenix Service Software -- Error 1905.Module C:\Program Files\Nokia\Phoenix\gsmgautotuneui.dll failed to unregister. HRESULT -2147220472. Contact your support personnel. Error - 2011-06-27 10:22:02 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7031 Description = Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Karta wydajności WMI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 05:02:39 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 10:23:05 | Computer Name = PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu następującego błędu: %%2 < End of report > [/log] Raport z Ad-Remover: [log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 16:28:39 on 27/06/2011, Normal boot Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) SysOp@PC ( ) ============== ACTION(S) ============== Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\conduit Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\ConduitEngine Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\extensions\engine@conduit.com Folder deleted: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Conduit Folder deleted: C:\Documents and Settings\SysOp\Dane aplikacji\PriceGong (!) -- Temporary files deleted. -- File opened: C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default\Prefs.js -- Line deleted: user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/DEFAULT", "\"... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/PL", "\"0\"")... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2405280", ... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63443493058760... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2405280/CT2405280... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",... Line deleted: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Line deleted: user_pref("CommunityToolbar.EngineOwner", "CT2405280"); Line deleted: user_pref("CommunityToolbar.EngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"); Line deleted: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-eng7"); Line deleted: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Line deleted: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2405280"); Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"); Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-eng7"); Line deleted: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Line deleted: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2405280"); Line deleted: user_pref("CommunityToolbar.ToolbarsList2", "CT2405280"); Line deleted: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line deleted: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 26 2011 23:23:32 GMT+0200"); Line deleted: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line deleted: user_pref("CommunityToolbar.alert.locale", "en"); Line deleted: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line deleted: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 23:23:32 GMT+0200"); Line deleted: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Line deleted: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line deleted: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line deleted: user_pref("CommunityToolbar.alert.showTrayIcon", false); Line deleted: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line deleted: user_pref("CommunityToolbar.alert.userId", "b9bd7644-03a5-41e5-84b4-7243a450a8c2"); Line deleted: user_pref("ConduitEngine.FirstServerDate", "01/13/2011 00"); Line deleted: user_pref("ConduitEngine.FirstTime", true); Line deleted: user_pref("ConduitEngine.FirstTimeFF3", true); Line deleted: user_pref("ConduitEngine.HasUserGlobalKeys", true); Line deleted: user_pref("ConduitEngine.Initialize", true); Line deleted: user_pref("ConduitEngine.InitializeCommonPrefs", true); Line deleted: user_pref("ConduitEngine.InstalledDate", "Wed Jan 12 2011 22:07:01 GMT+0100"); Line deleted: user_pref("ConduitEngine.IsMulticommunity", false); Line deleted: user_pref("ConduitEngine.IsOpenThankYouPage", false); Line deleted: user_pref("ConduitEngine.IsOpenUninstallPage", true); Line deleted: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jun 26 2011 23:23:35 GMT+0200"); Line deleted: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jun 27 2011 13:52:08 GMT+0200"); Line deleted: user_pref("ConduitEngine.PublisherContainerWidth", 0); Line deleted: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Line deleted: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jun 27 2011 13:52:07 GMT+0200"); Line deleted: user_pref("ConduitEngine.UserID", "UN37866952036134565"); Line deleted: user_pref("ConduitEngine.engineLocale", "pl"); Line deleted: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jun 26 2011 23:23:35 GMT+0200"); Line deleted: user_pref("ConduitEngine.initDone", true); -- File closed -- Key deleted: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key deleted: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key deleted: HKLM\Software\Classes\Conduit.Engine Key deleted: HKLM\Software\Classes\Toolbar.CT2405280 Key deleted: HKLM\Software\Conduit Key deleted: HKCU\Software\PriceGong Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\RelevantKnowledge Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831} Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|{6E19037A-12E3-4295-8915-ED48BC341614} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [3.6.18 (pl)] **** Plugins\npganymedenet.dll ( ) HKLM_MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0 (x) Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&sourceid=Mozilla-search) Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results) Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&fraza={searchTerms}&skad=crhhxmkohb) Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms}) Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj) Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&r=T&szukaj={searchTerms}) HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\FireFox\Profiles\o0ubs16m.default -- Extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} (Softonic-Eng7 Community Toolbar) Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18 ======================================== **** Internet Explorer Version [7.0.5730.13] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 92 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 27/06/2011 16:28:49 (9941 Byte(s)) End at: 16:29:57, 27/06/2011 ============== E.O.F ============== [/log] Problem wirusa już zniknął, wielkie dzięki. Co mogę tam jeszcze mieć nie tak? Chciałbym mieć czystego kompa bez wirusów, bo kiedyś często się zdarzało, że przy podłączeniu jakiejś pamięci przenośnej na nią wpieprzał się wirus. Skanowałem całego kompa w Avast i miałem chyba 70 wykrytych zagrożeń, dałem wszystko do kwarantanny ale wyświetla mi, że mam za mało miejsca na dysku, ile tego muszę mieć? Mam teraz 7GB wolnego.
