KamilFan utworzono 20 maja 2014 utworzono 20 maja 2014 Witam, mam problem z automatyczną aktualizacją w systemie Windows Xp. Jak wiadomo, nie ma już żadnych poprawek do tego Windowsa, z tąd automatyczna aktualizacja systemu jest mi zbędna. W services.msc mam wyłączone Centrum Zabezpieczeń oraz mam wyłączoną Automatyczną Aktualizację. Niby powinno to pomóc, a jednak nie. Co jakieś 2-3 dni, Automatyczna Aktualizacja z trybu "wyłączonej" ustawia się sama na tryb "automatyczny" i uruchamia się podczas startu systemu zabierając mi bez sensu zasoby procka. Nie wiem za bardzo co z tym zrobić :).
r102 komentarz 20 maja 2014 komentarz 20 maja 2014 (edytowane) Podejrzewam działania Billa w celu nakłonienia Ciebie do kupna licencji na Win8 :admin: Tak poważnie, naprawdę, jestem gotów to podejrzewać... Czekajmy na inne sygnały, w końcu są setki milionów użytkowników winxp. Tam gdzie pracuję, już podziałało. Chodzi Pan Informatyk z płytką win7 i wszędzie instaluje win7 /korporacyjny, Enterprise...
lsdpetersld komentarz 20 maja 2014 komentarz 20 maja 2014 (edytowane) W services powiadasz.... A moze normalnie wylacz w start-ppm na moj komputer-wlasciwosci- aktualizacje auto. czy cos i klikasz wylacz. Reset kompa! :| Co prawda nie wytlumacza tych 2-3 dni, ale probujmy all mozliwymi sposobami. >:| @up: Juz sobie wyobrazam jak uzytkownicy z p4 musza instalowac Win 8. Why Bill why?! Wytapowane z mego GT-S5570
KamilFan komentarz 29 maja 2014 Autor komentarz 29 maja 2014 Tak nie mogę wyłączyć. Mam ustawione na opcję żeby nie instalowało samo aktualizacji a jedynie mnie powiadomiało że takow są. Nie mogę nacisnąć innej opcji, bo tak jakby było ,,zablokowane''. Poniżej zamieszczam obrazek.
Zayfi komentarz 29 maja 2014 komentarz 29 maja 2014 Z tego obrazka wynika że masz założona blokadę na funkcje Automatycznych aktualizacji. Zrób logi z OTL i FRST http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/
KamilFan komentarz 14 czerwca 2014 Autor komentarz 14 czerwca 2014 Przepraszam za tak długą zwłokę, obecnie mam sesje i nie za bardzo miałem czasu się tym zająć. Nigdy tego nie robiłem, więc pewnie wyjdzie mi dużo róznych syfów :D. A więc zamieszczam to co mi wyszło: OTL.TXT OTL logfile created on: 2014-06-14 12:57:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kamil\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,48 Mb Total Physical Memory | 162,38 Mb Available Physical Memory | 31,75% Memory free 1,22 Gb Paging File | 0,57 Gb Available in Paging File | 46,70% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 5,31 Gb Free Space | 36,24% Space Free | Partition Type: NTFS Drive D: | 29,30 Gb Total Space | 4,91 Gb Free Space | 16,75% Space Free | Partition Type: NTFS Drive E: | 30,56 Gb Total Space | 0,68 Gb Free Space | 2,23% Space Free | Partition Type: FAT32 Drive H: | 14,83 Gb Total Space | 1,41 Gb Free Space | 9,52% Space Free | Partition Type: FAT32 Computer Name: SAMO-87363E864C | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-06-14 12:51:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe PRC - [2014-05-10 12:35:27 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-09-03 14:02:02 | 001,763,840 | ---- | M] (Last.fm) -- D:\Program Files\Last.fm\Last.fm Scrobbler.exe PRC - [2013-07-24 00:57:42 | 002,251,360 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe PRC - [2012-03-07 16:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2012-03-07 16:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-06-14 11:56:37 | 000,333,824 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\winamp.lng MOD - [2014-06-14 11:56:37 | 000,161,792 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_milk2.lng MOD - [2014-06-14 11:56:37 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_avs.lng MOD - [2014-06-14 11:56:37 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_wifi.lng MOD - [2014-06-14 11:56:37 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_nsfs.lng MOD - [2014-06-14 11:56:37 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\tagz.lng MOD - [2014-06-14 11:56:37 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\winampa.lng MOD - [2014-06-14 11:56:37 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\xspf.lng MOD - [2014-06-14 11:56:36 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_pmp.lng MOD - [2014-06-14 11:56:36 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_local.lng MOD - [2014-06-14 11:56:36 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_disc.lng MOD - [2014-06-14 11:56:36 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ombrowser.lng MOD - [2014-06-14 11:56:36 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_playlists.lng MOD - [2014-06-14 11:56:36 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_ds.lng MOD - [2014-06-14 11:56:36 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_wire.lng MOD - [2014-06-14 11:56:36 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_online.lng MOD - [2014-06-14 11:56:36 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_plg.lng MOD - [2014-06-14 11:56:36 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_usb.lng MOD - [2014-06-14 11:56:36 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_android.lng MOD - [2014-06-14 11:56:36 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_history.lng MOD - [2014-06-14 11:56:36 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_downloads.lng MOD - [2014-06-14 11:56:36 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_transcode.lng MOD - [2014-06-14 11:56:36 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_cloud.lng MOD - [2014-06-14 11:56:36 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_wave.lng MOD - [2014-06-14 11:56:36 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_ipod.lng MOD - [2014-06-14 11:56:36 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_disk.lng MOD - [2014-06-14 11:56:36 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_rg.lng MOD - [2014-06-14 11:56:36 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_impex.lng MOD - [2014-06-14 11:56:36 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_activesync.lng MOD - [2014-06-14 11:56:36 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_p4s.lng MOD - [2014-06-14 11:56:36 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_njb.lng MOD - [2014-06-14 11:56:36 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_nowplaying.lng MOD - [2014-06-14 11:56:36 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\playlist.lng MOD - [2014-06-14 11:56:35 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_cloud.lng MOD - [2014-06-14 11:56:35 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mp3.lng MOD - [2014-06-14 11:56:35 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_midi.lng MOD - [2014-06-14 11:56:35 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mod.lng MOD - [2014-06-14 11:56:35 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_wm.lng MOD - [2014-06-14 11:56:35 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_vorbis.lng MOD - [2014-06-14 11:56:35 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_nsv.lng MOD - [2014-06-14 11:56:35 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_devices.lng MOD - [2014-06-14 11:56:35 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_autotag.lng MOD - [2014-06-14 11:56:35 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_wave.lng MOD - [2014-06-14 11:56:35 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_bookmarks.lng MOD - [2014-06-14 11:56:35 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mp4.lng MOD - [2014-06-14 11:56:35 