Krzysiek6 utworzono 27 sierpnia 2011 utworzono 27 sierpnia 2011 (edytowane) Witam. Od paru dni mój komputer strasznie się czymś zamulił. Wszystko się o wiele dłużej otwiera, wszystko dzieje się oporowo. Skanowałem już Trojanem, AVG, Nod and Kaspersky i nic. nic. nic. Logi z OTL [log]OTL logfile created on: 2011-08-27 22:14:20 - Run 1 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 70,77% Memory free 5,09 Gb Paging File | 4,39 Gb Available in Paging File | 86,21% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 24,30 Gb Free Space | 49,78% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 48,29 Gb Free Space | 32,97% Space Free | Partition Type: NTFS Drive E: | 146,48 Gb Total Space | 146,13 Gb Free Space | 99,76% Space Free | Partition Type: NTFS Drive F: | 123,05 Gb Total Space | 122,97 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: KRZYSIEK | User Name: Krzys - PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-08-27 22:12:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-08-18 05:28:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-08-18 05:28:13 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-07-08 05:03:20 | 000,643,072 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2011-07-06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011-06-22 08:47:38 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe PRC - [2011-06-22 08:47:34 | 000,884,304 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe PRC - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-04-18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011-04-14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011-03-16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2010-11-11 14:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe PRC - [2010-11-11 14:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe PRC - [2010-11-11 14:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe PRC - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 23:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 23:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 23:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 23:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 23:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 23:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-06-28 12:31:38 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2007-05-11 03:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe PRC - [2006-10-26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE PRC - [2004-08-11 02:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-08-27 22:12:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\OTL.exe MOD - [2011-08-21 20:18:04 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011-08-18 05:28:17 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2011-08-18 05:28:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2011-08-18 05:28:16 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcpp19.dll MOD - [2011-08-18 05:28:16 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2011-08-18 05:28:16 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2011-08-18 05:28:15 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-08-18 05:28:15 | 000,785,368 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2011-08-18 05:28:15 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozcrt19.dll MOD - [2011-08-18 05:28:14 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2011-08-18 05:28:14 | 000,351,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2011-08-18 05:28:14 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2011-08-18 05:28:14 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2011-08-18 05:28:14 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2011-08-18 05:28:13 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2011-08-18 05:28:13 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2011-08-18 05:28:13 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2011-08-18 05:28:13 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2011-08-18 05:28:12 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2011-08-18 05:28:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2011-08-18 05:28:10 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2011-08-18 05:28:09 | 015,494,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2011-07-08 05:05:16 | 000,212,992 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atipdlxx.dll MOD - [2011-07-08 05:04:48 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\ati2edxx.dll MOD - [2011-07-08 05:04:36 | 000,188,416 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.dll MOD - [2011-07-08 05:03:20 | 000,643,072 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe MOD - [2011-07-08 04:53:14 | 000,208,896 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\atiadlxx.dll MOD - [2011-07-06 19:52:40 | 002,224,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll MOD - [2011-07-06 19:52:40 | 000,174,128 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll MOD - [2011-07-06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MOD - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe MOD - [2011-06-22 08:47:38 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe MOD - [2011-06-22 08:47:36 | 003,405,744 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx MOD - [2011-06-22 08:47:34 | 000,884,304 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe MOD - [2011-06-22 08:47:32 | 000,768,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\esets_apiW_a.dll MOD - [2011-06-15 05:50:28 | 001,859,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgxpl.dll MOD - [2011-05-09 20:09:56 | 001,854,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcslx.dll MOD - [2011-05-04 04:52:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe MOD - [2011-04-29 19:25:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2011-04-28 07:19:52 | 002,035,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwd.dll MOD - [2011-04-18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe MOD - [2011-04-18 17:39:44 | 000,246,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avglngx.dll MOD - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe MOD - [2011-04-14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe MOD - [2011-04-13 05:38:44 | 001,128,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcfgx.dll MOD - [2011-04-12 01:30:42 | 002,897,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avguires.dll MOD - [2011-03-25 06:15:42 | 005,912,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011-03-16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe MOD - [2011-03-16 16:05:14 | 000,543,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchjwx.dll MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2011-02-21 05:52:26 | 000,796,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avglogx.dll MOD - [2011-02-15 05:38:12 | 000,610,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsched.dll MOD - [2011-02-10 07:55:18 | 002,547,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgidpsdkx.dll MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MOD - [2011-02-08 15:33:57 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2011-02-08 05:33:44 | 000,460,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdwsc.dll MOD - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe MOD - [2011-02-08 05:33:08 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsrmx.dll MOD - [2011-02-08 05:33:02 | 000,476,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgamnot.dll MOD - [2011-02-08 05:32:46 | 000,334,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgclitx.dll MOD - [2011-02-08 05:32:44 | 000,867,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcertx.dll MOD - [2011-01-29 18:06:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll MOD - [2011-01-21 16:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2011-01-17 16:19:10 | 000,420,864 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll MOD - [2010-12-22 14:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2010-12-20 19:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2010-12-09 17:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-11-11 14:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe MOD - [2010-11-11 14:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe MOD - [2010-11-11 14:31:26 | 003,824,240 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmwarebase.dll MOD - [2010-11-11 14:31:14 | 000,068,720 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll MOD - [2010-11-11 14:31:00 | 000,970,352 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll MOD - [2010-11-11 14:30:50 | 000,895,600 | ---- | M] (Free Software Foundation) -- C:\Program Files\VMware\VMware Player\iconv.dll MOD - [2010-11-11 14:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe MOD - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe MOD - [2010-11-11 13:26:56 | 000,412,272 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmPerfmon.dll MOD - [2010-11-11 12:28:38 | 000,232,048 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\VMware\VMware Player\ssleay32.dll MOD - [2010-11-11 12:28:36 | 001,038,960 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\VMware\VMware Player\libeay32.dll MOD - [2010-11-09 16:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2010-10-23 02:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll MOD - [2010-09-22 19:12:42 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll MOD - [2010-08-27 10:03:47 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll MOD - [2010-08-27 07:54:13 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2010-08-23 18:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2010-08-16 10:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 14:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2010-06-14 09:43:18 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll MOD - [2010-05-06 12:35:43 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-05-06 12:35:42 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2010-05-06 12:35:37 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll MOD - [2010-05-06 12:35:36 | 011,076,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll MOD - [2010-04-16 18:09:01 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2010-04-16 18:08:59 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2010-04-16 17:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2010-02-05 20:27:40 | 001,295,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\quartz.dll MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-11-07 02:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll MOD - [2009-11-07 02:07:04 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll MOD - [2009-10-13 12:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2009-10-12 15:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2009-10-12 15:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2009-09-11 16:19:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2009-09-04 23:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-08-25 11:19:45 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2009-08-06 20:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll MOD - [2009-07-28 01:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2009-07-17 18:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-07-12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2009-07-12 00:02:02 | 003,780,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2009-07-11 20:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-03-08 05:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2009-03-08 05:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2009-02-27 21:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2009-02-09 12:53:43 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2009-01-07 19:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-07-25 12:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll MOD - [2008-07-25 12:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll MOD - [2008-07-25 12:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll MOD - [2008-07-18 16:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) -- C:\WINDOWS\system32\uxtuneup.dll MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll MOD - [2008-06-24 18:46:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2008-06-20 18:04:23 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2008-04-14 23:51:58 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp MOD - [2008-04-14 23:51:58 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp MOD - [2008-04-14 23:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 23:51:58 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp MOD - [2008-04-14 23:51:58 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp MOD - [2008-04-14 23:51:58 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp MOD - [2008-04-14 23:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2008-04-14 23:51:58 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp MOD - [2008-04-14 23:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe MOD - [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2008-04-14 23:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2008-04-14 23:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2008-04-14 23:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2008-04-14 23:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe MOD - [2008-04-14 23:51:02 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2008-04-14 23:51:02 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2008-04-14 23:51:02 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll MOD - [2008-04-14 23:51:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2008-04-14 23:51:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2008-04-14 23:51:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2008-04-14 23:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-14 23:51:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll MOD - [2008-04-14 23:51:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2008-04-14 23:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-14 23:51:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2008-04-14 23:51:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2008-04-14 23:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 23:50:58 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2008-04-14 23:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 23:50:58 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2008-04-14 23:50:58 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2008-04-14 23:50:58 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2008-04-14 23:50:58 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll MOD - [2008-04-14 23:50:58 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2008-04-14 23:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2008-04-14 23:50:58 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll MOD - [2008-04-14 23:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 23:50:58 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2008-04-14 23:50:58 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2008-04-14 23:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 23:50:58 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2008-04-14 23:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 23:50:58 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2008-04-14 