wirusolog komentarz 27 czerwca 2011 komentarz 27 czerwca 2011 Nie wykonał się w całości skrypt bo został upuszczony element (pewnie pomyliłeś się podczas kopiowania skryptu) [size="4"][b]:OTL[/b][/size] Daje kolejny skrypt, tym razem skopiuj wszystko włącznie z [size="4"][b]:OTL[/b][/size] [hr] [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL SRV - File not found [On_Demand | Stopped] -- -- (ALG) FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 [2011-01-11 18:36:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} O4 - HKLM..\Run: [BroadcomWireless] File not found O4 - HKLM..\Run: [lsas] File not found O4 - HKLM..\Run: [lsass] File not found O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [] File not found O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [Boxoft Tools] File not found O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - Startup: C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk = File not found O20 - Winlogon\Notify\mdhcp32: DllName - mdhcp32.dll - File not found :Files C:\WINDOWS\tasks\Google Software Updater.job :Reg [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2] :Commands [clearallrestorepoints] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.
matigrucha15 komentarz 27 czerwca 2011 Autor komentarz 27 czerwca 2011 Raport z restartu: [log]All processes killed ========== OTL ========== Service ALG stopped successfully! Service ALG deleted successfully! Prefs.js: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 removed from extensions.enabledItems Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems Prefs.js: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 removed from extensions.enabledItems Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3 removed from extensions.enabledItems Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 removed from extensions.enabledItems Prefs.js: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2 removed from extensions.enabledItems Prefs.js: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 removed from extensions.enabledItems C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\lib folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome folder moved successfully. C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} folder moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BroadcomWireless deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lsas deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lsass deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully. Registry value HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Boxoft Tools deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully. Invalid CLSID key: _nltide_2 Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found. Invalid CLSID key: _nltide_2 Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully. Invalid CLSID key: _nltide_2 Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully. Invalid CLSID key: _nltide_2 C:\Documents and Settings\SysOp\Menu Start\Programy\Autostart\Canon IJ Status Monitor Canon iP1600.lnk moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mdhcp32\ deleted successfully. ========== FILES ========== C:\WINDOWS\tasks\Google Software Updater.job moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ deleted successfully. ========== COMMANDS ========== Restore points cleared and new OTL Restore Point set! [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: SysOp ->Temp folder emptied: 599257 bytes ->Temporary Internet Files folder emptied: 94927 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Opera cache emptied: 16185143 bytes ->Flash cache emptied: 642 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 16,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06272011_213223 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found! C:\WINDOWS\temp\Perflib_Perfdata_e4c.dat moved successfully. Registry entries deleted on Reboot... [/log] OTL.txt: [log]OTL logfile created on: 2011-06-27 21:45:09 - Run 5 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,21% Memory free 4,84 Gb Paging File | 3,93 Gb Available in Paging File | 81,24% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 7,87 Gb Free Space | 16,12% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,92 Gb Free Space | 3,21% Space Free | Partition Type: NTFS Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-27 21:35:07 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Temp\RtkBtMnt.exe PRC - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe PRC - [2011-06-04 15:57:51 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- D:\Programy\Update\realsched.exe PRC - [2011-05-22 17:53:40 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-02-23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-01-31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe PRC - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2010-11-23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010-11-16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010-11-15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe PRC - [2010-05-11 11:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009-08-10 20:51:08 | 016,269,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2009-07-22 