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mkv.lng MOD - [2014-06-14 11:56:35 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_addons.lng MOD - [2014-06-14 11:56:35 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_swf.lng MOD - [2014-06-14 11:56:35 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_linein.lng MOD - [2014-06-14 11:56:34 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_jumpex.lng MOD - [2014-06-14 11:56:34 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_ff.lng MOD - [2014-06-14 11:56:34 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_ml.lng MOD - [2014-06-14 11:56:34 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_cdda.lng MOD - [2014-06-14 11:56:34 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_hotkeys.lng MOD - [2014-06-14 11:56:34 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_tray.lng MOD - [2014-06-14 11:56:34 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_dshow.lng MOD - [2014-06-14 11:56:34 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_crasher.lng MOD - [2014-06-14 11:56:34 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_flac.lng MOD - [2014-06-14 11:56:34 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_wma.lng MOD - [2014-06-14 11:56:34 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_avi.lng MOD - [2014-06-14 11:56:34 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_wav.lng MOD - [2014-06-14 11:56:34 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_flv.lng MOD - [2014-06-14 11:56:33 | 000,066,560 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\burnlib.lng MOD - [2014-06-14 11:56:33 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\dsp_sps.lng MOD - [2014-06-14 11:56:33 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\auth.lng MOD - [2014-06-14 11:56:33 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_fhgaac.lng MOD - [2014-06-14 11:56:33 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_lame.lng MOD - [2014-06-14 11:56:33 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_vorbis.lng MOD - [2014-06-14 11:56:33 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_flac.lng MOD - [2014-05-10 12:35:25 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2014-05-08 13:22:24 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2013-09-03 14:01:36 | 000,126,976 | ---- | M] () -- D:\Program Files\Last.fm\listener.dll MOD - [2013-09-03 14:01:32 | 000,736,768 | ---- | M] () -- D:\Program Files\Last.fm\unicorn.dll MOD - [2013-09-03 14:01:14 | 000,032,768 | ---- | M] () -- D:\Program Files\Last.fm\logger.dll MOD - [2013-09-03 10:54:56 | 000,351,232 | ---- | M] () -- D:\Program Files\Last.fm\lastfm.dll MOD - [2013-07-24 00:57:46 | 000,340,992 | ---- | M] () -- C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac MOD - [2013-01-18 12:49:56 | 000,182,784 | ---- | M] () -- D:\Program Files\Last.fm\plugins\phonon_backend\phonon_vlc.dll MOD - [2013-01-18 12:39:50 | 000,302,592 | ---- | M] () -- D:\Program Files\Last.fm\phonon.dll MOD - [2012-12-13 01:13:36 | 002,286,592 | ---- | M] () -- D:\Program Files\Last.fm\libvlccore.dll MOD - [2012-12-13 01:13:32 | 000,049,664 | ---- | M] () -- D:\Program Files\Last.fm\plugins\audio_output\libaout_directx_plugin.dll MOD - [2012-12-13 01:12:58 | 000,111,104 | ---- | M] () -- D:\Program Files\Last.fm\libvlc.dll MOD - [2008-12-19 18:49:30 | 002,627,584 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax MOD - [2006-04-18 18:15:22 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2014-05-10 12:35:26 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-03-04 19:21:09 | 000,182,696 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-10-11 00:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE) SRV - [2013-08-14 15:19:22 | 000,039,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013-03-15 07:47:17 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-03-07 16:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Disabled | Unknown] -- System32\Drivers\sptd.sys -- (sptd) DRV - [2014-05-12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-12-19 07:41:55 | 000,128,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2012-11-16 23:04:28 | 007,874,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2012-11-08 19:29:42 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2012-03-14 09:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2012-03-14 09:40:04 | 000,061,936 | ---- | M] (ESET) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2012-03-14 09:40:02 | 000,160,816 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2012-03-14 09:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-07-22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011-07-12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2006-12-28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2005-10-26 10:08:26 | 003,786,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2005-04-05 21:22:30 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005-04-05 21:22:28 | 000,033,536 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-01-07 09:32:26 | 000,015,400 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm) DRV - [2002-10-01 14:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) DRV - [2001-08-18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD800JD-00LSA0_WD-WMAM9L52526525265&ts=1384103515&type=default&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD800JD-00LSA0_WD-WMAM9L52526525265&ts=1384103515&type=default&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\..\SearchScopes\{1C77E648-F39B-4CC6-B4D3-614882BB848A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=FFC3A3B5-1501-414D-B46E-A328E9D6337D&apn_sauid=0AC9FE63-916E-4A64-B694-D5FDB8AE5778 IE - HKU\S-1-5-21-507921405-616249376-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20 10:59:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-20 10:59:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014-05-10 12:35:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-10-05 18:27:06 | 000,000,000 | ---D | M] [2011-10-13 22:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions [2014-06-06 15:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562\extensions [2014-01-16 18:26:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-06 14:53:24 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-10 12:35:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2014-05-10 12:35:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-10 12:35:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-05-10 12:35:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.gazeta.pl/0,0.html?p=143 CHR - Extension: No name found = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-507921405-616249376-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.51.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.170 89.231.1.