23:50:58 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2008-04-14 23:50:58 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2008-04-14 23:50:58 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2008-04-14 23:50:58 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2008-04-14 23:50:58 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2008-04-14 23:50:58 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2008-04-14 23:50:58 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2008-04-14 23:50:58 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sti.dll MOD - [2008-04-14 23:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 23:50:58 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2008-04-14 23:50:58 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2008-04-14 23:50:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2008-04-14 23:50:58 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2008-04-14 23:50:58 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2008-04-14 23:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2008-04-14 23:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 23:50:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2008-04-14 23:50:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2008-04-14 23:50:58 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll MOD - [2008-04-14 23:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 23:50:48 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2008-04-14 23:50:48 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2008-04-14 23:50:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2008-04-14 23:50:48 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll MOD - [2008-04-14 23:50:48 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2008-04-14 23:50:46 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2008-04-14 23:50:46 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2008-04-14 23:50:46 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll MOD - [2008-04-14 23:50:46 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2008-04-14 23:50:46 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2008-04-14 23:50:46 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll MOD - [2008-04-14 23:50:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2008-04-14 23:50:46 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2008-04-14 23:50:46 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll MOD - [2008-04-14 23:50:46 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2008-04-14 23:50:46 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll MOD - [2008-04-14 23:50:46 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2008-04-14 23:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 23:50:46 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll MOD - [2008-04-14 23:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 23:50:46 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll MOD - [2008-04-14 23:50:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2008-04-14 23:50:46 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2008-04-14 23:50:46 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll MOD - [2008-04-14 23:50:46 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2008-04-14 23:50:46 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2008-04-14 23:50:46 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2008-04-14 23:50:46 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2008-04-14 23:50:46 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2008-04-14 23:50:46 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2008-04-14 23:50:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2008-04-14 23:50:46 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2008-04-14 23:50:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2008-04-14 23:50:46 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2008-04-14 23:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 23:50:46 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2008-04-14 23:50:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2008-04-14 23:50:46 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2008-04-14 23:50:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2008-04-14 23:50:46 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2008-04-14 23:50:46 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2008-04-14 23:50:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2008-04-14 23:50:44 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2008-04-14 23:50:42 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2008-04-14 23:50:42 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll MOD - [2008-04-14 23:50:42 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2008-04-14 23:50:42 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2008-04-14 23:50:42 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2008-04-14 23:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 23:50:42 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2008-04-14 23:50:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-14 23:50:42 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2008-04-14 23:50:42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2008-04-14 23:50:42 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2008-04-14 23:50:42 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2008-04-14 23:50:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2008-04-14 23:50:42 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll MOD - [2008-04-14 23:50:40 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2008-04-14 23:50:40 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2008-04-14 23:50:40 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll MOD - [2008-04-14 23:50:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2008-04-14 23:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 23:50:40 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll MOD - [2008-04-14 23:50:40 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll MOD - [2008-04-14 23:50:40 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2008-04-14 23:50:40 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll MOD - [2008-04-14 23:50:40 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2008-04-14 23:50:40 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2008-04-14 23:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 23:50:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008-04-14 23:50:36 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2008-04-14 23:50:36 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2008-04-14 23:50:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2008-04-14 23:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-14 23:50:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2008-04-14 23:50:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2008-04-14 23:50:34 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2008-04-14 23:50:34 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2008-04-14 23:50:34 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icm32.dll MOD - [2008-04-14 23:50:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2008-04-14 23:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-14 23:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 23:50:34 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2008-04-14 23:50:34 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2008-04-14 23:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll MOD - [2008-04-14 23:50:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2008-04-14 23:50:34 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2008-04-14 23:50:32 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2008-04-14 23:50:32 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2008-04-14 23:50:32 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2008-04-14 23:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 23:50:32 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll MOD - [2008-04-14 23:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2008-04-14 23:50:32 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll MOD - [2008-04-14 23:50:32 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll MOD - [2008-04-14 23:50:32 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll MOD - [2008-04-14 23:50:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\feclient.dll MOD - [2008-04-14 23:50:30 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll MOD - [2008-04-14 23:50:30 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2008-04-14 23:50:28 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll MOD - [2008-04-14 23:50:28 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll MOD - [2008-04-14 23:50:26 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll MOD - [2008-04-14 23:50:24 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2008-04-14 23:50:22 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll MOD - [2008-04-14 23:50:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2008-04-14 23:50:20 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll MOD - [2008-04-14 23:50:20 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll MOD - [2008-04-14 23:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2008-04-14 23:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-14 23:50:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2008-04-14 23:50:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2008-04-14 23:50:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2008-04-14 23:50:18 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2008-04-14 23:50:18 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2008-04-14 23:50:18 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2008-04-14 23:50:16 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2008-04-14 23:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 23:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 23:50:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2008-04-14 23:50:14 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2008-04-14 23:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 23:50:12 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2008-04-14 23:50:10 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2008-04-14 23:50:08 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2008-04-14 23:50:06 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2008-04-14 23:50:06 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2008-04-14 23:50:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2008-04-14 23:50:04 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2008-04-14 23:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 23:49:58 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2008-04-14 23:49:56 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll MOD - [2008-04-14 23:49:56 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2008-04-14 23:49:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2008-04-14 23:49:54 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll MOD - [2008-04-14 23:48:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 23:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2008-04-14 23:31:08 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll MOD - [2008-04-14 22:43:18 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll MOD - [2008-04-14 22:35:18 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2008-04-14 01:08:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2008-04-14 00:07:58 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2008-04-14 00:07:58 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2008-04-13 22:53:32 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2007-06-28 12:31:38 | 000,110,592 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSProxy.dll MOD - [2007-06-28 12:31:38 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe MOD - [2007-06-28 12:31:36 | 000,033,280 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSLog.dll MOD - [2007-05-11 03:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe MOD - [2007-05-11 03:06:22 | 000,015,880 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodagrs.dll MOD - [2007-03-28 19:24:32 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2006-11-24 11:21:30 | 001,721,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\1045\GrooveIntlResource.dll MOD - [2006-10-27 15:26:40 | 016,870,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL MOD - [2006-10-27 15:16:46 | 002,939,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OLMAPI32.DLL MOD - [2006-10-27 00:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2006-10-27 00:48:40 | 001,555,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll MOD - [2006-10-27 00:48:34 | 000,955,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll MOD - [2006-10-27 00:48:02 | 000,222,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll MOD - [2006-10-27 00:47:40 | 000,022,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll MOD - [2006-10-26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll MOD - [2006-10-26 19:56:10 | 000,032,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msonpmon.dll MOD - [2006-10-26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE MOD - [2006-10-26 13:45:04 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\TPCPS.DLL MOD - [2006-03-02 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll MOD - [2006-03-02 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2006-03-02 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2006-03-02 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2006-03-02 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2006-03-02 14:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2006-03-02 14:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2006-03-02 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2006-03-02 14:00:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lz32.dll MOD - [2003-06-19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll MOD - [2001-10-28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-02-15 21:50:01 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010-11-11 14:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010-11-11 14:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service) SRV - [2010-11-11 14:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2010-08-19 14:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2008-07-18 16:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2007-05-11 03:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-07-08 06:12:46 | 007,023,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-04-14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-02-22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011-02-17 11:41:00 | 000,297,888 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2011-02-10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-02-10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-01-27 20:21:10 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-01-07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010-12-18 13:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2010-11-11 14:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci) DRV - [2010-11-11 14:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86) DRV - [2010-11-11 14:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd) DRV - [2010-11-11 14:29:30 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge) DRV - [2010-11-11 14:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif) DRV - [2010-11-11 13:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon) DRV - [2010-11-11 11:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV - [2010-08-19 14:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2008-05-21 01:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008-05-20 11:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-10-12 03:40:12 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide) DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2007-04-16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2004-08-13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002-07-17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1177238915-484061587-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209 FF - prefs.js..extensions.enabledItems: imagedownload@Merci.chao:5.