12:29:38 | 004,777,472 | ---- | M] (Creative Team S.A.) -- D:\Programy\AQQ\AQQ.exe PRC - [2009-01-30 09:12:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2008-12-03 19:15:01 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-12-03 19:14:43 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-12-03 19:14:05 | 001,553,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-09-28 19:47:12 | 000,385,024 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2006-07-24 18:07:56 | 000,630,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2006-07-18 12:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2006-06-29 11:45:00 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe PRC - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe PRC - [2006-06-28 13:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe PRC - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe PRC - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe PRC - [2003-06-19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2001-10-26 20:30:04 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2001-02-20 13:09:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CTFMON.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe MOD - [2011-02-23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2008-12-03 19:15:58 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-12-03 19:13:10 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-12-03 19:12:22 | 001,392,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-12-03 19:10:11 | 001,420,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-12-03 19:10:06 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-12-03 18:39:57 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-11-09 18:03:58 | 025,531,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 21:50:36 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2008-04-14 21:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2007-07-11 06:06:54 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2005-10-11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2001-10-26 20:28:30 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-02-23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-12-18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2008-12-18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2006-06-28 18:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ) SRV - [2006-05-11 16:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-02-23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-02-23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-02-23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-02-23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-02-23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-02-23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-02-23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-02-02 09:59:37 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2009-09-05 12:31:26 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-08-10 20:51:09 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-03-03 15:32:48 | 000,027,008 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiappo.sys -- (nokiappo) DRV - [2009-03-03 15:32:48 | 000,019,072 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nokiacpo.sys -- (nokiacpo) DRV - [2008-12-03 18:40:59 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-12-03 18:40:56 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-11-12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\prodigy.sys -- (PRODIGY) DRV - [2006-06-30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D) DRV - [2006-06-25 22:19:54 | 000,564,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX) DRV - [2006-06-08 18:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver) DRV - [2006-06-06 19:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver) DRV - [2006-06-02 14:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\TVicPort.sys -- (tvicport) DRV - [2006-06-02 14:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\zntport.sys -- (zntport) DRV - [2006-06-02 14:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15) DRV - [2006-05-17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\tifm21.sys -- (tifm21) DRV - [2006-05-10 12:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2006-03-04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-03-04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-01-28 06:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-01-13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2004-09-03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-09-03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-07-19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-03-20 11:15:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-04 15:58:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-24 19:22:07 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-27 11:37:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-27 11:37:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-03-19 15:57:37 | 000,000,000 | ---D | M] [2009-08-09 16:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Extensions [2011-06-27 21:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-09 16:08:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\SysOp\Dane aplikacji\Mozilla\Firefox\Profiles\o0ubs16m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-06-27 14:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-07-12 10:06:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-06-04 15:58:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SYSOP\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\O0UBS16M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM [2011-06-24 19:22:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2009-08-21 00:34:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} [2011-03-19 15:57:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2011-04-26 22:29:47 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-04-26 22:29:47 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-26 