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EBCF50A-B5BF-4577-B473-E1568F1A76CF}: DhcpNameServer = 217.172.224.170 89.231.1.206 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-10-13 20:53:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-06-14 12:52:57 | 001,073,152 | ---- | C] (Farbar) -- C:\Documents and Settings\Kamil\Pulpit\FRST.exe [2014-06-14 12:51:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe [2014-06-13 23:24:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kamil\Recent [2014-06-13 16:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Pulpit\Jennifer Lopez - A.K.A. (Album) [mp3] [2014-05-28 18:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Media Player Classic [2014-05-22 17:26:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014-05-20 22:05:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kamil\IECompatCache [2014-05-15 15:03:22 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-05-15 15:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware [2014-05-15 15:02:33 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2014-05-15 15:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-06-14 12:53:06 | 001,073,152 | ---- | M] (Farbar) -- C:\Documents and Settings\Kamil\Pulpit\FRST.exe [2014-06-14 12:51:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kamil\Pulpit\OTL.exe [2014-06-14 12:48:43 | 000,006,936 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps [2014-06-14 12:48:36 | 000,241,152 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-06-14 11:54:36 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-616249376-682003330-1004.job [2014-06-14 11:54:25 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\JetCleanLoginCheckUpdate.job [2014-06-14 11:54:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-06-14 11:54:12 | 000,212,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-06-13 08:22:13 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-616249376-682003330-1004.job [2014-06-07 16:31:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2014-06-07 16:19:29 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-06-05 16:52:01 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014-06-05 16:52:01 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014-05-29 13:32:30 | 000,002,231 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SlimCleaner.lnk [2014-05-27 22:16:12 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Kamil\.recently-used.xbel [2014-05-23 17:30:27 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER [2014-05-20 13:31:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-06-14 11:54:12 | 000,212,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-05-27 22:16:12 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Kamil\.recently-used.xbel [2014-05-05 17:53:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll [2014-05-01 10:46:03 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2014-04-12 14:50:23 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe [2014-04-12 14:50:23 | 000,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini [2014-04-12 14:50:23 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini [2013-11-25 23:00:20 | 000,034,772 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2013-10-12 13:17:31 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2013-10-12 13:17:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2013-08-28 12:11:59 | 001,083,296 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-08-28 12:11:59 | 001,083,296 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-08-28 12:11:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-08-28 12:11:09 | 002,288,632 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013-08-24 12:50:32 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2013-08-23 12:21:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2013-08-23 12:20:53 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2013-08-23 12:20:49 | 000,618,823 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2013-08-23 12:20:49 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2013-08-23 12:01:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-08-23 09:49:43 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe [2013-08-22 18:09:41 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2013-03-29 11:56:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\amcap.exe [2013-03-29 11:56:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\RunSetup.dll [2013-03-26 07:26:05 | 000,007,318 | ---- | C] () -- C:\WINDOWS\cadx2.ini [2012-07-18 19:47:03 | 000,000,276 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2011-12-10 15:54:13 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db [2011-10-19 11:07:00 | 000,241,152 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-14 20:50:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-10-13 21:00:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-01-07 18:21:32 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2006-03-02 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-11-27 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012-12-21 19:43:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-10-05 18:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2011-10-14 10:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2012-01-07 15:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SafeNet Sentinel [2014-03-29 12:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2012-07-18 20:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2014-05-20 12:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WPM [2012-12-21 19:43:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013-02-23 13:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\BlueSprig [2013-10-04 17:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DVDVideoSoft [2012-10-04 13:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ESET [2014-05-27 22:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\gtk-2.0 [2014-06-13 22:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Kadu [2012-10-04 14:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\KW [2012-07-18 19:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Ulead Systems [2014-06-04 18:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report > OTL EXTRAS OTL Extras logfile created on: 2014-06-14 12:57:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kamil\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,48 Mb Total Physical Memory | 162,38 Mb Available Physical Memory | 31,75% Memory free 1,22 Gb Paging File | 0,57 Gb Available in Paging File | 46,70% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 5,31 Gb Free Space | 36,24% Space Free | Partition Type: NTFS Drive D: | 29,30 Gb Total Space | 4,91 Gb Free Space | 16,75% Space Free | Partition Type: NTFS Drive E: | 30,56 Gb Total Space | 0,68 Gb Free Space | 2,23% Space Free | Partition Type: FAT32 Drive H: | 14,83 Gb Total Space | 1,41 Gb Free Space | 9,52% Space Free | Partition Type: FAT32 Computer Name: SAMO-87363E864C | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" = C:\Program Files\ESET\ESET Smart Security\ekrn.exe:*:Enabled:ESET Service -- (ESET) "C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation) "C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation) "D:\Documents and Settings\Kamil\Dane aplikacji\uTorrent\uTorrent.exe" = D:\Documents and Settings\Kamil\Dane aplikacji\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.) "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "D:\Program Files\Kadu\kadu.exe" = D:\Program Files\Kadu\kadu.exe:*:Enabled:Kadu Instant Messenger -- (Kadu Team) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13F7898A-F39E-F19C-BF0A-3A2422C4579F}" = CCC Help Dutch "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2 "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.3.3757 "{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{38AB97EF-3D06-194B-6407-6D4ACE925738}" = CCC Help Russian "{3B244431-0C71-8044-F336-FA2280604BB7}" = Catalyst Control Center Localization All "{3CE9BA35-F974-595D-CD27-3480976B8791}" = CCC Help Chinese Traditional "{3F4417E8-D9BB-2552-986D-232EDC2A8CC0}" = CCC Help Czech "{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = Vimicro USB PC Camera "{44A07805-6BBB-0451-C259-DF42F010509C}" = AMD Catalyst Install Manager "{4625C99C-A9F8-D444-6352-092AD46734BD}" = CCC Help Italian "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Obsługa programów Apple "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B67EE2A-2C42-B70B-AC3F-B26DF1E64C4F}" = ccc-utility "{4B6F5F7F-85C1-0397-57C4-E9F8CAD4F7FF}" = CCC Help French "{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1" = EXPERTool v8.9 "{5635429F-0E24-476F-6011-C87CB0CEEBEF}" = CCC Help Turkish "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579EDD1B-20D0-0D10-D1FA-C519ED99A6AC}" = Catalyst Control Center Graphics Previews Common "{66B6D13A-9CC1-417D-B6F2-58AA539D1045}" = Nero 7 Essentials "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7D3C830F-83DA-62EF-D144-B14050D2F257}" = CCC Help Chinese Standard "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{7E24775F-4A1A-8C37-AA6E-C4F0D9CE6B3F}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86197EF8-3D51-E4B6-7323-09986A560470}" = CCC Help Portuguese "{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8C676E78-9169-43FB-9A56-415DF6DE50EE}" = Tetris 5000 "{8FB88B36-A320-6325-8DBE-0C4B8DBAB286}" = CCC Help Norwegian "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{934F70BF-37F9-3C35-4D22-DD8AB0146EFF}" = CCC Help Greek "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AAD06DFF-E96F-942E-8145-7FD3BEC9326B}" = CCC Help Polish "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B3CD98E8-DA7A-CDC4-8367-E5FE201E6611}" = CCC Help Japanese "{B4AD27A4-886B-CB7B-F929-2ABD9AF8E2CA}" = CCC Help English "{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3D5225A-5794-702D-41EB-37069A5B23C8}" = CCC Help Spanish "{C468065B-7A72-FDD9-B16C-398F596886E8}" = CCC Help Swedish "{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCAB3C20-F0BC-14C5-2CC5-09F1B35A28EC}" = CCC Help Thai "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E2AD1D-07B7-491C-8877-171A03680AE0}" = SlimCleaner "{D680339B-4B93-2BAD-1A56-B647E77D8909}" = CCC Help Korean "{DC31C62B-4845-E020-DF6F-0F1E4F479E04}" = CCC Help Danish "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{ED3A19B5-716E-4069-8168-2BDE5E7F91BA}" = ESET Smart Security "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}" = ICatch (VI) PC Camera "{F6A761AF-107F-B8B8-B6BC-4CE8758C247D}" = CCC Help Hungarian "{FE422A03-5747-271C-68EB-4BFE2C604FA0}" = CCC Help Finnish "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}" = Adobe Photoshop CS2 "Audacity_is1" = Audacity 1.2.6 "BlueSprig_JetClean_is1" = JetClean "CCleaner" = CCleaner "Defraggler" = Defraggler "Free Video to JPG Converter_is1" = Free Video to JPG Converter version 5.0.28.827 "ie8" = Windows Internet Explorer 8 "Kadu" = Kadu 0.12.3 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.4.2 "LastFM_is1" = Last.fm Scrobbler 2.1.36 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "Odkurzacz 13.4_is1" = Odkurzacz "RealPlayer 16.0" = RealPlayer "Tetpic 4000(v2.6 Full Version)" = Tetpic 4000(v2.6 Full Version) "uTorrent" = µTorrent "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = WinRAR archiver "xp-AntiSpy" = xp-AntiSpy 3.98-2 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-507921405-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-11-02 10:49:35 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd last.fm scrobbler.exe, wersja 2.1.33.0, moduł powodujący błąd avcodec-54.dll, wersja 0.0.0.0, adres błędu 0x001738d9. Error - 2013-11-15 14:30:51 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 1.2.929.0, moduł powodujący błąd mplayerc.exe, wersja 1.2.929.0, adres błędu 0x0034bf0a. Error - 2013-11-15 14:31:08 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 1.2.929.0, moduł powodujący błąd mplayerc.exe, wersja 1.2.929.0, adres błędu 0x0034bf0a. Error - 2013-11-15 14:31:53 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 1.2.929.0, moduł powodujący błąd mplayerc.exe, wersja 1.2.929.0, adres błędu 0x0034bf0a. Error - 2013-11-15 14:33:17 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mplayerc.exe, wersja 1.2.929.0, moduł powodujący błąd mplayerc.exe, wersja 1.2.929.0, adres błędu 0x0034bf0a. Error - 2013-11-15 14:33:27 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Error - 2013-11-15 14:34:37 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Error - 2013-11-15 14:36:10 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Error - 2013-11-15 14:37:50 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Error - 2013-11-24 09:11:42 | Computer Name = SAMO-87363E864C | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd last.fm scrobbler.exe, wersja 2.1.33.0, moduł powodujący błąd avcodec-54.dll, wersja 0.0.0.0, adres błędu 0x001738d9. [ System Events ] Error - 2014-06-13 02:21:57 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error - 2014-06-13 06:54:04 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2014-06-13 06:54:36 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error - 2014-06-13 10:36:30 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2014-06-13 10:37:03 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error - 2014-06-13 15:56:49 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2014-06-13 15:57:23 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error - 2014-06-13 17:20:02 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1002 Description = Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 2014-06-13 17:20:34 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error - 2014-06-14 05:54:49 | Computer Name = SAMO-87363E864C | Source = Dhcp | ID = 1000 Description = Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. < End of report > FRST.TXT Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2014 02 Ran by Kamil (administrator) on SAMO-87363E864C on 14-06-2014 13:04:42 Running from C:\Documents and Settings\Kamil\Pulpit Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Last.fm) D:\Program Files\Last.fm\Last.fm Scrobbler.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [3117344 2012-03-07] (ESET) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD800JD-00LSA0_WD-WMAM9L52526525265&ts=1384103515&type=default&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=WDCXWD800JD-00LSA0_WD-WMAM9L52526525265&ts=1384103515&type=default&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=sc&from=cor&uid=WDCXWD800JD-00LSA0_WD-WMAM9L52526525265&ts=1384103515 SearchScopes: HKCU - {1C77E648-F39B-4CC6-B4D3-614882BB848A} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=FFC3A3B5-1501-414D-B46E-A328E9D6337D&apn_sauid=0AC9FE63-916E-4A64-B694-D5FDB8AE5778 BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com) Tcpip\Parameters: [DhcpNameServer] 217.172.224.170 89.231.1.206 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562 FF Homepage: google.pl FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: DownloadHelper - C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-16] FF Extension: Adblock Plus - C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\3fv60l4i.default-1373726841562\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-13] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-10-05] Chrome: ======= CHR HomePage: hxxp://www.gazeta.pl/0,0.html?p=143 CHR RestoreOnStartup: "hxxp://www.gazeta.pl/0,0.html?p=143" CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR Extension: (YouTube) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-05] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-11-05] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ========================== Services (Whitelisted) ================= S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [913144 