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy\Adobe Reader 9,4\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011-08-09 15:46:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-08-18 05:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-07 21:29:06 | 000,000,000 | ---D | M] [2011-02-26 17:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Extensions [2011-08-18 17:48:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions [2011-03-08 16:52:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-08-18 17:48:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-07-11 21:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-05-09 22:29:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-03-13 21:17:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-11 21:10:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} () (No name found) -- C:\DOCUMENTS AND SETTINGS\KRZYS - PC\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\N9CWLRVJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\KRZYS - PC\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\N9CWLRVJ.DEFAULT\EXTENSIONS\IMAGEDOWNLOAD@MERCI.CHAO.XPI [2011-01-29 18:06:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-08-18 05:28:17 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-05-06 07:06:41 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-06 07:06:41 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-06 07:06:41 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-06 07:06:41 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-06 07:06:41 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-06 07:06:41 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O3 - HKU\S-1-5-21-1177238915-484061587-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-04-10 21:09:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{7815ab40-95ff-11e0-a57d-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{7815ab40-95ff-11e0-a57d-005056c00008}\Shell\AutoRun\command - "" = I:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-08-27 22:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011-08-27 21:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-08-27 21:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Malwarebytes [2011-08-27 21:21:06 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-08-27 21:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-08-27 21:21:02 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-08-27 21:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-08-27 21:10:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzys - PC\Recent [2011-08-27 21:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Trucks & Trailers [2011-08-27 21:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia [2011-08-27 20:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Trucks & Trailers [2011-08-15 19:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Trojan Remover [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Simply Super Software [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software [2011-08-15 19:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-08-15 19:12:06 | 000,000,000 | ---D | C] -- C:\ATI [2011-08-10 22:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage [2011-08-10 05:25:42 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011-08-10 05:25:35 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011-07-31 19:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Skype [2011-07-31 19:54:34 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2011-07-31 19:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2011-07-31 19:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2011-07-31 09:50:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2011-07-20 17:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 [2011-07-20 17:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2011-07-19 17:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011-07-19 17:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2011-07-19 17:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2011-07-19 15:07:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2011-07-13 15:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\dwhelper [2011-07-11 21:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-07-11 21:10:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011-07-11 21:10:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011-07-11 21:10:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-08-27 22:00:00 | 000,000,540 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job [2011-08-27 21:40:01 | 000,001,152 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004UA.job [2011-08-27 21:21:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-08-27 21:18:25 | 000,612,066 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-08-27 21:18:25 | 000,545,008 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-08-27 21:18:25 | 000,132,810 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-08-27 21:18:25 | 000,104,864 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-08-27 21:13:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-08-27 21:13:28 | 000,552,941 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2011-08-27 20:45:01 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Trucks & Trailers.lnk [2011-08-27 19:28:39 | 129,977,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2011-08-27 19:23:29 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-08-26 17:41:45 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Pulpit\Google Chrome.lnk [2011-08-23 20:00:05 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjw.avm [2011-08-21 20:18:05 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-08-21 13:40:00 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004Core.job [2011-08-19 16:40:08 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-19 16:19:20 | 004,601,852 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\DSC03518.JPG [2011-08-19 16:19:03 | 004,632,961 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\DSC03515.JPG [2011-08-15 19:39:06 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Remover.lnk [2011-08-15 19:37:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-08-15 18:28:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-08-13 23:40:02 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2011-08-13 23:40:02 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2011-08-09 15:46:49 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk [2011-08-03 16:59:34 | 000,002,561 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2011-08-03 16:59:34 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2011-07-31 19:54:34 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-07-22 18:32:44 | 000,041,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2011-07-20 17:06:27 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk [2011-07-15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011-07-14 18:13:52 | 003,614,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-08 16:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011-07-08 06:12:46 | 007,023,104 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2011-07-08 06:12:46 | 007,023,104 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys [2011-07-08 06:09:28 | 000,311,296 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll [2011-07-08 05:45:16 | 000,057,344 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll [2011-07-08 05:45:06 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll [2011-07-08 05:42:12 | 005,111,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll [2011-07-08 05:38:30 | 017,989,632 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll [2011-07-08 05:23:10 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll [2011-07-08 05:22:08 | 000,302,592 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll [2011-07-08 05:22:08 | 000,302,592 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2011-07-08 05:21:34 | 004,091,648 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll [2011-07-08 05:21:34 | 004,091,648 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2011-07-08 05:15:26 | 000,956,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll [2011-07-08 05:05:16 | 000,212,992 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll [2011-07-08 05:05:04 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll [2011-07-08 05:04:56 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe [2011-07-08 05:04:48 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll [2011-07-08 05:04:36 | 000,188,416 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll [2011-07-08 05:03:12 | 003,155,072 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll [2011-07-08 05:03:12 | 003,155,072 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2011-07-08 05:01:58 | 000,053,248 | ---- | M] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL [2011-07-08 05:01:16 | 000,172,040 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb [2011-07-08 05:00:38 | 000,151,552 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe [2011-07-08 05:00:36 | 000,808,160 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2011-07-08 04:59:52 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat [2011-07-08 04:59:52 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat [2011-07-08 04:56:52 | 000,651,264 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll [2011-07-08 04:53:32 | 000,507,904 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2011-07-08 04:53:14 | 000,208,896 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2011-07-08 04:52:54 | 000,017,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll [2011-07-08 04:47:44 | 000,868,352 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll [2011-07-08 04:47:44 | 000,868,352 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2011-07-08 04:46:38 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll [2011-07-08 04:46:38 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll [2011-07-08 04:46:24 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll [2011-07-07 21:29:06 | 000,001,534 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-06-29 21:40:48 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-08-27 21:21:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-08-27 20:45:01 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Trucks & Trailers.lnk [2011-08-19 16:17:35 | 004,601,852 | ---- | C] () -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\DSC03518.JPG [2011-08-19 16:17:19 | 004,632,961 | ---- | C] () -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\DSC03515.JPG [2011-08-15 19:39:06 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Remover.lnk [2011-08-01 10:19:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-07-31 19:54:34 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-07-20 17:06:27 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk [2011-05-25 21:40:31 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-05-25 21:40:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-05-04 21:24:03 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-05-04 21:24:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-04-27 10:54:27 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011-04-05 22:09:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011-02-15 21:48:49 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-02-11 18:32:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI [2011-01-27 22:20:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-01-27 21:56:16 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-27 20:10:20 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-01-27 19:45:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-01-27 19:45:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-01-27 19:45:31 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-01-27 19:45:31 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-27 19:45:30 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-01-27 19:37:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-01-27 19:34:34 | 003,614,512 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-27 19:01:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-01-27 19:01:11 | 000,234,142 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2011-01-27 18:59:01 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-01-27 18:56:30 | 000,037,015 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2011-01-27 18:56:23 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2011-01-27 18:56:12 | 000,036,636 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011-01-27 18:56:11 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011-01-27 18:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-01-27 18:43:26 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-04-10 21:09:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI [2010-04-10 21:09:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-04-10 21:09:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010-04-10 21:08:36 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2010-04-10 21:08:36 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2010-04-10 21:08:36 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2010-04-10 21:08:36 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006-03-02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006-03-02 14:00:00 | 000,612,066 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006-03-02 14:00:00 | 000,545,008 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006-03-02 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006-03-02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006-03-02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006-03-02 14:00:00 | 000,132,810 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006-03-02 14:00:00 | 000,104,864 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006-03-02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006-03-02 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006-03-02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006-03-02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-03-02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006-03-02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006-03-02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-05-20 15:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2011-01-30 23:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-02-10 15:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Astroburn Lite [2011-08-15 19:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2011-06-09 22:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-01-29 13:38:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-01-27 20:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-06-12 14:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-01-27 19:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-05-04 22:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Innovative Solutions [2011-02-03 00:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2011-05-16 18:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-06-05 08:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-05-04 22:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters [2011-04-10 19:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2011-08-15 19:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software [2011-08-27 22:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-15 21:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011-01-30 23:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Ashampoo Photo Commander 5 [2011-01-29 13:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\AVG10 [2011-01-29 12:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\DAEMON Tools Lite [2011-08-19 16:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\foobar2000 [2011-03-06 23:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10 [2011-02-01 16:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\GHISLER [2011-05-20 15:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\InImages [2011-08-02 21:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Kingston [2011-03-20 15:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\OpenFM [2011-05-09 22:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\OpenOffice.org [2011-08-15 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Simply Super Software [2011-03-28 18:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\TeamViewer [2011-02-15 21:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\TuneUp Software [2011-06-07 17:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\uTorrent [2011-08-27 22:00:00 | 000,000,540 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja jednym kliknięciem.