Witam.
Zwracam się się z prośbą o sprawdzenie log'ów. Przeskanowałem komputer CFx'em i Hijack'em ponieważ ostatnio zauważyłem niepokojące mnie zjawiska.
Czy mogli byście sprawdzić mi logi?
Logi - Dziwne zjawiska
Rozpoczęty przez
hary
, 02 03 2010 22:00
-
Temat jest zamknięty
6 odpowiedzi w tym temacie
#2
Krzychu25
-
-
- 1 045 postów
Zaawansowany użytkownik
Napisano 02 03 2010 - 22:08
Przed zadaniem nam pytania:
3. Zrób logi przy pomocy programów: OTL, GMER, Silent Runners
Tamte programy co masz to już nie aktualne
3. Zrób logi przy pomocy programów: OTL, GMER, Silent Runners
Tamte programy co masz to już nie aktualne
#3
hary
-
-
- 791 postów
The Untouchable
Napisano 02 03 2010 - 22:11
okey już biorę się do pracy ...
---------------------------------
oto logi:
OTL & exstras
silent runners
nie mogłem zapisać logów z programu GMER...
---------------------------------
oto logi:
OTL & exstras
OTL logfile created on: 2010-03-02 20:13:51 - Run 1OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\hary\Moje dokumenty\PobieranieWindows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 48,89 Gb Total Space | 25,25 Gb Free Space | 51,65% Space Free | Partition Type: NTFSDrive D: | 78,42 Gb Total Space | 60,25 Gb Free Space | 76,83% Space Free | Partition Type: NTFSDrive E: | 105,57 Gb Total Space | 62,32 Gb Free Space | 59,03% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GREGGCurrent User Name: haryLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-03-02 20:12:11 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hary\Moje dokumenty\Pobieranie\OTL.exePRC - [2010-02-23 13:53:47 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exePRC - [2010-01-16 03:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-11-11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exePRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exePRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exePRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exePRC - [2009-08-20 18:01:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exePRC - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exePRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exePRC - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exePRC - [2009-03-02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exePRC - [2008-04-14 17:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2007-02-08 00:13:48 | 000,774,168 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exePRC - [2007-02-08 00:12:48 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exePRC - [2007-02-08 00:12:20 | 000,230,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exePRC - [2007-02-06 16:43:26 | 000,252,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exePRC - [2006-10-11 11:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exePRC - [2006-09-20 07:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exePRC - [2006-09-19 15:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exePRC - [2005-06-13 14:45:54 | 000,827,392 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLanCfgG.exePRC - [2004-03-29 15:08:16 | 000,049,152 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLService.exe ========== Modules (SafeList) ========== MOD - [2010-03-02 20:12:11 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hary\Moje dokumenty\Pobieranie\OTL.exeMOD - [2010-02-23 13:54:35 | 000,118,784 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dllMOD - [2010-02-23 13:53:48 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dllMOD - [2009-08-13 13:56:27 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dllMOD - [2006-10-04 21:07:12 | 000,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dllMOD - [2003-02-21 03:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSVCR71.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)SRV - [2009-11-06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)SRV - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)SRV - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)SRV - [2007-02-06 16:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)SRV - [2007-02-06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)SRV - [2006-10-26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)SRV - [2005-04-03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)SRV - [2004-03-29 15:08:16 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\F5D7051\WLService.exe -- (Belkin High-Speed Mode Wireless G USB Network Adapter Service) ========== Driver Services (SafeList) ========== DRV - [2009-12-07 18:36:24 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)DRV - [2009-08-21 09:45:43 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)DRV - [2009-08-20 17:40:21 | 000,017,801 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)DRV - [2009-06-19 11:59:10 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)DRV - [2009-06-19 11:59:04 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)DRV - [2009-06-19 11:59:02 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)DRV - [2009-05-11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)DRV - [2009-04-28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)DRV - [2009-03-30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)DRV - [2009-02-13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)DRV - [2008-11-19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)DRV - [2008-11-19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)DRV - [2008-11-19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)DRV - [2008-04-13 19:45:36 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)DRV - [2008-04-13 18:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)DRV - [2008-04-13 18:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)DRV - [2008-04-13 18:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)DRV - [2008-04-13 16:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)DRV - [2008-04-13 16:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2008-02-28 05:34:00 | 006,663,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)DRV - [2007-02-06 16:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)DRV - [2007-02-06 16:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)DRV - [2007-02-06 16:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)DRV - [2007-02-03 09:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)DRV - [2007-02-03 09:27:28 | 000,938,272 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)DRV - [2007-02-03 09:27:16 | 000,014,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)DRV - [2006-09-12 20:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)DRV - [2006-09-12 04:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)DRV - [2006-08-21 22:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)DRV - [2004-08-13 10:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)DRV - [2003-09-25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)DRV - [2001-08-17 20:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web"FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"FF - prefs.js..browser.search.selectedEngine: "XfireXO Customized Web Search"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-01-05 20:43:25 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-02-23 13:54:36 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-23 13:54:29 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-02 13:43:45 | 000,000,000 | ---D | M] [2009-08-21 13:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Extensions[2010-03-09 17:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions[2009-09-20 11:49:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2009-12-29 15:25:12 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}[2009-12-07 11:38:26 | 000,000,000 | ---D | M] (gTranslate) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}[2009-12-23 18:59:08 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\conduit.xml[2009-12-23 09:52:28 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\translaticapl---angielsko-polski.xml[2009-12-23 09:52:19 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\translaticapl---polsko-angielski.xml[2010-03-10 23:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-01-13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll[2010-01-16 01:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2010-01-16 01:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-01-16 01:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-01-16 01:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-01-16 01:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-01-16 01:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-02-26 23:03:28 | 000,331,173 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: 127.0.0.1 www.007guard.comO1 - Hosts: 127.0.0.1 007guard.comO1 - Hosts: 127.0.0.1 008i.comO1 - Hosts: 127.0.0.1 www.008k.comO1 - Hosts: 127.0.0.1 008k.comO1 - Hosts: 127.0.0.1 www.00hq.comO1 - Hosts: 127.0.0.1 00hq.comO1 - Hosts: 127.0.0.1 010402.comO1 - Hosts: 127.0.0.1 www.032439.comO1 - Hosts: 127.0.0.1 032439.comO1 - Hosts: 127.0.0.1 www.0scan.comO1 - Hosts: 127.0.0.1 0scan.comO1 - Hosts: 127.0.0.1 1000gratisproben.comO1 - Hosts: 127.0.0.1 www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.comO1 - Hosts: 127.0.0.1 www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.comO1 - Hosts: 127.0.0.1 www.100888290cs.comO1 - Hosts: 127.0.0.1 www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.comO1 - Hosts: 127.0.0.1 www.10sek.comO1 - Hosts: 127.0.0.1 www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.comO1 - Hosts: 11344 more lines...O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()O4 - HKCU..\Run: [EPSON SX510W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)O4 - Startup: C:\Documents and Settings\hary\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-08-20 17:12:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O33 - MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\Shell\AutoRun\command - "" = H:\s1.exe -- File not foundO33 - MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\Shell\open\Command - "" = H:\s1.exe -- File not foundO33 - MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\Shell\AutoRun\command - "" = H:\s1.exe -- File not foundO33 - MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\Shell\open\Command - "" = H:\s1.exe -- File not foundO34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35 - comfile [open] -- "%1" %*O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-03-09 15:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony[2010-03-08 21:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2010-03-08 21:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Boilsoft Video Joiner[2010-03-08 21:37:23 | 000,073,728 | ---- | C] ( ) -- C:\WINDOWS\System\vdremote.dll[2010-03-08 21:37:23 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System\vdsvrlnk.dll[2010-03-02 19:54:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2010-03-02 19:41:04 | 000,000,000 | RHSD | C] -- C:\cmdcons[2010-03-02 19:38:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2010-03-02 19:38:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2010-03-02 19:38:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2010-03-02 19:38:40 | 000,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe[2010-03-02 19:38:40 | 000,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2010-03-02 19:38:16 | 000,000,000 | ---D | C] -- C:\Qoobox[2010-03-02 19:38:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2010-03-02 19:38:15 | 000,000,000 | ---D | C] -- C:\ComboFix[2010-03-02 13:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2010-02-26 16:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\XfireXO[2010-02-24 22:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Moje dokumenty\hary i baby[2010-02-24 15:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar[2010-02-23 13:54:29 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll[2010-02-23 13:54:24 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll[2010-02-23 13:54:24 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll[2010-02-23 13:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared[2010-02-23 13:53:48 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll[2010-02-23 13:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Real[2010-02-23 13:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real[2010-02-23 13:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real[2010-02-23 13:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Real[2010-02-23 13:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\WinZip[2010-02-23 13:37:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip[2010-02-23 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip[2010-02-19 10:57:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll[2010-02-19 10:57:09 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll[2010-02-19 10:57:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs[2010-02-19 10:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect[2010-02-19 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar[2010-02-19 10:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar[2010-02-17 00:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Sun[2010-02-16 15:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Azureus[2010-02-16 15:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Azureus[2010-02-14 13:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\FastStone[2010-02-14 13:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Photo Resizer[2010-02-14 11:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Mp3tag[2010-02-14 11:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag[2010-02-12 21:22:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump[2010-02-02 10:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Screamer Radio[2009-12-29 15:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire[2009-12-18 16:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple[2009-12-05 16:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google[2009-11-16 22:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-11-16 22:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Temp[2009-10-06 13:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google[2009-08-27 08:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Google[2009-08-27 08:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Macromedia[2009-08-27 08:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe[2009-08-27 08:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-08-27 08:07:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft[2009-08-21 13:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla[2009-08-21 13:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla[2009-08-20 17:12:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-03-11 00:52:42 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A71BEF23-ED52-4F43-BE54-6A994587F05D}.job[2010-03-11 00:41:36 | 000,000,212 | ---- | M] () -- C:\WINDOWS\wininit.ini[2010-03-10 13:20:48 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-03-10 12:53:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job[2010-03-10 12:34:14 | 000,016,529 | R--- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\akt35.jpeg[2010-03-10 12:24:53 | 000,053,425 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Funny-Picture.jpg[2010-03-10 11:30:31 | 007,871,253 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\zwirek muchomotek.flv[2010-03-10 10:54:31 | 045,109,535 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Hitler w poszukiwaniu elektro.flv[2010-03-09 19:42:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-03-09 15:45:40 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\DVD Architect Studio 4.5.lnk[2010-03-09 15:42:35 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\Vegas Movie Studio 9.0.lnk[2010-03-09 14:44:10 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-03-08 21:54:56 | 000,098,304 | RHS- | M] () -- C:\s1.exe[2010-03-08 21:44:15 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Boilsoft Video Joiner.lnk[2010-03-02 20:07:53 | 000,017,107 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\Combo fix log Microsoft Office Word.docx[2010-03-02 19:56:51 | 000,014,267 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\hijack log Microsoft Office Word.docx[2010-03-02 19:54:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job[2010-03-02 19:43:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-03-02 19:42:39 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2010-03-02 19:41:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini[2010-03-02 19:31:39 | 000,097,280 | RHS- | M] () -- C:\fk.exe[2010-03-02 19:30:45 | 000,171,862 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2010-03-02 19:30:45 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-03-02 19:30:42 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-03-02 19:30:36 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job[2010-03-02 19:30:35 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-03-02 19:30:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-03-02 19:29:25 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\hary\ntuser.dat[2010-03-02 19:29:12 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\hary\ntuser.ini[2010-03-02 15:32:11 | 000,096,768 | RHS- | M] () -- C:\k1d.exe[2010-03-02 13:41:14 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\HijackThis.lnk[2010-03-02 11:17:15 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-02-26 23:03:28 | 000,331,173 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2010-02-26 16:04:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2010-02-25 03:00:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2010-02-23 14:15:42 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\ALLPlayer V3.1.lnk[2010-02-23 13:54:29 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll[2010-02-23 13:54:24 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll[2010-02-23 13:54:24 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll[2010-02-23 13:53:48 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll[2010-02-23 13:53:48 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll[2010-02-22 21:32:08 | 000,019,280 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\luki.jpg[2010-02-21 10:40:54 | 016,825,696 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\gein-the_sermon.mp3[2010-02-21 10:15:51 | 015,065,339 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Current Value & Snow-Edge Of Dreams.mp3[2010-02-19 10:57:14 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Winamp.lnk[2010-02-18 23:09:25 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2010-02-14 13:56:47 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\FastStone Photo Resizer.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Mp3tag.lnk[2010-02-14 10:47:38 | 013,289,472 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Oceanic.mp3[2010-02-14 09:32:51 | 012,732,416 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\01_knockout.mp3[2010-02-06 09:02:12 | 000,398,871 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\doda.jpg[2010-02-06 08:58:51 | 000,208,686 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\doda tatuaz.jpg[2010-02-06 08:55:06 | 000,045,612 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\img91139.tatuaze.209410.jpg[2010-02-05 02:09:55 | 000,027,908 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\426598d-84ec10.jpg[2010-02-04 22:55:02 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk[2010-02-04 02:12:11 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Adobe Reader 9.lnk[2010-02-04 00:51:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NEWSOFT[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-03-11 00:41:35 | 000,000,212 | ---- | C] () -- C:\WINDOWS\wininit.ini[2010-03-10 22:44:55 | 000,096,768 | RHS- | C] () -- C:\k1d.exe[2010-03-10 12:34:14 | 000,016,529 | R--- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\akt35.jpeg[2010-03-10 12:24:52 | 000,053,425 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Funny-Picture.jpg[2010-03-10 11:28:16 | 007,871,253 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\zwirek muchomotek.flv[2010-03-10 10:46:58 | 045,109,535 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Hitler w