2012-03-07] (ESET) S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-04] (Oracle Corporation) S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () ==================== Drivers (Whitelisted) ==================== R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3786944 2005-10-26] (Realtek Semiconductor Corp.) S3 CA561; C:\WINDOWS\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation) R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET) S4 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [148504 2012-03-14] (ESET) S4 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [61936 2012-03-14] (ESET) R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-04] (Microsoft Corporation) S3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 ndiscm; C:\WINDOWS\System32\DRIVERS\NetMotCM.sys [15400 2003-01-07] (Motorola Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33536 2005-04-05] (NVIDIA Corporation) S3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128440 2012-12-19] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-04-05] (NVIDIA Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2012-11-08] (AnchorFree Inc) S4 IntelIde; No ImagePath U4 sptd; System32\Drivers\sptd.sys [X] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-14 13:04 - 2014-06-14 13:05 - 00012460 _____ () C:\Documents and Settings\Kamil\Pulpit\FRST.txt 2014-06-14 13:04 - 2014-06-14 13:04 - 00000000 ____D () C:\FRST 2014-06-14 13:03 - 2014-06-14 13:03 - 00081016 _____ () C:\Documents and Settings\Kamil\Pulpit\OTL.Txt 2014-06-14 13:03 - 2014-06-14 13:03 - 00039930 _____ () C:\Documents and Settings\Kamil\Pulpit\Extras.Txt 2014-06-14 12:58 - 2014-06-14 12:58 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-06-14 12:58 - 2014-06-14 12:58 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-06-14 12:52 - 2014-06-14 12:53 - 01073152 _____ (Farbar) C:\Documents and Settings\Kamil\Pulpit\FRST.exe 2014-06-14 12:51 - 2014-06-14 12:51 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Kamil\Pulpit\OTL.exe 2014-06-14 11:54 - 2014-06-14 11:54 - 00212080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-06-13 23:24 - 2014-06-13 23:25 - 00000841 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-28 18:04 - 2014-05-29 13:32 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\Media Player Classic 2014-05-27 22:16 - 2014-05-27 22:16 - 00006656 _____ () C:\Documents and Settings\Kamil\.recently-used.xbel 2014-05-20 22:05 - 2014-05-20 22:05 - 00000000 __SHD () C:\Documents and Settings\Kamil\IECompatCache 2014-05-15 15:03 - 2014-06-07 16:19 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-15 15:02 - 2014-06-06 15:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-05-15 15:02 - 2014-06-06 15:06 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2014-05-15 15:02 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys ==================== One Month Modified Files and Folders ======= 2014-06-14 13:05 - 2014-06-14 13:04 - 00012460 _____ () C:\Documents and Settings\Kamil\Pulpit\FRST.txt 2014-06-14 13:05 - 2011-10-13 20:57 - 00000000 ____D () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp 2014-06-14 13:04 - 2014-06-14 13:04 - 00000000 ____D () C:\FRST 2014-06-14 13:04 - 2011-10-13 20:57 - 00000000 ____D () C:\Documents and Settings\Kamil\Pulpit 2014-06-14 13:03 - 2014-06-14 13:03 - 00081016 _____ () C:\Documents and Settings\Kamil\Pulpit\OTL.Txt 2014-06-14 13:03 - 2014-06-14 13:03 - 00039930 _____ () C:\Documents and Settings\Kamil\Pulpit\Extras.Txt 2014-06-14 12:58 - 2014-06-14 12:58 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-06-14 12:58 - 2014-06-14 12:58 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-06-14 12:53 - 2014-06-14 12:52 - 01073152 _____ (Farbar) C:\Documents and Settings\Kamil\Pulpit\FRST.exe 2014-06-14 12:51 - 2014-06-14 12:51 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Kamil\Pulpit\OTL.exe 2014-06-14 12:50 - 2011-10-14 10:42 - 00000000 ____D () C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Last.fm 2014-06-14 12:48 - 2013-08-28 12:52 - 00006936 _____ () C:\WINDOWS\system32\nvAppTimestamps 2014-06-14 12:48 - 2011-10-19 11:07 - 00241152 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-14 11:56 - 2011-10-13 23:39 - 00000000 ____D () C:\Program Files\Winamp 2014-06-14 11:54 - 2014-06-14 11:54 - 00212080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-06-14 11:54 - 2013-08-21 21:04 - 00000274 _____ () C:\WINDOWS\Tasks\JetCleanLoginCheckUpdate.job 2014-06-14 11:54 - 2012-12-24 20:50 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-616249376-682003330-1004.job 2014-06-14 11:54 - 2011-10-13 20:56 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT 2014-06-13 23:25 - 2014-06-13 23:24 - 00000841 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-13 23:25 - 2011-10-13 20:57 - 00000292 ___SH () C:\Documents and Settings\Kamil\ntuser.ini 2014-06-13 23:25 - 2006-01-01 00:00 - 00032494 _____ () C:\WINDOWS\SchedLgU.Txt 2014-06-13 23:24 - 2011-10-13 20:57 - 00000000 ____D () C:\Documents and Settings\Kamil 2014-06-13 22:47 - 2014-03-29 13:10 - 00000000 ____D () C:\Documents and Settings\Kamil\Dane aplikacji\Kadu 2014-06-13 08:22 - 2012-12-24 20:50 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-616249376-682003330-1004.job 2014-06-12 20:54 - 2011-10-13 20:57 - 00000000 ___RD () C:\Documents and Settings\Kamil\Moje dokumenty\Moja muzyka 2014-06-07 21:55 - 2011-10-13 20:57 - 00000000 ___HD () C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji 2014-06-07 16:31 - 2011-10-13 22:43 - 00000211 ___SH () C:\boot.ini 2014-06-07 16:31 - 2006-03-02 14:00 - 00001319 _____ () C:\WINDOWS\win.ini 2014-06-07 16:31 - 2006-03-02 14:00 - 00000227 ____C () C:\WINDOWS\system.ini 2014-06-07 16:19 - 2014-05-15 15:03 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-06-06 15:34 - 2011-10-13 20:57 - 00000000 __RHD () C:\Documents and Settings\Kamil\Dane aplikacji 2014-06-06 15:06 - 2014-05-15 15:02 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-06-06 15:06 - 2014-05-15 15:02 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2014-06-05 16:52 - 2012-03-31 10:31 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-06-05 16:52 - 2011-10-13 22:45 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-06-04 18:56 - 2013-06-25 09:38 - 00000000 ____D () C:\Documents and Settings\Kamil\Dane aplikacji\uTorrent 2014-05-29 13:32 - 2014-05-28 18:04 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\Media Player Classic 2014-05-29 13:32 - 2013-06-20 17:30 - 00002231 _____ () C:\Documents and Settings\All Users\Pulpit\SlimCleaner.lnk 2014-05-28 18:04 - 2011-10-13 20:56 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji 2014-05-28 07:55 - 2011-10-13 20:57 - 00000000 ___RD () C:\Documents and Settings\Kamil\Moje dokumenty 2014-05-27 22:16 - 2014-05-27 22:16 - 00006656 _____ () C:\Documents and Settings\Kamil\.recently-used.xbel 2014-05-27 22:16 - 2011-10-14 19:10 - 00000000 ____D () C:\Documents and Settings\Kamil\Dane aplikacji\gtk-2.0 2014-05-27 22:16 - 2011-10-14 10:28 - 00000000 ____D () C:\Documents and Settings\Kamil\.gimp-2.6 2014-05-23 17:30 - 2011-10-23 16:46 - 00060416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCFDRTM.VER 2014-05-22 17:28 - 2012-09-03 15:41 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk 2014-05-22 17:28 - 2011-10-13 22:44 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy 2014-05-20 22:05 - 2014-05-20 22:05 - 00000000 __SHD () C:\Documents and Settings\Kamil\IECompatCache 2014-05-20 13:42 - 2011-10-13 22:36 - 00000000 ____D () C:\Documents and Settings\Kamil\Dane