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-04-10 21:09:45 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-05-24 20:29:24 | 000,000,413 | RHS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-04-10 21:09:45 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-04-10 21:09:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-08-27 22:00:08 | 000,152,352 | ---- | M] () -- C:\mksbasel.cpp.log [2010-04-10 21:09:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2011-01-27 20:17:36 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-08-27 21:13:29 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [2008-04-14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2008-04-14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 00:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2008-04-14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2011-02-08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 23:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [2008-04-14 23:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2008-04-14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2008-04-14 23:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 < End of report > [/log] [log]OTL Extras logfile created on: 2011-08-27 22:14:20 - Run 1 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 70,77% Memory free 5,09 Gb Paging File | 4,39 Gb Available in Paging File | 86,21% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 24,30 Gb Free Space | 49,78% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 48,29 Gb Free Space | 32,97% Space Free | Partition Type: NTFS Drive E: | 146,48 Gb Total Space | 146,13 Gb Free Space | 99,76% Space Free | Partition Type: NTFS Drive F: | 123,05 Gb Total Space | 122,97 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: KRZYSIEK | User Name: Krzys - PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Programy\AVG10\avgmfapx.exe" = D:\Programy\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "D:\Programy\totalcmd\TOTALCMD.EXE" = D:\Programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Game PC\cs 1.6\hl.exe" = D:\Game PC\cs 1.6\hl.exe:*:Enabled:Half-Life Launcher "C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.) "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "D:\Game PC\cs\hl.exe" = D:\Game PC\cs\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe" = C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe" = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe:*:Enabled:qwcl "D:\Game PC\dirt 2\dirt2_game.exe" = D:\Game PC\dirt 2\dirt2_game.exe:*:Enabled:DiRT2 Executable "C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2011 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Impreza w plenerze Akcesoria "{1289965E-A50A-759C-C365-2062F94CD55C}" = ccc-utility "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{17D2D36F-BBD5-82A8-C717-E1C8A0E7A571}" = ccc-utility "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{39592F46-9FCF-E9A5-A740-6753BCE006D7}" = CCC Help English "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011 "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Nowoczesny apartament Akcesoria "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Miejskie Życie Akcesoria "{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{95A43C1B-AE7B-375B-CD9C-E0B1AF80008F}" = Catalyst Control Center Graphics Previews Common "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.5 - Polish "{AE04A701-0B3D-80AF-1514-9676BC2B7E2D}" = CCC Help English "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże "{BC61F51E-8AF7-46B9-AF20-B33B5EE81045}" = Nero 7 Essentials "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C3194A55-DF60-89DE-3A61-3176F829186C}" = Catalyst Control Center InstallProxy "{C557E258-E9DB-B062-3E95-DCC3DF1DF6FD}" = Catalyst Control Center Graphics Previews Common "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1 "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Pokolenia "{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3 "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F48DC94B-E4EC-6F4C-6CA2-B3F2D13FF0FD}" = ATI Catalyst Install Manager "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer_is1" = ALLPlayer V4.X "Ashampoo Photo Commander 5_is1" = Ashampoo Photo Commander 5.40 "AVG" = AVG 2011 "CCleaner" = CCleaner "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "foobar2000" = foobar2000 v1.1.2 "Gadu-Gadu 10" = Gadu-Gadu 10 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.8.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 6.0 (x86 pl)" = Mozilla Firefox 6.0 (x86 pl) "MTA:SA" = MTA:SA v1.0.4-rc-02033-2-000 "OpenAL" = OpenAL "Picasa 3" = Picasa 3 "Pity Format 2010_is1" = Pity Format 2010 "SkanerOnline" = Skaner on-line mks_vir "SpeedFan" = SpeedFan (remove only) "TeamViewer 6" = TeamViewer 6 "Totalcmd" = Total Commander (Remove or Repair) "Trojan Remover_is1" = Trojan Remover 6.8.2 "Trucks & Trailers" = Trucks & Trailers 1.00 "VMware_Player" = VMware Player "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-08-13 15:21:48 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-08-13 15:21:48 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2011-08-13 17:33:50 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:40:17 | Computer Name = KRZYSIEK | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 2011-08-15 12:53:07 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd dirt2_game.exe, wersja 1.0.0.0, moduł powodujący błąd dirt2_game.exe, wersja 1.0.0.0, adres błędu 0x00aae252. Error - 2011-08-15 13:20:52 | Computer Name = KRZYSIEK | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 162 z d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-08-27 15:04:34 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd sims3launcherw.exe, wersja 0.430.0.521, moduł powodujący błąd msvcr80.dll, wersja 8.0.50727.4053, adres błędu 0x000260f7. [ System Events ] Error - 2011-08-27 16:25:15 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:19 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:24 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:28 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:32 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:37 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:42 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:46 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:51 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-27 16:25:55 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. < End of report > [/log] Log z RSIT [log]Logfile of random's system information tool 1.09 (written by random/random) Run by Krzys - PC at 2011-08-27 22:49:08 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 25 GB (50%) free of 50 GB Total RAM: 3327 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:49:19, on 2011-08-27 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG10\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\WINDOWS\system32\vmnat.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\VMware\VMware Player\vmware-authd.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\WINDOWS\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\RSIT.exe C:\Program Files\trend micro\Krzys - PC.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe -- End of file - 7974 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KRZYSIEK-Krzys - PC.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004UA.job C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209, imagedownload@Merci.chao:5.0, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\ "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=D:\Programy\Adobe Reader 9,4\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll NPOFF12.DLL nppdf32.dll C:\Program Files\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions\ {20a82645-c095-46ed-80e3-08825760534b} {b9db16a4-6edc-47ec-a1f4-b86292ed211d} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-08-05 2274144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2011-07-08 188416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Programy\Gadu-Gadu 10\gg.exe"="D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\Programy\AVG10\avgmfapx.exe"="D:\Programy\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG" "D:\Programy\totalcmd\TOTALCMD.EXE"="D:\Programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit" "D:\Game PC\cs 1.6\hl.exe"="D:\Game PC\cs 1.6\hl.exe:*:Enabled:Half-Life Launcher" "C:\Program Files\VMware\VMware Player\vmware-authd.exe"="C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd" "C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG" "D:\Game PC\cs\hl.exe"="D:\Game PC\cs\hl.exe:*:Enabled:Half-Life Launcher" "C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe"="C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher" "C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe"="C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe:*:Enabled:qwcl" "D:\Game PC\dirt 2\dirt2_game.exe"="D:\Game PC\dirt 2\dirt2_game.exe:*:Enabled:DiRT2 Executable" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\AVG\AVG10\avgdiagex.exe"="C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2011" "C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci" "C:\Program Files\AVG\AVG10\avgemcx.exe"="C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\VMware\VMware Player\vmware-authd.exe"="C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "msacm.l3fhg"=mp3fhg.acm "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "VIDC.FFDS"=ff_vfw.dll "vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll "vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll "VIDC.VMnc"=vmnc.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2011-08-27 22:49:12 ----D---- C:\Program Files\trend micro 2011-08-27 22:49:08 ----D---- C:\rsit 2011-08-27 22:01:11 ----D---- C:\Program Files\ESET 2011-08-27 21:58:55 ----D---- C:\Program Files\SkanerOnline 2011-08-27 21:21:11 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Malwarebytes 2011-08-27 21:21:06 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2011-08-27 21:21:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2011-08-27 21:21:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-08-27 21:21:02 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2011-08-27 21:02:06 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia 2011-08-26 17:36:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$ 2011-08-15 19:38:58 ----D---- C:\Program Files\Trojan Remover 2011-08-15 19:38:58 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Simply Super Software 2011-08-15 19:38:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software 2011-08-15 19:12:57 ----D---- C:\Program Files\ATI 2011-08-15 19:12:06 ----D---- C:\ATI 2011-08-11 11:16:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$ 2011-08-11 11:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$ 2011-08-11 11:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$ 2011-08-10 23:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$ 2011-08-10 23:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$ 2011-08-10 22:30:53 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage 2011-08-01 10:19:30 ----A---- C:\WINDOWS\system32\d3d9caps.dat 2011-07-31 19:54:42 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Skype 2011-07-31 19:54:34 ----RD---- C:\Program Files\Skype 2011-07-31 19:54:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Skype 2011-07-31 09:50:15 ----D---- C:\WINDOWS\Minidump ======List of files/folders modified in the last 1 month====== 2011-08-27 22:49:12 ----RD---- C:\Program Files 2011-08-27 22:01:08 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2011-08-27 22:00:27 ----D---- C:\WINDOWS\Prefetch 2011-08-27 21:59:00 ----D---- C:\WINDOWS\system32 2011-08-27 21:58:55 ----SD---- C:\WINDOWS\Downloaded Program Files 2011-08-27 21:58:55 ----D---- C:\WINDOWS 2011-08-27 21:25:00 ----D---- C:\WINDOWS\Temp 2011-08-27 21:21:10 ----D---- C:\WINDOWS\system32\drivers 2011-08-27 21:18:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2011-08-27 21:15:04 ----D---- C:\WINDOWS\system32\CatRoot2 2011-08-27 21:14:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\VMware 2011-08-27 21:11:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2011-08-27 19:28:41 ----D---- C:\WINDOWS\system32\drivers\AVG 2011-08-27 19:22:28 ----HD---- C:\WINDOWS\inf 2011-08-19 16:43:02 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\foobar2000 2011-08-18 05:28:30 ----D---- C:\Program Files\Mozilla Firefox 2011-08-15 21:18:42 ----SD---- C:\WINDOWS\Tasks 2011-08-15 19:59:26 ----RSHDC---- C:\WINDOWS\system32\dllcache 2011-08-15 19:21:01 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 2011-08-15 19:13:10 ----D---- C:\WINDOWS\system32\ReinstallBackups 2011-08-15 19:13:08 ----SHD---- C:\WINDOWS\Installer 2011-08-15 19:13:05 ----DC---- C:\WINDOWS\system32\DRVSTORE 2011-08-15 19:13:03 ----D---- C:\Config.Msi 2011-08-15 19:02:08 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Media Player Classic 2011-08-15 18:51:59 ----D---- C:\WINDOWS\WinSxS 2011-08-15 18:51:11 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft 2011-08-15 18:47:56 ----HD---- C:\Program Files\InstallShield Installation Information 2011-08-15 18:47:56 ----D---- C:\Program Files\Common Files 2011-08-15 18:28:06 ----A---- C:\WINDOWS\NeroDigital.ini 2011-08-15 15:39:26 ----D---- C:\WINDOWS\Debug 2011-08-14 10:51:42 ----D---- C:\WINDOWS\Microsoft.NET 2011-08-14 10:51:40 ----RSD---- C:\WINDOWS\assembly 2011-08-13 23:45:26 ----A---- C:\WINDOWS\system32\MRT.exe 2011-08-13 23:35:28 ----D---- C:\WINDOWS\system32\CatRoot 2011-08-13 23:26:36 ----D---- C:\WINDOWS\system32\config 2011-08-13 23:25:03 ----D---- C:\WINDOWS\system32\wbem 2011-08-13 23:24:55 ----D---- C:\WINDOWS\Registration 2011-08-13 23:19:07 ----D---- C:\Program Files\SpeedFan 2011-08-13 22:53:29 ----D---- C:\WINDOWS\system32\DirectX 2011-08-13 22:49:01 ----D---- C:\Program Files\ATI Technologies 2011-08-11 11:15:50 ----HD---- C:\WINDOWS\$hf_mig$ 2011-08-02 21:19:39 ----D---- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Kingston 2011-08-02 15:57:11 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Norton 2011-08-02 15:57:06 ----D---- C:\Program Files\Common Files\Symantec Shared ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096] R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592] R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248] R0 ohci1394;Kontroler hosta IEEE 1394 zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2010-12-18 21696] R1 AmdPPM;Sterownik procesora AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792] R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896] R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-04-05 297168] R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 WmiAcpi;Interfejs zarządzania Microsoft Windows dla ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032] R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [] R2 vmci;VMware vmci; \??