poszukiwaniu elektro.flv[2010-03-09 15:45:40 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\DVD Architect Studio 4.5.lnk[2010-03-09 15:42:35 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\Vegas Movie Studio 9.0.lnk[2010-03-08 21:55:23 | 000,098,304 | RHS- | C] () -- C:\s1.exe[2010-03-08 21:44:15 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Boilsoft Video Joiner.lnk[2010-03-02 19:53:50 | 000,017,107 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\Combo fix log Microsoft Office Word.docx[2010-03-02 19:53:50 | 000,014,267 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\hijack log Microsoft Office Word.docx[2010-03-02 19:41:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2010-03-02 19:41:04 | 000,262,400 | ---- | C] () -- C:\cmldr[2010-03-02 19:38:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2010-03-02 19:38:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2010-03-02 19:38:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2010-03-02 19:38:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe[2010-03-02 19:32:05 | 000,097,280 | RHS- | C] () -- C:\fk.exe[2010-03-02 13:41:14 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\HijackThis.lnk[2010-02-24 18:37:35 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-02-24 18:37:35 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-02-23 14:15:42 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\ALLPlayer V3.1.lnk[2010-02-23 13:54:40 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-02-23 13:54:39 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-02-22 21:32:07 | 000,019,280 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\luki.jpg[2010-02-21 10:31:31 | 016,825,696 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\gein-the_sermon.mp3[2010-02-21 10:07:19 | 015,065,339 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Current Value & Snow-Edge Of Dreams.mp3[2010-02-14 13:56:47 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\FastStone Photo Resizer.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Mp3tag.lnk[2010-02-14 11:15:31 | 000,145,576 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\why-so-serious.jpg[2010-02-14 10:41:22 | 013,289,472 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Oceanic.mp3[2010-02-14 09:27:14 | 012,732,416 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\01_knockout.mp3[2010-02-06 09:02:11 | 000,398,871 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\doda.jpg[2010-02-06 08:58:51 | 000,208,686 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\doda tatuaz.jpg[2010-02-06 08:55:05 | 000,045,612 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\img91139.tatuaze.209410.jpg[2010-02-05 02:07:52 | 000,027,908 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\426598d-84ec10.jpg[2010-02-04 22:55:02 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk[2010-02-04 02:12:11 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Adobe Reader 9.lnk[2010-01-25 01:19:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI[2010-01-23 12:46:42 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini[2009-09-30 14:33:27 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI[2009-09-29 11:12:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL[2009-09-29 11:10:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll[2009-09-29 11:08:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI[2009-09-20 16:46:23 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll[2009-09-20 16:46:23 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll[2009-09-20 16:46:22 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll[2009-09-20 16:46:22 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll[2009-09-20 16:46:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll[2009-09-20 16:46:12 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-09-18 10:17:55 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll[2009-09-15 22:54:19 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini[2009-09-02 12:37:59 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll[2009-09-01 11:52:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll[2009-09-01 11:52:27 | 000,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini[2009-08-26 18:18:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-08-23 13:51:27 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini[2009-08-23 09:57:26 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini[2009-08-22 15:41:56 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log[2009-08-21 13:08:03 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-08-21 09:49:15 | 000,000,055 | ---- | C] () -- C:\WINDOWS\QRPhotoDVDSlideshow.INI[2009-08-20 17:40:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\F5D7051.dll[2009-08-20 17:40:06 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll[2009-08-20 17:28:47 | 000,015,158 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2009-08-20 17:28:47 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys[2009-08-20 17:28:39 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2008-07-23 16:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2008-07-23 16:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest[2008-02-28 05:34:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2008-02-28 05:34:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2008-02-28 05:34:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2008-02-28 05:34:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2008-02-28 05:34:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2007-02-06 16:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys[2007-02-06 16:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys[2005-10-14 09:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll[2005-10-14 09:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll[2005-10-14 09:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll[2005-10-14 09:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2005-10-14 09:56:50 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll[2005-10-14 09:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll[2005-10-14 09:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll[2005-03-30 04:13:22 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll< End of report >OTL Extras logfile created on: 2010-03-02 20:13:51 - Run 1OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\hary\Moje dokumenty\PobieranieWindows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 48,89 Gb Total Space | 25,25 Gb Free Space | 51,65% Space Free | Partition Type: NTFSDrive D: | 78,42 Gb Total Space | 60,25 Gb Free Space | 76,83% Space Free | Partition Type: NTFSDrive E: | 105,57 Gb Total Space | 62,32 Gb Free Space | 59,03% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GREGGCurrent