aplikacji\Media Player Classic 2014-05-20 13:31 - 2011-10-14 17:29 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2014-05-20 12:40 - 2013-04-21 15:47 - 00000000 ____D () C:\Program Files\INTERIAPL 2014-05-20 12:40 - 2011-10-13 20:57 - 00000000 ___RD () C:\Documents and Settings\Kamil\Menu Start\Programy 2014-05-20 12:14 - 2014-05-05 17:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WPM 2014-05-15 15:02 - 2012-10-04 14:11 - 00000000 ____D () C:\Documents and Settings\Kamil\Dane aplikacji\Malwarebytes 2014-05-15 15:02 - 2012-10-04 14:10 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ ADDITION.TXT Additional scan result of Farbar Recovery Scan Tool (x86) Version:12-06-2014 02 Ran by Kamil at 2014-06-14 13:05:58 Running from C:\Documents and Settings\Kamil\Pulpit Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0} AV: ESET Smart Security 5.2 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Zapora osobista (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} FW: Kaspersky Internet Security (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0} ==================== Installed Programs ====================== µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0415-1E257A25E34D}) (Version: 9.0 - Nazwa firmy.) Adobe Photoshop CS2 (Version: 9.0 - Nazwa firmy.) Hidden Adobe Reader X (10.1.10) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Aktualizacja dla systemu Windows XP (KB911164) (Version: 1 - Microsoft Corporation) Hidden Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation) Aktualizacje NVIDIA 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) AMD Catalyst Install Manager (HKLM\...\{44A07805-6BBB-0451-C259-DF42F010509C}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - ) Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1445.26409 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (Version: 2012.1116.1445.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help English (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help French (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help German (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (Version: 2012.1116.1444.26409 - Advanced Micro Devices, Inc.) Hidden ccc-utility (Version: 2012.1116.1445.26409 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform) Defraggler (HKLM\...\Defraggler) (Version: 2.14 - Piriform) Detektor Winampa (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) ESET Smart Security (HKLM\...\{ED3A19B5-716E-4069-8168-2BDE5E7F91BA}) (Version: 5.2.9.12 - ESET, spol. s r.o.) EXPERTool v8.9 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.9.1.1 - Gainward Co. Ltd.) Free Video to JPG Converter version 5.0.28.827 (HKLM\...\Free Video to JPG Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.) GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) ICatch (VI) PC Camera (HKLM\...\{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}) (Version: - ) J2SE Runtime Environment 5.0 Update 9 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150090}) (Version: 1.5.0.90 - Sun Microsystems, Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JetClean (HKLM\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig) Kadu 0.12.3 (HKLM\...\Kadu) (Version: 0.12.3 - Kadu Team) K-Lite Mega Codec Pack 4.4.2 (HKLM\...\KLiteCodecPack_is1) (Version: 4.4.2 - ) Last.fm Scrobbler 2.1.36 (HKLM\...\LastFM_is1) (Version: - Last.fm) Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Media Player Classic - Home Cinema v1.5.3.3757 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.3.3757 - MPC-HC Team) <==== ATTENTION Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 29.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation) Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1045}) (Version: 7.03.1303 - Nero AG) neroxml (Version: 1.0.0 - Nero AG) Hidden NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) NVIDIA Install Application (Version: 2.1002.115.743 - NVIDIA Corporation) Hidden NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA PhysX (Version: 9.12.1031 - NVIDIA Corporation) Hidden NVIDIA Sterownik dźwięku HD 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Odkurzacz (HKLM\...\Odkurzacz 13.4_is1) (Version: 13.4.0.1685 - FranmoSoftware - Maciej Opaliński) Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) Panel sterowania NVIDIA 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Skype™ 6.0 (HKLM\...\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}) (Version: 6.0.120 - Skype Technologies S.A.) SlimCleaner (HKLM\...\{D0E2AD1D-07B7-491C-8877-171A03680AE0}) (Version: 4.0.29702 - SlimWare Utilities, Inc.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com) Tetpic 4000(v2.6 Full Version) (HKLM\...\Tetpic 4000(v2.6 Full Version)) (Version: - ) Tetris 5000 (HKLM\...\{8C676E78-9169-43FB-9A56-415DF6DE50EE}) (Version: 1.0.0 - Tetris 5000) Ulead GIF Animator 5 ESD (HKLM\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - ) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Vimicro USB PC Camera (HKLM\...\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}) (Version: 1.00.000 - ) Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - ) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) xp-AntiSpy 3.98-2 (HKLM\...\xp-AntiSpy) (Version: - Christian Taubenheim) Zune Desktop Theme (HKLM\...\{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}) (Version: 1.0.5341.0 - Microsoft Corporation) ==================== Restore Points ========================= 01-05-2014 08:39:27 Usunięte Realtek AC'97 Audio 03-05-2014 09:26:27 Punkt kontrolny systemu 04-05-2014 11:23:21 Punkt kontrolny systemu 08-05-2014 15:46:38 Punkt kontrolny systemu 11-05-2014 17:40:19 Punkt kontrolny systemu 13-05-2014 12:37:01 Punkt kontrolny systemu 14-05-2014 16:28:30 Punkt kontrolny systemu 22-05-2014 15:02:28 Punkt kontrolny systemu 24-05-2014 13:24:54 Punkt kontrolny systemu 26-05-2014 11:01:53 Punkt kontrolny systemu 28-05-2014 15:34:55 Punkt kontrolny systemu 30-05-2014 15:47:24 Punkt kontrolny systemu 06-06-2014 17:09:40 Punkt kontrolny systemu 08-06-2014 12:58:14 Punkt kontrolny systemu 09-06-2014 14:23:51 Punkt kontrolny systemu 11-06-2014 16:50:45 Punkt kontrolny systemu 13-06-2014 11:33:20 Punkt kontrolny systemu ==================== Hosts content: ========================== 2006-03-02 14:00 - 2006-03-02 14:00 - 00000742 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\JetCleanLoginCheckUpdate.job => C:\Program Files\BlueSprig\JetClean\AutoUpdate.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-616249376-682003330-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-616249376-682003330-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (whitelisted) ============= 2011-10-13 22:41 - 2006-04-18 18:15 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll 2014-05-08 13:22 - 2014-05-08 13:22 - 00300544 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL 2006-03-02 14:00 - 2006-03-02 14:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2013-08-28 12:13 - 2013-03-15 07:47 - 00357224 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll 2013-01-16 21:18 - 2013-09-03 14:01 - 00736768 _____ () D:\Program Files\Last.fm\unicorn.dll 2013-01-16 21:18 - 2013-09-03 14:01 - 00032768 _____ () D:\Program Files\Last.fm\logger.dll 2013-01-16 21:18 - 2013-09-03 10:54 - 00351232 _____ () D:\Program Files\Last.fm\lastfm.dll 2013-01-16 21:18 - 2013-09-03 14:01 - 00126976 _____ () D:\Program Files\Last.fm\listener.dll 2013-01-16 21:18 - 2013-01-18 12:39 - 00302592 _____ () D:\Program Files\Last.fm\phonon.dll 2013-02-05 15:36 - 2013-01-18 12:49 - 00182784 _____ () D:\Program Files\Last.fm\plugins\phonon_backend\phonon_vlc.dll 2013-01-16 21:18 - 2012-12-13 01:12 - 00111104 _____ () D:\Program Files\Last.fm\libvlc.dll 2013-01-16 21:18 - 2012-12-13 01:13 - 02286592 _____ () D:\Program Files\Last.fm\libvlccore.dll 2014-04-26 15:23 - 2012-12-13 01:13 - 00049664 _____ () D:\Program Files\Last.fm\plugins\audio_output\libaout_directx_plugin.dll 2014-06-14 11:56 - 2014-06-14 11:56 - 00011264 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\auth.