\C:\WINDOWS\system32\Drivers\vmci.sys [] R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2010-11-11 32752] R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys [] R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys [] R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [] R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-07-08 7023104] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696] R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480] R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144] R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 27216] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-27 218688] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys [] R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2010-11-11 16560] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-02-17 297888] S1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-01-07 248656] S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336] S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys [] S3 cpuz130;cpuz130; \??\C:\DOCUME~1\KRZYS-~1\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-07-08 643072] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640] R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2010-11-11 113264] R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2010-11-11 334448] R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248] R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2010-11-11 404080] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2011-02-15 361728] S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [2010-08-19 191024] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] [log]info.txt logfile of random's system information tool 1.09 2011-08-27 22:49:20 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3DMark06-->"C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -runfromtemp -l0x0009 -removeonly Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10v_Plugin.exe -maintain plugin Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA} Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}" Adobe Reader 9.4.5 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001} Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Aktualizacja dla systemu Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" ALLPlayer V4.X-->"D:\Programy\ALLPlayer\unins000.exe" AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0015 -removeonly Ashampoo Photo Commander 5.40-->"D:\Programy\Ashampoo Photo Commander 5\unins000.exe" ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7} AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall AVG 2011-->MsiExec.exe /I{20EAC554-95F9-4926-8D9A-C4FF3EC44C72} AVG 2011-->MsiExec.exe /I{695B13B2-7919-4EC5-8601-092F0D2DE069} Catalyst Control Center - Branding-->MsiExec.exe /I{5FD89EA1-99C2-40EE-BBF5-20F8991ED756} Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe foobar2000 v1.1.2-->"D:\Programy\foobar2000\uninstall.exe" _?=D:\Programy\foobar2000 Gadu-Gadu 10-->D:\Programy\Gadu-Gadu 10\Uninstall.exe High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" IrfanView (remove only)-->D:\Programy\IrfanView\iv_uninstall.exe Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022F0} Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF} K-Lite Mega Codec Pack 6.8.0-->"D:\Programy\K-Lite Codec Pack\unins000.exe" Malwarebytes' Anti-Malware wersja 1.51.1.1800-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE} Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE} Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE} Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE} Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE} Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE} Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE} Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox 6.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MTA:SA v1.0.4-rc-02033-2-000-->D:\Game PC\MTA Gta San Andreas\Uninstall.exe Nero 7 Essentials-->MsiExec.exe /X{BC61F51E-8AF7-46B9-AF20-B33B5EE81045} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} O&O Defrag Professional Edition-->MsiExec.exe /I{53480330-E1D1-41CA-B8F8-7F78644F7F50} OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U OpenOffice.org 3.3-->MsiExec.exe /I{EB87675F-5281-4767-A54B-31931794C23D} PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Pity Format 2010-->"D:\Programy\Pity Format 2010\unins000.exe" Poprawka dla systemu Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x15 -removeonly Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Skaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exe Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A} SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe" swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe The Sims™ 3 Impreza w plenerze Akcesoria-->"C:\Program Files\InstallShield Installation Information\{117B6BF6-82C3-420C-B284-9247C8568E53}\Sims3SP03Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Kariera-->"C:\Program Files\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Miejskie Życie Akcesoria-->"C:\Program Files\InstallShield Installation Information\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}\Sims3SP04Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Nowoczesny apartament Akcesoria-->"C:\Program Files\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\Sims3SP01Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Po zmroku-->"C:\Program Files\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\Sims3EP03Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Pokolenia-->"C:\Program Files\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Szybka jazda Akcesoria-->"C:\Program Files\InstallShield Installation Information\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}\Sims3SP02Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3 Wymarzone Podróże-->"C:\Program Files\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\Sims3EP01Setup.exe" -runfromtemp -l0x0015 -removeonly The Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0015 -removeonly tools-linux-->MsiExec.exe /X{D102611A-6466-4101-A51D-51069303AC65} Total Commander (Remove or Repair)-->D:\Programy\totalcmd\tcuninst.exe Trojan Remover 6.8.2-->"C:\Program Files\Trojan Remover\unins000.exe" Trucks & Trailers 1.00-->D:\Game PC\Trucks & Trailers\uninst.exe TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VMware Player-->C:\Documents and Settings\All Users\Dane aplikacji\VMware\VMware Player\Uninstaller\uninstall.exe -x -S "C:\Documents and Settings\All Users\Dane aplikacji\VMware\VMware Player\Uninstaller\" VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405} Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->D:\Programy\WinRAR 3.93\uninstall.exe ======System event log====== Computer Name: KRZYSIEK Event Code: 7 Message: W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Record Number: 78168 Source Name: Disk Time Written: 20110821101238.000000+120 Event Type: błąd User: Computer Name: KRZYSIEK Event Code: 7 Message: W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Record Number: 78167 Source Name: Disk Time Written: 20110821101232.000000+120 Event Type: błąd User: Computer Name: KRZYSIEK Event Code: 7 Message: W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Record Number: 78166 Source Name: Disk Time Written: 20110821101232.000000+120 Event Type: błąd User: Computer Name: KRZYSIEK Event Code: 138 Message: Autonegotiation Mode 2 Record Number: 78165 Source Name: yukonwxp Time Written: 20110821101232.000000+120 Event Type: informacje User: Computer Name: KRZYSIEK Event Code: 34 Message: () Driver entry successful. Record Number: 78164 Source Name: VMnetAdapter Time Written: 20110821101232.000000+120 Event Type: informacje User: =====Application event log===== Computer Name: KRZYSIEK Event Code: 1001 Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie usunięte. Dane rekordu zawierają nowe wartości wpisów Last Counter (ostatni licznik) i Last Help (ostatnia Pomoc) do Rejestru systemowego. Record Number: 5 Source Name: LoadPerf Time Written: 20110731095441.000000+120 Event Type: informacje User: Computer Name: KRZYSIEK Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 4 Source Name: SecurityCenter Time Written: 20110731095039.000000+120 Event Type: informacje User: Computer Name: KRZYSIEK Event Code: 1000 Message: Using configuration file: C:\Documents and Settings\All Users\Dane aplikacji\VMware\vmnetnat.conf. IP address: 192.168.177.2 Subnet: 255.255.255.0 External IP address: 0.0.0.0 Device: vmnet8. MAC address: 00:50:56:E5:14:05. Ignoring host MAC address: 00:50:56:C0:00:08. Record Number: 3 Source Name: VMware NAT Service Time Written: 20110731095039.000000+120 Event Type: informacje User: Computer Name: KRZYSIEK Event Code: 1000 Message: Service started Record Number: 2 Source Name: VMware NAT Service Time Written: 20110731095039.000000+120 Event Type: informacje User: Computer Name: KRZYSIEK Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 1 Source Name: LightScribeService Time Written: 20110731095032.000000+120 Event Type: informacje User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0203 "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log]
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 Daj jeszcze log z GMER [b][url="http://www.fixitpc.pl/topic/60-diagnostyka-infekcje-typu-rootkit/page__p__318#entry318"]KLIK[/url][/b]
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 z GMEREM to jest problem. Zacina się przy skanowaniu C:\WINDOWS .
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 [quote name='squonk' timestamp='1314528785' post='1331710'] Spróbuj wykonać skan w trybie awaryjnym. [/quote] w trybie awaryjnym jest ten sam problem.
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 (edytowane) Pobierz nową wersje Gmera z linka który podałem i wystartuj jeszcze raz w trybie awaryjnym. Alternatywnie jeśli znowu sie zawiesi daj log z[b] RootRepeal[/b] [b][color="#0000FF"][url="http://www.fixitpc.pl/topic/60-diagnostyka-infekcje-typu-rootkit/page__p__319#entry319"]KLIK[/url][/color][/b]
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 Log z RootRepeal [log]ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time: 2011/08/28 13:46 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xADF17000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF79BD000 Size: 8192 File Visible: No Signed: - Status: - Name: giveio.sys Image Path: giveio.sys Address: 0xF7A51000 Size: 1664 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xAB146000 Size: 49152 File Visible: No Signed: - Status: - Name: speedfan.sys Image Path: speedfan.sys Address: 0xF789B000 Size: 14848 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\WINDOWS\system32\dllcache\wshnetbs.dll Status: Locked to the Windows API! Path: C:\WINDOWS\system32\dllcache\wshpl.dll Status: Locked to the Windows API! Path: C:\Documents and Settings\All Users\Dane aplikacji\AVG10\Chjw\26ec842cec83f3f9.dat:941f4279-501a-4e7c-bffa-c7687d659e0e Status: Visible to the Windows API, but not on disk. Path: C:\Documents and Settings\All Users\Dane aplikacji\AVG10\IDS\outbox00\5 Status: Locked to the Windows API! Path: \\?\C:\Documents and Settings\All Users\Dane aplikacji\AVG10\IDS\outbox00\5\* Status: Could not enumerate files with the Windows API (0x00000017)! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a8d97529a2200d3508eac20af45c7cb0bc97ef0d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c088f19b59d91622c5284bcaee162b31e53c288e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_d49164a862d3d88c9108bb11327a0aef2e2f7d2a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_f26b05091ab94da8e0f467351b7de1ec561a74ed.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a3a2c57d1fa2f28da77adff1a88e7c5b64478d91.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a3ab3c6ffbfb8c0a7ba612863bafd53168eec5d9.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a3f3660b1b57b9bbc0a903730927f3482c411dd9.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a40e23d93929df23cbdd27227c5b1bf0b04bd126.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a41dc8d24360ab1f9b4eb3bf91caef9f4a01ba87.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a446b806a1f156a957fed9edcbfa899ea38bb2a5.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a2cdcda99bccee875a482efe22a497dec3b8ea13.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a45b4ddd0177cedfbfe9d67159cd5cb4a1b24b8b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a5ec8d476dd835032de2341eac4862baabbd6a6c.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a47b5df9539b42672d9a8e90b966efefb662d66f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a494d020c5691fe1871a7cff2cdab2f11e6c7350.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a495b24c0d37c9c80ff0050d9542db7d4be31994.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a4c8b9dcf6662ea8df8f152ec31a45b19eae8f5a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a4f9e754a7120901e7c6ec22a4a447ef9c5e8c8b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a517f035844bb437f69614a240b98f58539186fe.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a53186bec15402067fc338ba74f02581e0eb7b91.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a541d039be97e8a40b97d2c70f4156db7c59c42b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a5c5b30c7c8314327bb32196cb131062cb466761.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a5ec300a56169b26cd9f2dff4f84e66a2cbeeb07.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9629c72c085859ce780e9c1744483ce86e67d1f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a97b15d16ff9b3e3be7718f00fdeb7ea0aa7b873.