User Name: haryLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DoNotAllowExceptions" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.)"C:\Program Files\Soulseek-Test\slsk.exe" = C:\Program Files\Soulseek-Test\slsk.exe:*:Enabled:SoulSeek -- ()"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page"{807275BF-1746-4B81-89FA-E776094678E7}" = Vegas Movie Studio 9.0"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime"{98F9C802-BEA1-4570-A677-10AFBD8C2B85}" = LightScribe Diagnostic Utility"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint"{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy"{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit"{CA832FE2-4E56-4B4C-A56F-1AEB7B71A8A9}" = Belkin High-Speed Mode Wireless G USB Network Adapter"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinstalowuj LG PC Suite III"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision"{F59A3B93-6C1C-4C3E-BCC4-4897490E2963}" = LG Bluetooth Drivers"{F6C5F1A1-F459-498F-A50A-EE6C80799D3B}" = Cinescore Studio 1.0"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)"AC3Filter" = AC3Filter (remove only)"Adobe AIR" = Adobe AIR"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"Adobe Shockwave Player" = Adobe Shockwave Player 11.5"ALLPlayer V3.1_is1" = ALLPlayer V3.X"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus"Azureus" = Azureus"Boilsoft Video Joiner_is1" = Boilsoft Video Joiner 5.32"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0"CWK" = CWK (Czasowy Wyłącznik Komputera)"DirectVobSub" = DirectVobSub (remove only)"ENTERPRISE" = Microsoft Office Enterprise 2007"Epson Printer Software Downloader" = Epson Printer Software Downloader"EPSON Scanner" = EPSON Scan"Epson Stylus SX510W_TX550W User’s Guide" = Epson Stylus SX510W_TX550W Manual"EPSON SX510W Series" = EPSON SX510W Series Printer Uninstall"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20"FastStone Photo Resizer" = FastStone Photo Resizer 2.9"Google Chrome" = Google Chrome"HaaliMkx" = Haali Media Splitter"HijackThis" = HijackThis 2.0.2"ie8" = Windows Internet Explorer 8"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager"KC Softwares PhotoToFilm_is1" = KC Softwares PhotoToFilm"Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)"Mp3tag" = Mp3tag v2.45a"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2"Nokia PC Suite" = Nokia PC Suite"Nowe Gadu-Gadu" = Nowe Gadu-Gadu"NVIDIA Drivers" = NVIDIA Drivers"PSPMovieCreator" = PSP Movie Creator(remove only)"QcDrv" = Camera Driver"RealPlayer 12.0" = RealPlayer"Soulseek2" = SoulSeek Client 157 test 12"SubEdit-Player_is1" = SubEdit-Player"uTorrent" = µTorrent"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7"Winamp" = Winamp"Winamp Toolbar" = Winamp Toolbar"Windows Media Format Runtime" = Windows Media Format 11 runtime"Windows Media Player" = Windows Media Player 11"Windows XP Service Pack" = Windows XP Service Pack 3"WinRAR archiver" = WinRAR archiver"WMFDist11" = Windows Media Format 11 runtime"wmp11" = Windows Media Player 11"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7"Xilisoft Video Converter" = Xilisoft Video Converter 3"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 2009-11-16 18:44:16 | Computer Name = GREGG | Source = Avira AntiVir | ID = 4109Description = The engine file has been modified or destroyed! Returned error code: 0x9 Error - 2009-11-16 18:44:31 | Computer Name = GREGG | Source = LoadPerf | ID = 3001Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jestniepoprawnie sformatowana. Nieprawdziwy ciąg to 5344, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2009-11-16 18:44:31 | Computer Name = GREGG | Source = LoadPerf | ID = 3001Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jestniepoprawnie sformatowana. Nieprawdziwy ciąg to 5344, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2009-11-16 18:44:31 | Computer Name = GREGG | Source = LoadPerf | ID = 3011Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2009-11-16 18:44:34 | Computer Name = GREGG | Source = LoadPerf | ID = 3001Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jestniepoprawnie sformatowana. Nieprawdziwy ciąg to 5344, nieprawdziwa wartość indeksu to pierwszy wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe wartości indeksu to drugi i trzeci wpis DWORD w sekcji danych. Error - 2009-11-16 18:46:35 | Computer Name = GREGG | Source = Avira AntiVir | ID = 4109Description = The engine file has been modified or destroyed! Returned error code: 0x9 Error - 2009-11-16 18:47:16 | Computer Name = GREGG | Source = Avira AntiVir | ID = 4109Description = The engine file has been modified or destroyed! Returned error code: 0x9 Error - 2009-11-16 18:47:46 | Computer Name = GREGG | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca avcenter.exe, wersja 9.0.0.18, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2009-11-16 18:54:18 | Computer Name = GREGG | Source = Avira AntiVir | ID = 4109Description = The engine file has been modified or destroyed! Returned error code: 0x9 Error - 2009-11-16 18:55:50 | Computer Name = GREGG | Source = Avira AntiVir | ID = 4109Description = The engine file has been modified or destroyed! Returned error code: 0x9 [ System Events ]Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 12:20:22 | Computer Name = GREGG | Source = Service Control Manager | ID = 7023Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2010-03-02 15:38:40 | Computer Name = GREGG | Source = Service Control Manager | ID = 7034Description = Usługa Process Monitor niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >
silent runners
"Silent Runners.vbs", revision 60, http://www.silentrunners.org/Operating System: Windows XP SP3Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]"swg" = ""C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"" ["Google Inc."]"LightScribe Control Panel" = "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" ["Hewlett-Packard Company"]"PC Suite Tray" = ""C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray" ["Nokia"]"EPSON SX510W Series" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\WINDOWS\TEMP\E_S9.tmp" /EF "HKCU"" ["SEIKO EPSON CORPORATION"]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"SkyTel" = "SkyTel.EXE" ["Realtek Semiconductor Corp."]"