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00066560 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\burnlib.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00012800 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\dsp_sps.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006656 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_fhgaac.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004096 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_flac.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005632 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_lame.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004096 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_vorbis.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004096 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_wav.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006144 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\enc_wma.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007168 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_crasher.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00022016 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_ff.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00011776 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_hotkeys.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00040960 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_jumpex.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00021504 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_ml.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007680 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\gen_tray.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005120 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_avi.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00013312 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_cdda.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007168 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_dshow.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006144 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_flac.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_flv.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_linein.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00020992 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_midi.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004608 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mkv.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00018432 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mod.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00022528 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mp3.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004608 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_mp4.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00011264 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_nsv.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_swf.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00011264 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_vorbis.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005632 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_wave.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00014848 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\in_wm.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_addons.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007168 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_autotag.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005120 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_bookmarks.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00025088 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_cloud.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007680 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_devices.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00047616 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_disc.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00009216 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_downloads.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00009216 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_history.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005120 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_impex.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00054784 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_local.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_nowplaying.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00014336 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_online.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00017920 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_playlists.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00012800 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_plg.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00057344 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_pmp.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00005120 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_rg.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00008192 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_transcode.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00014848 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ml_wire.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00036864 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\ombrowser.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006144 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_disk.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00016896 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_ds.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007168 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\out_wave.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003072 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\playlist.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004608 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_activesync.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00010752 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_android.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007680 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_cloud.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006656 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_ipod.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_njb.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00004096 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_p4s.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00010752 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_usb.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00045056 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\pmp_wifi.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00006144 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\tagz.