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a98fe6400b85a1a6e55250a0a6ae31a7fe4d5032.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9ad28d2fc380d96eb728782bc2c4988044ad932.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9b87b681b1678589d963bd509b26ad0ce59ecff.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9d13da65165a1f5779c57defaa84d87a417ba1f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9e6cbb8b6e4c395fa6db2bc677f62e3b678161f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_a9e71a3848b0e5e073391dc18d95e910317713bd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aa1e22a1bb25abd3a9faaa9bc082c83a519cc854.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aa3a00af51e81b893332e5090e017ff39f6c7437.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aa4a3bfa47fb4f29fec06180d5dd28d907f44681.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aa700c707eeb243e0bb43cb8741306bf1001d11d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aa9e1461e44de38d33df8ea22f903235a63f0ac0.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aaa635efc81f452df3feffed5825a7b8509c9db1.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ae5e6e9bb41d14524975854a98c4e6f9ddaead7f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aeb9081249d2dffc47cbf9463bc9e8b35d2e81a5.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aebe8912994c8e345d4568c3b494330d73689ef1.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_af3c25e76f2bf23763ef5143e1b42fb49f1df0e8.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_af44993201bfec7ca26c172c17f1485250eec629.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_afd7cbd36c616960150e120faf8e66c830ef6d1f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_afd9799f19d4f561056fb1397887265c7b8b752b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b020708a8f2399b5afaeb1c9314a0ff83b4257fe.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b08b55684d9a83afa32cb46281dac514e66e2739.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b0c3429a8d4476e8d228a6a1d0605e2afb5b8089.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b0d80291bd4d6467f83bee3bc8014e3efd82b201.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b0e0b5b72b2bd522deff34a1cfe9fe3d7270dd0e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b0e590ceac6a3f6849733ccae49d584c5e11c2b2.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b109bbbc8c82baa5e27456c85935b568669da7cf.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b148f3b7721b3f9b705a2174a67218be09c1cb19.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b16ba446159f72246075b6a23a3c568b152d671b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b17b1839c0855be69d146a782ae3be2e14ce9e27.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b17b30a84db86d139017888ed38405047d0bdd97.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b1946b92e320868d0cb824e2ef293d2edbcd8ced.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b1abb82cee466aa5806558af8d9d13cfbd11b027.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b1c8e352528044facb46a84881afd88a1bdf3088.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b1ccc6485c0dfd8e5a1eea4645b74caec27f2faf.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b1fa52500daec3d708ced68d56b8ec867c712d77.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b216a96230c7cb1bc4a12462933c6435c7f386cd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b3f33cd01aa81cc3eb56938e7a82c050ad532bef.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b4524817630553abdb953a86ee535a6e34e0d2c1.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b47b92217815878758d3287581b25b5e8670c274.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b48712b9cd047bf823eea53163a2d4c708fa539e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b4d99f1dc79d8ab1cdb675d1528b584a76f89567.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b519b2561b84851c919abc6bdf69e9a126aa62c9.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b57380b3e6bb39744639e4adbe846212ee950549.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b5cd9935fe8d5fe1f2320f93779a1fd72210164a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b5e468d87370675f5a08e0284f671d3ad95e5668.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_baed7d7c10015afba9fd8725e73721d61660a2b5.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bb0a314d78c4f43c8ade10460afd61ce2ee43603.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bb5cb9e7abe1edef3ed1b6d32dda85ea94a2e587.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bb5d840788463178a10da69b50d58e658a4e8eab.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bbcf2cc51978349c4a04b5d4a64ce6915a7952d5.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bbf01481658498bc51541f8b24acb1e04704416a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bbf01db37dc6e32af535c805de65a9171fc94bb4.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bc1edb042fb369186857ea5f30b94c2681188d96.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bc4ae54b92e09dbffa35015b7505cedcc41e337b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bc972d1cf54ac956071f463c4a19ded4f6ef5536.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bca0f5018f218ef32dc03dae1ca5ac4caa95cafd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bcb06437fa0cdd2fcec4f487693ea487fc2caa43.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bcbed4c018c0554f6693646ee87ce2b1feb3bc2b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bebf5dba386ae4f2e4a2d2ff3114090351d79855.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bec5f25fab7db708fb7f45566223bec48661f404.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bf08302bb1d77a6b376fc4f8ecc30c60f4f8ea6e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bf177e95d4e6369f95b4e7e297d9f0d84f73866b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bfb35d4a62c1f7c14fea894a80bc13b31fe4872e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bfbfbd1653bd5fbd8a54145beb5c97cdef3c98f9.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bfc1e1d233d5feb2d884cc9d8cd2fb12e69a2f3e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c000aa5fdbdf5eaaa2855945a241554de4c3665b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c0025be8892df7a2393fdd04d22722d728f91f2d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c024dad1e5d710b756bf138be642f8478fce9f7b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c03f8ba1167521c97eddb4edfc681bbe0cef67d6.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c075321990ee4dde45ad1f7e8aeb3fcdc5362666.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c22bf387df3583b490a5c9117d30f0575e95b1dd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c23428809822782b962e0b33b983e2f5b6f72431.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c2786dcfb3179b8b4a755071d3a0be7c540783fd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c28f8604df2afd4619e552c168174a9dae260963.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c298dd1e2bfbabe34929c153e1a99d85f88d9851.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c2bbd139408499687b8382d30cde12e638fac965.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c30ec7ad20fb976d9d8b4550619ef350897221f3.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c37620d944fe8f85954d93374a379c20515e88ee.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c3da28393db871745e7c9f3baa27f99126deae08.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c6a15aa4b6598c330841d78f932695b9fcd6d849.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c6d61f29a53f79919699ab55b2b4f8e7217286ac.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c6d85625c18d6db784f6b95fb759b0e30a5cf038.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c6db557ee333f670778f029c34b96bceac68af2c.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c6e9e46d3863904c504f4a538b50e7c7e371d4f7.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c7152e6b9b7e9c3e63cbc5386a9f68296434f50d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c72cd7be66a7b16f6c4b6c0e21669bf51cc31557.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c7645417774f6a4536299b2cb4dc750c8299929f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c76ebe7b510961fa7ef1e9e6767eada2ab95c829.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c78e73afbe1329e9fe1ecdcd194d53ce7031ca5a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c7cf88332dc7a1db7074e56870a457a106a97a3e.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c82003db594cb5e148784856c0271792ee1e67f3.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_c82c480185476e42d6a2e6ceda60fd3dfd79088c.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_caedf869fe4b6ab1516d34f1c2bb5e987b31526a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_caf90d42895a98acaec670e9cd6d71253b3abd8f.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb0165accde4315735f5f978e9559bcee0447dac.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb2863aaf2366c59b3a306f6a560db3f6a719287.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb5146dff6663d16483a458fb1582dddd26ea448.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb53997ee3827d649ad8393d81829eb0cfb29c16.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb82c27bb4a7ce7adec7d5dce22dbe2f52a92dba.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb89a161dd7c14ee05b6aa994f2f23c7df8cf060.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cb97c2517d2643dbe87d26b90f3b6073bd3b6b1a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cbaf9d0a3b2bcf784910b732fab9c32e6a38b3ef.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cbbe9261bd701667a646fa02fbc0028205397fe2.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cc142e0729311e54f75167f76ea78a719b7de9e0.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cc214f05e13f7924748df4122b2343750a4ec11b.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cc281b9978baec1756831c66b829537dd01da183.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cc395d3da1ea35d222d9176928a7257953726b10.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cc44c8d1346fb26f4cbd2727b20735b2dd536cb3.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_aab33b4696d868101235a7cf8cf575e37f42e9c2.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ac0dd17ca0b25bfbdeced4667e53f9ead9639681.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ad64cb12bd8572dafcba4d96c6cad5d5eaa6427a.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ae45db8a4aa9e4d54bb79aec1ecc230c6f94c6e8.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b0c351ed5c54fb66937324eee1490e8bedb31dab.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b24c4baf1d05db5067154a5d36ff61a1e8f81664.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b3ed14e8a8e2da25e1bbead5650a04809aa62fef.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b5f9839b93ad35b3eb158ad1935ecd73639e6c70.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_b826725084cc871e64c1f77839370be671d98ab7.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ba88a258ae3dd9deb97c53c228dbdee5bfbc8a93.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_bcd447c639598c8707f974ece7e6036da1ce3eef.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_beaeff5519bdf12001295a8cec18e22922ff20fd.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cdbb2742d3d37c6b4f8bf9723770d766b7060c0d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cde19524703ef863966a3623417cb80d13a5ca23.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cdf71a1912ce1991db1164ae1cf2689e7cfaa4cf.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cdfc7c8c45d7786d661d8d1813b7349b8e60d635.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cdfd42a3158975c3821c8a569378be4e30e8af99.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ce17d9862e398a4dd72817b36dac448503fcd51d.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_ce2e39cd633f89bfdd18d9785b302c51b3e049e8.cache Status: Invisible to the Windows API! Path: C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10\5337241\webkit\http\cache_cSSDT ------------------- #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7858738 #: 257 Function Name: NtTerminateProcess Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf78587dc #: 258 Function Name: NtTerminateThread Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7858878 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7858914 Shadow SSDT ------------------- #: 383 Function Name: NtUserGetAsyncKeyState Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7857dfc #: 414 Function Name: NtUserGetKeyboardState Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7857d3c #: 416 Function Name: NtUserGetKeyState Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7857d90 #: 549 Function Name: NtUserSetWindowsHookEx Status: Hooked by "C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys" at address 0xf7857cba ==EOF==[/log]
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 W logach nie ma czynnej infekcji. Jedyny podejrzany do nagłego spowolnienia komputera jest AVG. W grę wchodzi całkowita deinstalacja, tylko w ten sposób mozesz sie przekonać czy system odżyje. Najpierw usuwasz AVG z panelu dodaj /Usun, potem pobierz AVG-Remover[color="#0000FF"][b] [url="http://www.avg.com/pl-pl/pobierz-narzedzia"]KLIK[/url][/b][/color] i usuń pozostałości po programie. [code]O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)[/code] [b]2.[/b] Przypuszczalny powód numer dwa - siedzący w łańcuchu sieciowym Winsock soft filtrunkowy [b]VMware[/b] Próbnie soft do deinstalacji. Jeśli po deinstalacji nie zanikną zapisy O10: - Wpisy typu Protocol wyresetujesz z poziomu linii poleceń przez komendę [b]netsh winsock reset[/b]. [code][2011-06-29 21:40:48 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys[/code] Został też rodzynek po firewallu Sunbelt. Pobierz [b][color="#0000FF"][url="http://technet.microsoft.com/pl-pl/sysinternals/bb963902%28en-us%29.aspx"]Autoruns[/url][/color][/b] i w karcie Drivers usuń ten wpis > restart > usuwasz plik z dysku. Do usuniecia katalogi po skanerach online [code][2011-08-27 22:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011-08-27 21:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline[/code] Deinstalacja [b]Trojan Remover[/b]. Jak to wykonasz zdaj raport jak się system zachowuje bez antywirusa (bez obawy). Wykonaj logi z OTL na warunkach jak na obrazku [b][url="http://imageshack.us/photo/my-images/534/otli.png/"]KLIK[/url][/b]
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 co tu mam wyłączyć? [img]http://img405.imageshack.us/img405/6316/abczm.jpg[/img]
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 Tego szukaj C:\WINDOWS\System32\drivers\[b]SBREDrv.sys[/b]
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 Przez autoruns nie ma tego wpisu, znalazłem jedynie ten plik, co z nim robimy? Odinstalowałem już AVG i VMware
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 [quote]znalazłem jedynie ten plik, co z nim robimy? [/quote] plik nie jest aktywny i kwalifikuje się do usuniecia. Jak wszystko wykonasz wstaw nowe logi i powiedz jak zachowuje się system. Ale tym razem logi zrób w ten sposób: Po uruchomieniu OTL pojawi sie okienko główne i w nim masz zaznaczyć następujące opcje: Wszystkie sekcje ustawione na Użyj filtrowania (Use SafeList). Należy zaznaczyć Wszyscy użytkownicy (Scan All Users) Dodatkowo postawić ptaszki przy pozycjach Infekcja LOP (LOP Check) + Infekcja Purity (Purity Check) Potem klikasz Skanuj. Jak program skończy powstaną dwa logi OTL i Extras, obydwa dodaj do posta.