22:29:47 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-04-26 22:29:47 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-04-26 22:29:47 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-04-26 22:29:47 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( ) O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [TkBellExe] D:\programy\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [AQQ] D:\Programy\AQQ\AQQ.exe (Creative Team S.A.) O4 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Programy\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\nvLsp.dll (NVIDIA) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.116.100.65 79.163.127.70 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (cr1t1cal) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-09 16:16:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-27 11:08:10 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-27 17:04:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SysOp\Recent [2011-06-27 16:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011-06-27 16:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon [2011-06-27 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-06-27 11:36:09 | 000,000,000 | ---D | C] -- C:\rsit [2011-06-27 11:08:10 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011-06-27 10:31:41 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-06-27 10:29:46 | 001,231,967 | ---- | C] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-24 19:22:54 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-06-24 19:22:54 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-06-24 19:22:54 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-06-24 19:22:54 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-06-24 19:22:54 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-06-24 19:22:54 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-06-24 19:22:54 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-06-24 19:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus [2011-06-24 19:22:53 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-06-24 19:22:05 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-06-24 19:22:05 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-06-24 18:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-06-12 18:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nieużywane skróty pulpitu [2011-06-05 18:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SysOp\Pulpit\Nowy folder (2) [2010-02-01 22:48:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [2010-02-01 22:48:04 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe [2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-27 21:39:21 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-06-27 21:34:31 | 000,202,011 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011-06-27 21:33:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-06-27 21:33:50 | 3219,828,736 | -HS- | M] () -- C:\hiberfil.sys [2011-06-27 16:28:33 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk [2011-06-27 15:54:03 | 209,220,479 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar [2011-06-27 15:34:14 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar [2011-06-27 14:56:10 | 000,000,011 | R--- | M] () -- C:\WINDOWS\amunres.lsl [2011-06-27 14:38:03 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar [2011-06-27 12:28:18 | 314,572,800 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar [2011-06-27 11:10:00 | 505,128,165 | ---- | M] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 11:03:43 | 000,501,374 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-06-27 11:03:43 | 000,442,160 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-06-27 11:03:43 | 000,088,814 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-06-27 11:03:43 | 000,071,084 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-06-27 10:50:28 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:29:46 | 001,231,967 | ---- | M] (TeamXscript.org) -- C:\Documents and Settings\SysOp\Pulpit\UsbFix.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-27 10:28:05 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SysOp\Pulpit\OTL.exe [2011-06-27 07:51:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-06-24 19:30:20 | 004,475,956 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-06-24 19:22:54 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-23 17:44:04 | 063,012,864 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-22 17:04:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-06-14 11:58:16 | 000,746,832 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-10 19:18:37 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-09 21:23:13 | 000,046,080 | -H-- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\photothumb.db [2011-06-09 18:33:00 | 000,014,775 | ---- | M] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 18:28:20 | 003,342,336 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:18:36 | 020,643,840 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 14:34:30 | 010,018,627 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-06-04 21:43:46 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI [2011-06-04 15:57:53 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011-05-31 22:20:15 | 003,960,822 | ---- | M] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-27 21:35:17 | 000,000,972 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011-06-27 16:28:33 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\AD-R.lnk [2011-06-27 15:38:00 | 209,220,479 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part4.rar [2011-06-27 15:10:23 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part3.rar [2011-06-27 14:56:10 | 000,000,011 | R--- | C] () -- C:\WINDOWS\amunres.lsl [2011-06-27 13:42:57 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part2.rar [2011-06-27 12:00:13 | 314,572,800 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Euro_PL_Aeon.part1.rar [2011-06-27 11:08:49 | 505,128,165 | ---- | C] () -- C:\UsbFix_Upload_Me_PC.zip [2011-06-27 10:50:28 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\RSIT.exe [2011-06-27 10:28:12 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\22ue0o36.exe [2011-06-26 21:47:01 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\ALP_RG.rdp [2011-06-26 21:47:01 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zeitkraft_RG.rdp [2011-06-24 19:26:50 | 004,475,956 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Miuosh - Piąta Strona Świata.mp3 [2011-06-24 19:22:54 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk [2011-06-24 18:35:07 | 3219,828,736 | -HS- | C] () -- C:\hiberfil.sys [2011-06-23 17:39:58 | 063,012,864 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo00201.3gp [2011-06-09 18:32:59 | 000,014,775 | ---- | C] () -- C:\Documents and Settings\SysOp\Moje dokumenty\dzem_list_do_m.gp4 [2011-06-07 22:30:04 | 000,746,832 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie0184.jpg [2011-06-07 18:28:06 | 003,342,336 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0004.3gp [2011-06-07 17:17:14 | 020,643,840 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Wideo0000.3gp [2011-06-05 19:15:25 | 000,725,842 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Zdjęcie110.jpg [2011-06-05 14:33:04 | 010,018,627 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\Lynyrd Skynyrd - I Need You.mp3 [2011-05-31 22:18:18 | 003,960,822 | ---- | C] () -- C:\Documents and Settings\SysOp\Pulpit\DSC022222222222425.jpg [2011-05-28 22:48:02 | 000,006,666 | ---- | C] () -- C:\Documents and Settings\SysOp\.recently-used.xbel [2011-05-12 21:33:07 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll [2011-05-12 21:33:07 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-05-12 21:33:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-11 18:52:35 | 000,000,613 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini [2011-01-11 18:51:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySmp3con.dat [2011-01-11 18:51:39 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011-01-11 18:22:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini [2010-12-23 16:36:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS75.DLL [2010-11-28 22:54:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2010-07-24 11:43:32 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe [2010-07-23 06:46:58 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-10 09:40:08 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\FSCache.dat [2010-03-31 15:48:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-20 10:47:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\aces.ini [2010-02-02 21:07:04 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini [2010-02-02 20:05:11 | 000,152,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-02-02 19:10:16 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI [2010-02-02 13:35:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys [2010-02-02 13:35:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys [2010-02-01 23:16:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe [2010-02-01 22:48:04 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2010-01-28 10:38:14 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2010-01-28 10:38:14 | 001,032,192 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2010-01-28 10:38:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2010-01-28 10:38:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-11-30 17:46:54 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-11-30 17:46:34 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009-11-30 17:46:27 | 000,063,040 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009-11-04 20:02:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\speed.ini [2009-11-04 19:39:24 | 000,000,052 | ---- | C] () -- C:\WINDOWS\NewSaver.ini [2009-10-11 18:09:41 | 000,000,872 | ---- | C] () -- C:\WINDOWS\eReg.dat [2009-10-04 20:28:16 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini [2009-09-19 07:51:37 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-09-12 15:53:58 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-09-12 12:05:00 | 000,094,252 | ---- | C] () -- C:\WINDOWS\HPHins03.dat [2009-09-12 12:05:00 | 000,002,651 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat [2009-09-07 13:49:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-08-22 19:18:27 | 000,000,459 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI [2009-08-15 22:52:41 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\SysOp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-08-10 21:07:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009-08-10 20:51:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-08-09 21:12:48 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2009-08-09 18:11:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-08-09 18:10:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-08-09 16:21:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe [2009-08-09 16:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2009-08-09 16:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-08-09 16:16:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-08-09 16:13:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009-01-30 09:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-01-30 09:12:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2009-01-30 09:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-01-30 09:12:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2009-01-30 09:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-01-30 09:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-01-30 09:12:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2009-01-30 09:12:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-04-14 22:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-11-02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe [2006-05-17 18:32:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-09-18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001-10-26 