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00087552 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_avs.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00161792 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_milk2.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00007680 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\vis_nsfs.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00333824 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\winamp.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003584 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\winampa.lng 2014-06-14 11:56 - 2014-06-14 11:56 - 00003072 _____ () C:\Documents and Settings\Kamil\Ustawienia lokalne\Temp\WPL5E14.tmp\xspf.lng 2013-07-24 00:57 - 2013-07-24 00:57 - 00340992 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac 2014-05-10 12:35 - 2014-05-10 12:35 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: CTFMON.EXE => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: FixMyRegistry => C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss MSCONFIG\startupreg: FlashPlayerUpdate => MSCONFIG\startupreg: LightScribe Control Panel => MSCONFIG\startupreg: Malwarebytes Anti-Malware => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: NvMediaCenter => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login MSCONFIG\startupreg: nwiz => nwiz.exe /install MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss MSCONFIG\startupreg: SunJavaUpdateSched => MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: TBPanel => "C:\Program Files\EXPERTool\TBPanel.exe" /A MSCONFIG\startupreg: TNOD UP => "C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe" /i MSCONFIG\startupreg: WinampAgent => C:\Program Files\Winamp\winampa.exe ==================== Faulty Device Manager Devices ============= Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/05/2014 02:56:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd winamp.exe, wersja 5.6.5.3438, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x00018af2. Przetwarzanie zdarzenia określonego nośnika dla [winamp.exe!ws!] Error: (05/09/2014 03:58:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd winamp.exe, wersja 5.6.5.3438, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x00010cce. Przetwarzanie zdarzenia określonego nośnika dla [winamp.exe!ws!] Error: (05/07/2014 10:50:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd mpc-hc.exe, wersja 1.5.3.3757, adres błędu 0x001166bc. Przetwarzanie zdarzenia określonego nośnika dla [mpc-hc.exe!ws!] Error: (05/05/2014 05:52:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd au_.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00ca91e5. Przetwarzanie zdarzenia określonego nośnika dla [au_.exe!ws!] Error: (04/30/2014 11:02:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd egui.exe, wersja 5.2.7.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x003d0291. Przetwarzanie zdarzenia określonego nośnika dla [egui.exe!ws!] Error: (04/30/2014 11:01:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd egui.exe, wersja 5.2.7.0, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x00018af2. Przetwarzanie zdarzenia określonego nośnika dla [egui.exe!ws!] Error: (04/29/2014 04:48:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd mplayerc.exe, wersja 1.2.929.0, moduł powodujący błąd ntdll.dll, wersja 5.1.2600.3520, adres błędu 0x00010a19. Przetwarzanie zdarzenia określonego nośnika dla [mplayerc.exe!ws!] Error: (04/29/2014 04:47:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd mpc-hc.exe, wersja 1.5.3.3757, adres błędu 0x00297343. Przetwarzanie zdarzenia określonego nośnika dla [mpc-hc.exe!ws!] Error: (04/29/2014 04:39:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Przetwarzanie zdarzenia określonego nośnika dla [mpc-hc.exe!ws!] Error: (04/29/2014 04:31:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd mpc-hc.exe, wersja 1.5.3.3757, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.3541, adres błędu 0x00012a6b. Przetwarzanie zdarzenia określonego nośnika dla [mpc-hc.exe!ws!] System errors: ============= Error: (06/14/2014 11:54:49 AM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error: (06/13/2014 11:20:34 PM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error: (06/13/2014 11:20:02 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error: (06/13/2014 09:57:23 PM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error: (06/13/2014 09:56:49 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error: (06/13/2014 04:37:03 PM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error: (06/13/2014 04:36:30 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error: (06/13/2014 00:54:36 PM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Error: (06/13/2014 00:54:04 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Adres IP połączenia 84.38.81.173 dla karty sieciowej o adresie 001731970CA2 został zabroniony przez serwer DHCP 0.0.0.0 (Serwer DHCP wysłał komunikat DHCPNACK). Error: (06/13/2014 08:21:57 AM) (Source: Dhcp) (EventID: 1000) (User: ) Description: Komputer utracił połączenie dla swojego adresu IP 192.168.100.10 na karcie sieciowej o adresie sieciowym 001731970CA2. Microsoft Office Sessions: ========================= Error: (06/05/2014 02:56:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: winamp.exe5.6.5.3438ntdll.dll5.1.2600.352000018af2 Error: (05/09/2014 03:58:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: winamp.exe5.6.5.3438ntdll.dll5.1.2600.352000010cce Error: (05/07/2014 10:50:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc.exe1.5.3.3757mpc-hc.exe1.5.3.3757001166bc Error: (05/05/2014 05:52:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: au_.exe0.0.0.0unknown0.0.0.000ca91e5 Error: (04/30/2014 11:02:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: egui.exe5.2.7.0unknown0.0.0.0003d0291 Error: (04/30/2014 11:01:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: egui.exe5.2.7.0ntdll.dll5.1.2600.352000018af2 Error: (04/29/2014 04:48:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mplayerc.exe1.2.929.0ntdll.dll5.1.2600.352000010a19 Error: (04/29/2014 04:47:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc.exe1.5.3.3757mpc-hc.exe1.5.3.375700297343 Error: (04/29/2014 04:39:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc.exe1.5.3.3757kernel32.dll5.1.2600.354100012a6b Error: (04/29/2014 04:31:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mpc-hc.exe1.5.3.3757kernel32.dll5.1.2600.354100012a6b ==================== Memory info =========================== Percentage of memory in use: 48% Total physical RAM: 511.48 MB Available physical RAM: 260.99 MB Total Pagefile: 1248.76 MB Available Pagefile: 858.88 MB Total Virtual: 2047.88 MB Available Virtual: 1930.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:14.65 GB) (Free:5.38 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:29.3 GB) (Free:4.89 GB) NTFS Drive e: () (Fixed) (Total:30.56 GB) (Free:0.68 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 75 GB) (Disk ID: 32673266) Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=60 GB) - (Type=OF Extended) ==================== End Of Log ============================
Zayfi komentarz 14 czerwca 2014 komentarz 14 czerwca 2014 Infekcji nie ma. Masz po prostu nieaktualny system OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kamil\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Zainstaluj SP3, bez tego nie bedzie aktualizacji. http://www.microsoft.com/downloads/pl-pl/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.