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 OTL [log]OTL logfile created on: 2011-08-28 23:00:21 - Run 2 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 83,29% Memory free 5,09 Gb Paging File | 4,76 Gb Available in Paging File | 93,48% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 24,80 Gb Free Space | 50,80% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 48,28 Gb Free Space | 32,96% Space Free | Partition Type: NTFS Drive E: | 146,48 Gb Total Space | 146,13 Gb Free Space | 99,76% Space Free | Partition Type: NTFS Drive F: | 123,05 Gb Total Space | 122,97 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: KRZYSIEK | User Name: Krzys - PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-08-27 22:12:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\OTL.exe PRC - [2011-08-18 05:28:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-11 03:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-08-18 05:28:15 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2009-02-27 21:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2001-10-28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-02-15 21:50:01 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2008-07-18 16:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2007-05-11 03:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-07-08 06:12:46 | 007,023,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-02-17 11:41:00 | 000,297,888 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2011-01-27 20:21:10 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-12-18 13:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2008-05-21 01:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008-05-20 11:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-10-12 03:40:12 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide) DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt) DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter) DRV - [2007-04-16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2004-08-13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2002-07-17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1177238915-484061587-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209 FF - prefs.js..extensions.enabledItems: imagedownload@Merci.chao:5.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy\Adobe Reader 9,4\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-08-18 05:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-07-07 21:29:06 | 000,000,000 | ---D | M] [2011-02-26 17:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Extensions [2011-08-18 17:48:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions [2011-03-08 16:52:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-08-18 17:48:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Mozilla\Firefox\Profiles\n9cwlrvj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011-07-11 21:10:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-05-09 22:29:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-03-13 21:17:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-11 21:10:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} () (No name found) -- C:\DOCUMENTS AND SETTINGS\KRZYS - PC\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\N9CWLRVJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\KRZYS - PC\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\N9CWLRVJ.DEFAULT\EXTENSIONS\IMAGEDOWNLOAD@MERCI.CHAO.XPI [2011-01-29 18:06:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-08-18 05:28:17 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-05-06 07:06:41 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-06 07:06:41 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-06 07:06:41 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-06 07:06:41 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-06 07:06:41 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-06 07:06:41 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKU\S-1-5-21-1177238915-484061587-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No CLSID value found. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-04-10 21:09:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{7815ab40-95ff-11e0-a57d-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{7815ab40-95ff-11e0-a57d-005056c00008}\Shell\AutoRun\command - "" = I:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (oodbs) - C:\WINDOWS\System32\oodbs.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-08-28 22:58:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzys - PC\Recent [2011-08-28 12:46:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011-08-28 12:46:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011-08-28 12:46:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011-08-28 12:46:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011-08-28 12:45:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011-08-28 12:45:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Krzys - PC\Menu Start\Programy\Narzędzia administracyjne [2011-08-28 12:45:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Moje wideo [2011-08-28 12:45:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2011-08-27 22:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-08-27 21:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Malwarebytes [2011-08-27 21:21:06 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011-08-27 21:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2011-08-27 21:21:02 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011-08-27 21:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-08-27 21:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Moje dokumenty\Trucks & Trailers [2011-08-27 21:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia [2011-08-27 20:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Trucks & Trailers [2011-08-15 19:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Trojan Remover [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Simply Super Software [2011-08-15 19:38:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software [2011-08-15 19:12:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-08-15 19:12:06 | 000,000,000 | ---D | C] -- C:\ATI [2011-08-10 22:30:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage [2011-08-10 05:25:42 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011-08-10 05:25:35 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011-07-31 19:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Skype [2011-07-31 19:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2011-07-31 09:50:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-08-28 23:00:00 | 000,000,540 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job [2011-08-28 22:57:17 | 000,609,382 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-08-28 22:57:17 | 000,542,324 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-08-28 22:57:17 | 000,131,600 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-08-28 22:57:17 | 000,103,654 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-08-28 22:52:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-08-28 22:52:32 | 000,566,988 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2011-08-28 22:48:31 | 000,000,237 | RHS- | M] () -- C:\boot.ini [2011-08-28 22:46:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-08-28 22:40:07 | 000,001,152 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004UA.job [2011-08-28 22:29:51 | 000,146,011 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Pulpit\abc.JPG [2011-08-28 13:40:01 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-484061587-725345543-1004Core.job [2011-08-27 21:21:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-08-27 20:45:01 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Trucks & Trailers.lnk [2011-08-26 17:41:45 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Pulpit\Google Chrome.lnk [2011-08-21 20:18:05 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-08-19 16:40:08 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-15 19:39:06 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Remover.lnk [2011-08-15 19:37:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-08-15 18:28:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011-08-13 23:40:02 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2011-08-13 23:40:02 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2011-08-03 16:59:34 | 000,002,561 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2011-08-03 16:59:34 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-08-28 22:29:50 | 000,146,011 | ---- | C] () -- C:\Documents and Settings\Krzys - PC\Pulpit\abc.JPG [2011-08-28 12:46:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-08-28 12:46:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-08-28 12:46:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-08-28 12:46:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-08-28 12:46:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-08-27 21:21:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2011-08-27 20:45:01 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Trucks & Trailers.lnk [2011-08-15 19:39:06 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Remover.lnk [2011-08-01 10:19:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-05-25 21:40:31 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-05-25 21:40:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-05-04 21:24:03 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-05-04 21:24:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-04-27 10:54:27 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011-04-05 22:09:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011-02-15 21:48:49 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-02-11 18:32:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI [2011-01-27 22:20:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-01-27 21:56:16 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-27 20:10:20 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-01-27 19:45:33 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-01-27 19:45:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-01-27 19:45:31 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-01-27 19:45:31 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-27 19:45:30 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-01-27 19:37:21 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-01-27 19:34:34 | 003,614,512 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-01-27 19:01:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-01-27 19:01:11 | 000,234,142 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2011-01-27 18:59:01 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-01-27 18:56:30 | 000,037,015 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2011-01-27 18:56:23 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2011-01-27 18:56:12 | 000,036,636 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011-01-27 18:56:11 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011-01-27 18:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-01-27 18:43:26 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-04-10 21:09:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI [2010-04-10 21:09:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-04-10 21:09:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010-04-10 21:08:36 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2010-04-10 21:08:36 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2010-04-10 21:08:36 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2010-04-10 21:08:36 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2009-11-06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006-03-02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006-03-02 14:00:00 | 000,609,382 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2006-03-02 14:00:00 | 000,542,324 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006-03-02 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2006-03-02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006-03-02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006-03-02 14:00:00 | 000,131,600 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2006-03-02 14:00:00 | 000,103,654 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006-03-02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006-03-02 