19:15:16 | 000,501,374 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 19:15:16 | 000,088,814 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\WINDOWS\System32\DK2WIN32.DLL [2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-18 00:30:24 | 000,442,160 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-18 00:30:22 | 000,071,084 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2009-08-11 23:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Ashampoo [2011-04-06 20:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\AVG10 [2009-12-11 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\avidemux [2011-06-04 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\BESTplayer [2009-09-05 13:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\DAEMON Tools Lite [2011-06-11 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\EurekaLog [2011-06-27 21:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\foobar2000 [2011-01-30 22:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GanymedeNet [2010-03-29 22:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\GetRightToGo [2011-05-28 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\gtk-2.0 [2011-04-12 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Guitar Pro 6 [2010-06-05 13:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\HEXelon [2009-09-29 16:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\ipla [2010-02-02 00:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Leadertech [2010-10-22 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Need for Speed World [2009-08-30 18:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nokia [2009-09-07 19:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Nowe Gadu-Gadu [2011-04-25 21:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Opera [2011-06-24 01:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\PC Suite [2010-07-29 21:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\RigNRoll_pol [2010-11-12 10:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\TeamViewer [2009-08-09 16:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SysOp\Dane aplikacji\Thinstall [2011-04-10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A-PDF [2009-08-11 23:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-06-24 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-04-06 21:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2011-03-21 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth [2011-04-10 20:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Boxtools [2010-12-23 16:35:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2011-04-06 20:28:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2009-09-05 13:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-02-23 16:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-04-12 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Guitar Pro 6 [2010-12-09 19:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2009-09-17 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-04-06 20:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010-12-09 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2011-03-19 15:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2009-08-11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-04-06 22:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] Extras.txt: [log]OTL Extras logfile created on: 2011-06-27 21:45:10 - Run 5 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\SysOp\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,21% Memory free 4,84 Gb Paging File | 3,93 Gb Available in Paging File | 81,24% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 7,87 Gb Free Space | 16,12% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 5,92 Gb Free Space | 3,21% Space Free | Partition Type: NTFS Computer Name: PC | User Name: SysOp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Programy\Microsoft Office 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programy\AQQ\AQQ.exe" = D:\Programy\AQQ\AQQ.exe:*:Enabled:AQQ Communicator -- (Creative Team S.A.) "C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe" = C:\Documents and Settings\SysOp\Pulpit\GPS RG\TeamViewer\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application "D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Mateusz\Gry\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater -- (Nokia Corporation) "D:\Programy\Opera\opera.exe" = D:\Programy\Opera\opera.exe:*:Disabled:Opera Internet Browser "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Disabled:BlueSoleil "C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\stoprocentt\counter-strike\hl.exe:*:Disabled:Counter-Strike -- (Valve) "C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Disabled:Need for Speed World -- (Electronic Arts) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0687B9DD-4F59-4D05-BF60-875704F3F223}" = Nokia Internet Modem "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform "{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20 "{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects "{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI "{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam "{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86) "{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects "{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen "{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director "{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates "{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare "{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2010 "{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial "{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations "{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2) "46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ad-Remover" = Ad-Remover par C_XX "ALLPlayer_is1" = ALLPlayer V4.X "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009 "avast" = avast! Pro Antivirus "Avidemux 2.5" = Avidemux 2.5 "Boxoft Batch Photo