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]"GrooveMonitor" = ""C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"" [MS]"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]"LogitechCommunicationsManager" = ""C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"" ["Logitech Inc."]"LogitechQuickCamRibbon" = ""C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide" ["Logitech Inc."]"SSBkgdUpdate" = ""C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot" ["Nuance Communications, Inc."]"OpwareSE4" = ""C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"" ["ScanSoft, Inc."]"WrtMon.exe" = "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe" [empty string]"avgnt" = ""C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min" ["Avira GmbH"]"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Inc."]"EEventManager" = "C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe" ["SEIKO EPSON CORPORATION"]"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]"Adobe ARM" = ""C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"" ["Adobe Systems Incorporated"]"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub" -> {HKLM...CLSID} = "Adobe PDF Link Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\(Default) = "Skype add-on (mastermind)" -> {HKLM...CLSID} = "Skype add-on (mastermind)" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\(Default) = "Winamp Toolbar Loader" -> {HKLM...CLSID} = "Winamp Toolbar Loader" \InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC."]{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided) -> {HKLM...CLSID} = "RealPlayer Download and Record Plugin for Internet Explorer" \InProcServer32\(Default) = "C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll" ["RealPlayer"]{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided) -> {HKLM...CLSID} = "Spybot-S&D IE Protection" \InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = "Groove GFS Browser Helper" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Easy Photo Print" \InProcServer32\(Default) = "C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll" ["SEIKO EPSON CORPORATION / CyCom Technology Corp."]{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Notifier BHO" \InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll" ["Google Inc."]{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\(Default) = "Google Dictionary Compression sdch" -> {HKLM...CLSID} = "Google Dictionary Compression sdch" \InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll" ["Google Inc."]{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper" \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl" -> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\(Default) = (no title provided) -> {HKLM...CLSID} = "EpsonToolBandKicker Class" \InProcServer32\(Default) = "C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = "{16F3DD56-1AF5-4347-846D-7C10C4192619}" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found]"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band" -> {HKLM...CLSID} = "History Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" = "Groove GFS Browser Helper" -> {HKLM...CLSID} = "Groove GFS Browser Helper" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar" -> {HKLM...CLSID} = "Groove Folder Synchronization" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler" -> {HKLM...CLSID} = "Groove GFS Stub Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler" -> {HKLM...CLSID} = "Groove XML Icon Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" -> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS]"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS]"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" -> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL" [MS]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS]"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler" -> {HKLM...CLSID} = "Microsoft Office Metadata Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler" -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]"{1CA6BBC9-E9FA-4021-822B-075DF1837B63}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]"{846083A4-BFC6-4447-985C-6578B466A7D7}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]"{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}" = "NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]"{4FBFFA8D-F390-471a-AE46-FEB93623AD63}" = "NeroDigitalInfoHandler" -> {HKLM...CLSID} = "NeroDigitalInfoHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]"{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87}" = "NeroDigitalThumbnailHandler" -> {HKLM...CLSID} = "NeroDigitalThumbnailHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found]"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found]"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira GmbH"]"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "Nokia Phone Browser" -> {HKLM...CLSID} = "Nokia Phone Browser" \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]"{0561EC90-CE54-4f0c-9C55-E226110A740C}" = "Haali Column Provider" -> {HKLM...CLSID} = "Haali Column Provider" \InProcServer32\(Default) = "C:\Program Files\Apollo Video Converter\Haali\MatroskaSplitter\mmfinfo.dll" [null data]"{5574006C-28F5-4a65-A28C-74DE6BFBE0BB}" = "Haali Matroska Shell Property Page" -> {HKLM...CLSID} = "Haali Matroska Shell Property Page" \InProcServer32\(Default) = "C:\Program Files\Apollo Video Converter\Haali\MatroskaSplitter\mmfinfo.dll" [null data]"{327669A0-59A7-4be9-B99E-1C9F3A57611A}" = "Haali Matroska Thumbnail Extractor" -> {HKLM...CLSID} = "Haali Matroska Thumbnail Extractor" \InProcServer32\(Default) = "C:\Program Files\Apollo Video Converter\Haali\MatroskaSplitter\mmfinfo.dll" [null data]"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places" -> {HKLM...CLSID} = "Moje miejsca interfejsu Bluetooth" \InProcServer32\(Default) = "C:\WINDOWS\system32\btneighborhood.dll" ["Broadcom Corporation."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\<<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook" -> {HKLM...CLSID} = "Groove GFS Stub Execution Hook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\<<!>> grooveLocalGWS\CLSID = "{88FED34C-F0CA-4636-A375-3CB6248B04CD}" -> {HKLM...CLSID} = "Local Groove Web Services Protocol" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL" [MS]<<!>> ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}" -> {HKLM...CLSID} = "HxProtocol Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll" [MS]<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" -> {HKLM...CLSID} = "IEProtocolHandler Class" \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\EPP\(Default) = "{3F3B81BE-529B-40b9-8189-6666B241ADFA}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Epson Software\Easy Photo Print\EPPShell.dll" ["SEIKO EPSON CORPORATION"]Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira GmbH"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Monitor\(Default) = "{7842554E-6BED-11D2-8CDB-B05550C10000}" -> {HKLM...CLSID} = "Monitor Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\btncopy.dll" ["Broadcom Corporation."]Nokia\(Default) = "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" -> {HKLM...CLSID} = "Nokia Phone Browser" \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]WinZip\(Default) = "{E0D79305-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\00nView\(Default) = "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]NvCplDesktopContext\(Default) = "{A70C977A-BF00-412C-90B7-034C51DA2439}" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0561EC90-CE54-4f0c-9C55-E226110A740C}\(Default) = "Haali Column Provider" -> {HKLM...CLSID} = "Haali Column Provider" \InProcServer32\(Default) = "C:\Program Files\Apollo Video Converter\Haali\MatroskaSplitter\mmfinfo.dll" [null data]{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" [file not found]{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll" ["Nero AG"]{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" -> {HKLM...CLSID} = "Shell Extension for Malware scanning" \InProcServer32\(Default) = "C:\Program Files\Avira\AntiVir Desktop\shlext.dll" ["Avira GmbH"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}" -> {HKLM...CLSID} = "Groove GFS Context Menu Handler" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]WinZip\(Default) = "{E0D79305-84BE-11CE-9641-444553540000}" -> {HKLM...CLSID} = "WinZip" \InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]Default executables:--------------------<<!>> HKLM\SOFTWARE\Classes\.com\(Default) = "ComFile"Group Policies {GPedit.msc branch and setting}:-----------------------------------------------Note: detected settings may not have any effect.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDrives" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDrives" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"HideLegacyLogonScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}"HideLogoffScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}"HideStartupScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}"RunLogonScriptSync" = (REG_DWORD) dword:0x00000001{unrecognized setting}"RunStartupScriptSync" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\"DisableRegistryTools" = (REG_DWORD) dword:0x00000000{unrecognized setting}"HideLegacyLogonScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}"HideLogoffScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}"RunLogonScriptSync" = (REG_DWORD) dword:0x00000001{unrecognized setting}"RunStartupScriptSync" = (REG_DWORD) dword:0x00000000{unrecognized setting}"HideStartupScripts" = (REG_DWORD) dword:0x00000000{unrecognized setting}Active Desktop and Wallpaper:-----------------------------Active Desktop may be disabled at this entry:HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellStateDisplayed if Active Desktop enabled and wallpaper not set by Group Policy:HKCU\Software\Microsoft\Internet Explorer\Desktop\General\"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Displayed if Active Desktop disabled and wallpaper not set by Group Policy:HKCU\Control Panel\Desktop\"Wallpaper" = "C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Windows Portable Device AutoPlay Handlers-----------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\DVConnectmoviestudio90\"Provider" = "Vegas Movie Studio 9.0""ProgID" = "Shell.HWEventHandlerShellExecute""InitCmdLine" = ""C:\Program Files\Sony\Vegas Movie Studio 9.0\VegasMovieStudio90.exe""HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" -> {HKLM...CLSID} = "ShellExecute HW Event Handler" \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]LightScribeOnArrivalAP\"Provider" = "LightScribe Direct Disc Labeling""InvokeProgID" = "LightScribe.AutoPlayHandler""InvokeVerb" = "LabelLightScribeDisc"HKLM\SOFTWARE\Classes\LightScribe.AutoPlayHandler\shell\LabelLightScribeDisc\command\(Default) = "C:\Program Files\Common Files\LightScribe\LsLauncher.exe" ["Hewlett-Packard Company"]MSWPDShellNamespaceHandler\"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501""CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}""InitCmdLine" = " " -> {HKLM...CLSID} = "WPDShextAutoplay" \LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]NeroAutoPlay7AudioToNeroDigital\"Provider" = "Nero Burning ROM""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "AudioToNeroDigital_PlayCDAudioOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L" [file not found]NeroAutoPlay7CDAudio\"Provider" = "Nero Express""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "CDAudio_HandleCDBurningOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:AudioCD" [file not found]NeroAutoPlay7CopyCD\"Provider" = "Nero Burning ROM""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "CopyCD_PlayMusicFilesOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:DiscCopy %L" [file not found]NeroAutoPlay7DataDisc\"Provider" = "Nero Express""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "DataDisc_HandleCDBurningOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:ISODisc" [file not found]NeroAutoPlay7LaunchNeroStartSmart\"Provider" = "Nero StartSmart""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "LaunchNeroStartSmart_HandleCDBurningOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe /AutoPlay" [file not found]NeroAutoPlay7PlayAudioCD\"Provider" = "Nero ShowTime""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "PlayAudioCD_PlayMusicFilesOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L" [file not found]NeroAutoPlay7PlayDVD\"Provider" = "Nero ShowTime""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "PlayDVD_PlayVideoFilesOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L" [file not found]NeroAutoPlay7RipCD\"Provider" = "Nero Burning ROM""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "RipCD_PlayCDAudioOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L" [file not found]NeroAutoPlay7TranscodeVideo\"Provider" = "Nero Recode""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "TranscodeVideo_PlayDVDMovieOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero Recode\Recode.exe /New:CopyDVDVideo" [file not found]NeroAutoPlay7VideoCapture\"Provider" = "Nero Vision""ProgID" = "Shell.HWEventHandlerShellExecute""InitCmdLine" = ""C:\Program Files\Nero\Nero 7\Nero Vision\NeroVision.exe" /New:VideoCapture"HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" -> {HKLM...CLSID} = "ShellExecute HW Event Handler" \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]NeroAutoPlay7ViewPhotos\"Provider" = "Nero PhotoSnap Viewer""InvokeProgID" = "Nero.AutoPlay7""InvokeVerb" = "ViewPhotos_ShowPicturesOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe /" [file not found]NeroAutoPlay9LaunchNeroStartSmart\"Provider" = "Nero StartSmart""InvokeProgID" = "Nero.AutoPlay8""InvokeVerb" = "LaunchNeroStartSmart_HandleCDBurningOnArrival"HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay" [file not found]RPCDBurningOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.CDBurn.