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2006-03-02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006-03-02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006-03-02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006-03-02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006-03-02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-05-20 15:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2011-01-30 23:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-02-10 15:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Astroburn Lite [2011-08-28 22:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2011-06-09 22:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2011-01-29 13:38:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-01-27 20:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-06-12 14:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2011-01-27 19:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-05-04 22:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Innovative Solutions [2011-02-03 00:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2011-08-28 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-06-05 08:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-05-04 22:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters [2011-04-10 19:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [2011-08-15 19:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software [2011-08-28 22:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-02-15 21:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011-01-30 23:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Ashampoo Photo Commander 5 [2011-01-29 12:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\DAEMON Tools Lite [2011-08-19 16:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\foobar2000 [2011-03-06 23:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Gadu-Gadu 10 [2011-02-01 16:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\GHISLER [2011-05-20 15:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\InImages [2011-08-02 21:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Kingston [2011-03-20 15:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\OpenFM [2011-05-09 22:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\OpenOffice.org [2011-08-15 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\Simply Super Software [2011-03-28 18:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\TeamViewer [2011-02-15 21:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\TuneUp Software [2011-06-07 17:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzys - PC\Dane aplikacji\uTorrent [2011-08-28 23:00:00 | 000,000,540 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja jednym kliknięciem.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 < End of report > [/log] extras [log]OTL Extras logfile created on: 2011-08-28 23:00:21 - Run 2 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 83,29% Memory free 5,09 Gb Paging File | 4,76 Gb Available in Paging File | 93,48% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 24,80 Gb Free Space | 50,80% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 48,28 Gb Free Space | 32,96% Space Free | Partition Type: NTFS Drive E: | 146,48 Gb Total Space | 146,13 Gb Free Space | 99,76% Space Free | Partition Type: NTFS Drive F: | 123,05 Gb Total Space | 122,97 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: KRZYSIEK | User Name: Krzys - PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Programy\AVG10\avgmfapx.exe" = D:\Programy\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "D:\Programy\totalcmd\TOTALCMD.EXE" = D:\Programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH) "D:\Game PC\cs 1.6\hl.exe" = D:\Game PC\cs 1.6\hl.exe:*:Enabled:Half-Life Launcher "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "D:\Game PC\cs\hl.exe" = D:\Game PC\cs\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe" = C:\Documents and Settings\Krzys - PC\Ustawienia lokalne\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe" = C:\Documents and Settings\Krzys - PC\Moje dokumenty\Pobieranie\Quake_CVR.pl_\Quake[CVR.pl]\qwcl.exe:*:Enabled:qwcl "D:\Game PC\dirt 2\dirt2_game.exe" = D:\Game PC\dirt 2\dirt2_game.exe:*:Enabled:DiRT2 Executable [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Impreza w plenerze Akcesoria "{1289965E-A50A-759C-C365-2062F94CD55C}" = ccc-utility "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{17D2D36F-BBD5-82A8-C717-E1C8A0E7A571}" = ccc-utility "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{39592F46-9FCF-E9A5-A740-6753BCE006D7}" = CCC Help English "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Nowoczesny apartament Akcesoria "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Miejskie Życie Akcesoria "{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{95A43C1B-AE7B-375B-CD9C-E0B1AF80008F}" = Catalyst Control Center Graphics Previews Common "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.5 - Polish "{AE04A701-0B3D-80AF-1514-9676BC2B7E2D}" = CCC Help English "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże "{BC61F51E-8AF7-46B9-AF20-B33B5EE81045}" = Nero 7 Essentials "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C3194A55-DF60-89DE-3A61-3176F829186C}" = Catalyst Control Center InstallProxy "{C557E258-E9DB-B062-3E95-DCC3DF1DF6FD}" = Catalyst Control Center Graphics Previews Common "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Pokolenia "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F48DC94B-E4EC-6F4C-6CA2-B3F2D13FF0FD}" = ATI Catalyst Install Manager "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer_is1" = ALLPlayer V4.X "Ashampoo Photo Commander 5_is1" = Ashampoo Photo Commander 5.40 "CCleaner" = CCleaner "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "foobar2000" = foobar2000 v1.1.2 "Gadu-Gadu 10" = Gadu-Gadu 10 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.8.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.1.1800 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 6.0 (x86 pl)" = Mozilla Firefox 6.0 (x86 pl) "MTA:SA" = MTA:SA v1.0.4-rc-02033-2-000 "OpenAL" = OpenAL "Picasa 3" = Picasa 3 "Pity Format 2010_is1" = Pity Format 2010 "SpeedFan" = SpeedFan (remove only) "TeamViewer 6" = TeamViewer 6 "Totalcmd" = Total Commander (Remove or Repair) "Trojan Remover_is1" = Trojan Remover 6.8.2 "Trucks & Trailers" = Trucks & Trailers 1.00 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1177238915-484061587-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-08-13 15:21:48 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-08-13 15:21:48 | Computer Name = KRZYSIEK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca rundll32.exe, wersja 5.1.2600.5512, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:33:46 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2011-08-13 17:33:50 | Computer Name = KRZYSIEK | Source = LoadPerf | ID = 3001 Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest niepoprawnie sformatowana. Nieprawdziwy ciąg to 10690, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2011-08-13 17:40:17 | Computer Name = KRZYSIEK | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 2011-08-15 12:53:07 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd dirt2_game.exe, wersja 1.0.0.0, moduł powodujący błąd dirt2_game.exe, wersja 1.0.0.0, adres błędu 0x00aae252. Error - 2011-08-15 13:20:52 | Computer Name = KRZYSIEK | Source = EventSystem | ID = 4614 Description = System zdarzeń modelu COM+ wykrył niespójność w stanie wewnętrznym. Potwierdzenie "GetLastError() == 122L" zwróciło błąd w wierszu 162 z d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp. Skontaktuj się z Pomocą techniczną firmy Microsoft i zgłoś ten błą Error - 2011-08-27 15:04:34 | Computer Name = KRZYSIEK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd sims3launcherw.exe, wersja 0.430.0.521, moduł powodujący błąd msvcr80.dll, wersja 8.0.50727.4053, adres błędu 0x000260f7. [ System Events ] Error - 2011-08-28 17:03:13 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:16 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:19 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:22 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:26 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:29 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:32 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:36 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:39 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. Error - 2011-08-28 17:03:42 | Computer Name = KRZYSIEK | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok. < End of report > [/log] Zobacz czy coś się tam pozmieniało.
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 Czy uzywasz Demon Tools? Bo widze resztki a nie ma go na liście zainstalowanych programów?
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 Tak, program jest zainstalowany. Nie jest uruchamiany przy starcie .
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 [quote]Tak, program jest zainstalowany. [/quote] sory, moje niedopatrzenie. Rzeczywiście jest na liście. Usuń pozostały po AVG klucz w rejestrze Start > uruchom > wpisz regedit znajdź klucz [b]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List[/b] i usuń wartość [b]D:\Programy\AVG10\avgmfapx.exe" = D:\Programy\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)[/b] Następnie uruchom OTL i w oknie [b]Własne opcje skanowania / skrypt[/b] wklej: [code]:Files C:\Documents and Settings\All Users\Dane aplikacji\AVG10 :OTL @Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. Przyczyną spowolnienia może też być Q&Q Defrag. Ustawiłeś w nim automatyczną defragmentacje jako zadanie. Lepiej ręcznie przeprowadzać defragmentacje. Osobiście uzywam darmowego [b]Puran Defrag[/b].
Krzysiek6 komentarz 28 sierpnia 2011 Autor komentarz 28 sierpnia 2011 (edytowane) Taki log mi się ukazał po włączeniu peceta. [log]All processes killed ========== FILES ========== C:\Documents and Settings\All Users\Dane aplikacji\AVG10\scanlogs folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\log\IDP\log folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\log\IDP folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\log folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\IDS\outbox00\5 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\IDS\outbox00 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10\IDS folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG10 folder moved successfully. ========== OTL ========== ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrator ->Flash cache emptied: 41620 bytes User: All Users User: Default User ->Flash cache emptied: 41620 bytes User: Krzys - PC ->Flash cache emptied: 3304 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Krzys - PC ->Temp folder emptied: 36855617 bytes ->Temporary Internet Files folder emptied: 131474 bytes ->Java cache emptied: 5516059 bytes ->FireFox cache emptied: 92592661 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2148726 bytes %systemroot%\System32 .tmp files removed: 1621716 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 177803 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 133,00 mb OTL by OldTimer - Version 3.2.26.6 log created on 08282011_234340 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] Np. w grze, widzę różnicę w pracy peceta, jest szybciej. Coś jeszcze mogę zrobić żeby go przyśpieszyć? Jakieś wpisy w rejestrze?
Gość komentarz 28 sierpnia 2011 komentarz 28 sierpnia 2011 (edytowane) Teraz wyłącz Przywracanie systemu na minute. Potem włącz. Instrukcja [b][url="http://www.fixitpc.pl/topic/5-dezynfekcja-metody-usuwania-czesc-1/#1"]KLIK[/url][/b] Nastepnie uruchom OTL i kliknij [b]Sprzątanie[/b]. To usunie program z dysku i wszystkie logi. No i na koniec czekam na jakąś ocenę sytuacji, czy "zamulenia" ustały? [quote]Coś jeszcze mogę zrobić żeby go przyśpieszyć? Jakieś wpisy w rejestrze? [/quote] Możesz zrobić bardzo dużo, tylko z głową i umiejętnie [color="#0000FF"][b][url="http://www.fixitpc.pl/index.php?/topic/46-archiwalny-optymalizacja-i-odchudzanie-xp/"]KLIK[/url][/b][/color] i [color="#0000FF"][b][url="http://www.fixitpc.pl/index.php?/topic/43-archiwalny-services-uslugi-w-xp/"]KLIK[/url][/b][/color] Zastanów sie nad wyborem antywirusa. Odinstaluj wersje javy, masz w tej chwili Java™ 6 Update 22 Java™ 6 Update 26 najnowsza to [b]Java7[/b] i zainstaluj obowiązkowo Internet Explorer8, to bardzo ważny składnik Windowsa. Nie ma znaczenia, że z niego nie korzystasz [b][url="http://www.microsoft.com/downloads/pl-pl/details.aspx?FamilyID=341c2ad5-8c3d-4347-8c03-08cdecd8852b"]KLIK[/url][/b] Na koniec zrób mi kontrolnie log z GMERA, teraz kiedy nie ma AVG powinien polecieć bez przeszkód.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.