Processor_is1" = Boxoft Batch Photo Processor "CANONBJ_Deinstall_CNMCP75.DLL" = Canon iP1600 "CWK" = CWK (Czasowy Wyłącznik Komputera) "CZATeriaKam" = CZATeriaKam 2.6.2 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Diablo II + Diablo II - Lord of Destruction PL 1.12a" = Diablo II + Diablo II - Lord of Destruction PL 1.12a "Drumaxx" = Drumaxx "DVD Shrink_is1" = DVD Shrink 3.2 "Easy GIF Animator_is1" = Easy GIF Animator 5.2 "Elasto Mania" = Elasto Mania "Exact Audio Copy" = Exact Audio Copy 0.99pb5 "foobar2000" = foobar2000 v0.9.6.9 beta 1 "FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92 "Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter "Google Updater" = Aktualizator Google "GridVista" = Acer GridVista "Guitar Pro 5_is1" = Guitar Pro 5.2 "Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel "Hardcore" = Hardcore "HP Photo & Imaging" = HP Image Zone 4.0 "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla "ipla" = ipla 1.2.1 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic) "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18) "Mp3 Knife_is1" = Mp3 Knife 3.2 "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NewSaver" = NewSaver "Nokia Ovi Suite" = Nokia Ovi Suite "Nokia PC Suite" = Nokia PC Suite "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "Opera 11.11.2109" = Opera 11.11 "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "PoiZone" = PoiZone "RealPlayer 12.0" = RealPlayer "Rzeźnik MPEGów 1.1.99_is1" = Rzeźnik MPEGów 1.1.99 "Sakura" = Sakura "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Sawer" = Sawer "speed" = speed "Steam App 10" = Counter-Strike "Steam App 150" = Counter-Strike Steamworks Beta "Steam App 70" = Half-Life "TC UP" = Total Commander Ultima Prime 4.9.0.0 "The Sims_is1" = The Sims "Toxic Biohazard" = Toxic Biohazard "Usbfix" = UsbFix By TeamXscript "WAV MP3 Converter_is1" = WAV MP3 Converter 1.30 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WinGimp-2.0_is1" = GIMP 2.6.7 "WinRAR archiver" = Archiwizator WinRAR "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 "XP Codec Pack" = XP Codec Pack [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-606747145-2025429265-1177238915-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-06-26 10:06:38 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:42 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-26 10:06:45 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd avastui.exe, wersja 6.0.999.0, moduł powodujący błąd , wersja 0.0.0.0, adres błędu 0x00000000. Error - 2011-06-27 01:52:00 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 03:24:45 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:24 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 04:58:57 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 09:00:06 | Computer Name = PC | Source = MsiInstaller | ID = 11905 Description = Product: Phoenix Service Software -- Error 1905.Module C:\Program Files\Nokia\Phoenix\gsmgautotuneui.dll failed to unregister. HRESULT -2147220472. Contact your support personnel. Error - 2011-06-27 10:22:02 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-27 15:35:17 | Computer Name = PC | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ] Error - 2011-06-27 10:23:05 | Computer Name = PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu następującego błędu: %%2 Error - 2011-06-27 15:16:54 | Computer Name = PC | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 192.168.1.115 dla karty sieciowej o adresie 0016D34D777C został zabroniony przez serwer DHCP 192.168.1.1 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Atheros Configuration Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Memory Check Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa LockServ niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:27 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare Intelligent Application Manager (IAM) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:28 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2011-06-27 15:32:29 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa ServiceLayer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log] Jak mam przywrócić te piosenki, które się skasowały? One są z przyrostkiem .vir Muszę zmieniać nazwę każdego z osobna czy jak? W tamtym temacie o UsbFix nic nie pisze o tym w jaki sposób to przywrócić.
wirusolog komentarz 28 czerwca 2011 komentarz 28 czerwca 2011 Logi są czyste. Co do tych piosenek - normalnie wyciągasz je z kwarantanny, niestety z każdego pliku trzeba usunąć przedrostek [b]*.vir[/b]. Gdzieś czytałem, że podobno za pierwszym razem da się usunąć te przedrostki, pisali też o programie [url=http://www.dobreprogramy.pl/Total-Commander,Program,Windows,12316.html][b][color=blue][u]Total Commander[/url][/b][/color][/u]. Spróbój nim pokombinować, jeżeli nie będziesz umiał (sam też nie umiem) to zostaje Ci każdy plik osobno usuwać ten przedrostek. [hr] Jeżeli uda Ci się zrobić te porządki z muzyką, ,,ogarnąć ją" to wykonuj kroki końcowe: [b]1.[/b] Uruchom USBFix i wciśnij [b]UNINSTALL[/b]. [b]2.[/b] Uruchom Ad-Remover'a i wciśnij [b]UNINSTALL[/b]. [b]3.[/b] Uruchom OTL i wciśnij w nim [b]Sprzątanie[/b]. [b]4.[/b] Aktualizacja zabezpieczeń: [quote] Internet Explorer [b](Version = 7.0.5730.13)[/b] "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" =[b] Java™ 6 Update 20[/b] "{AC76BA86-7AD7-1045-7B44-A93000000001}" = [b]Adobe Reader 9.3.2 - Polish[/b] "Adobe Flash Player Plugin" = [b]Adobe Flash Player 10 Plugin[/b] [/quote] [url="http://windows.microsoft.com/pl-PL/internet-explorer/downloads/ie-8"][color="#0000FF"][b]Internet Explorer 8[/b][/color][/url] / [url="http://www.oracle.com/technetwork/java/javase/downloads/index.html"][b][color="#0000FF"]Java 6 Update 26[/color][/b][/url] / [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] / [url="http://get.adobe.com/flashplayer/"][color="#0000FF"][b]Adobe Flash Player 10.3.181.26[/b][/color][/url] / (nie wiem z jakiej wersji Avasta używasz - napisz). [b]5.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.