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]RPDeviceOnArrival\"Provider" = "RealPlayer""ProgID" = "RealPlayer.HWEventHandler"HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = "{67E76F1D-BDE2-4052-913C-2752366192D2}" -> {HKLM...CLSID} = "RealNetworks Scheduler" \LocalServer32\(Default) = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -autoplay" ["RealNetworks, Inc."]RPDVDBurningOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.DVDBurn.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burndvd "%1"" ["RealNetworks, Inc."]RPPlayCDAudioOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.AudioCD.6""InvokeVerb" = "play"HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /play %1 " ["RealNetworks, Inc."]RPPlayDVDMovieOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.DVD.6""InvokeVerb" = "play"HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /dvd %1 " ["RealNetworks, Inc."]RPPlayMediaOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.AutoPlay.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]SonyBlankDVDInsert_DVDAS45\"Provider" = "Sony DVD Architect Studio 4.5""ProgID" = "Shell.HWEventHandlerShellExecute""InitCmdLine" = ""C:\Program Files\Sony\DVD Architect Studio 4.5\dvdarchst45.exe""HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" -> {HKLM...CLSID} = "ShellExecute HW Event Handler" \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]WinampPlayMediaOnArrival\"Provider" = "Winamp""InvokeProgID" = "Winamp.File""InvokeVerb" = "Play"HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\command\(Default) = ""C:\Program Files\Winamp\winamp.exe" "%1"" ["Nullsoft, Inc."]HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\DropTarget\CLSID = "{46986115-84D6-459c-8F95-52DD653E532E}" -> {HKLM...CLSID} = (no title provided) \LocalServer32\(Default) = ""C:\Program Files\Winamp\winamp.exe"" ["Nullsoft, Inc."]Startup items in "hary" & "All Users" startup folders:------------------------------------------------------C:\Documents and Settings\hary\Menu Start\Programy\Autostart"Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007" -> shortcut to: "C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr" [MS]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart"BTTray" -> shortcut to: "C:\Program Files\Belkin\Oprogramowanie interfejsu Bluetooth\BTTray.exe" ["Broadcom Corporation."]Enabled Scheduled Tasks:------------------------"Epson Printer Software Downloader" -> launches: "C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE" ["SEIKO EPSON CORPORATION"]"GoogleUpdateTaskMachineCore" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /c" ["Google Inc."]"GoogleUpdateTaskMachineUA" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler" ["Google Inc."]"RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1004" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]"RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1005" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]"RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1004" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]"RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1005" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]"User_Feed_Synchronization-{A71BEF23-ED52-4F43-BE54-6A994587F05D}" -> launches: "C:\WINDOWS\system32\msfeedssync.exe sync" [MS]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]Transport Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05Toolbars, Explorer Bars, Extensions:------------------------------------ToolbarsHKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "Google Toolbar" \InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" -> {HKLM...CLSID} = "Winamp Toolbar" \InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC."]HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "Google Toolbar" \InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" = (no title provided) -> {HKLM...CLSID} = "EPSON Web-To-Page" \InProcServer32\(Default) = "C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]"{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" = "EPTBL" -> {HKLM...CLSID} = "Easy Photo Print" \InProcServer32\(Default) = "C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll" ["SEIKO EPSON CORPORATION / CyCom Technology Corp."]"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" = "Winamp Toolbar" -> {HKLM...CLSID} = "Winamp Toolbar" \InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC."]Explorer BarsHKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization"Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [MS]HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Poszukaj"Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS]Extensions (Tools menu items, main toolbar menu buttons)HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4F3C-8081-5663EE0C6C49}\"ButtonText" = "Wyślij do programu OneNote""MenuText" = "Wyślij &do programu OneNote""CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}" -> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll" [MS]{5067A26B-1337-4436-8AFE-EE169C2DA79F}\"MenuText" = "Skype add-on for Internet Explorer""CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}" -> {HKLM...CLSID} = "Skype add-on (button)" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]{77BF5300-1474-4EC7-9980-D32B190E9B07}\"ButtonText" = "Skype""CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}" -> {HKLM...CLSID} = "Skype add-on (button)" \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]{92780B25-18CC-41C8-B9BE-3C9C571A8263}\"ButtonText" = "Research"{CCA281CA-C863-46EF-9331-5C8D4460577F}\"ButtonText" = "@btrez.dll,-4015""MenuText" = "@btrez.dll,-4017""Script" = "C:\Program Files\Belkin\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm" [null data]{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\"MenuText" = "Spybot - Search & Destroy Configuration""CLSIDExtension" = "{53707962-6F74-2D53-2644-206D7942484F}" -> {HKLM...CLSID} = "Spybot-S&D IE Protection" \InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]{E2E2DD38-D088-4134-82B7-F2BA38496583}\"MenuText" = "@xpsp3res.dll,-20001""Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]{FB5F1910-F110-11D2-BB9E-00C04F795683}\"ButtonText" = "Messenger""MenuText" = "Windows Messenger""Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]Miscellaneous IE Hijack Points------------------------------HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\<<H>> "Tabs" = "http://toolbar.aol.com/browserpages/newtab-winamp-ie-en-us.html" [file not found]<<H>> "bkup_Tabs" = "res://ieframe.dll/tabswelcome.htm" [MS]<<H>> "tbNumber" = "1" [file not found]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------Avira AntiVir Guard, AntiVirService, ""C:\Program Files\Avira\AntiVir Desktop\avguard.exe"" ["Avira GmbH"]Avira AntiVir Scheduler, AntiVirSchedulerService, ""C:\Program Files\Avira\AntiVir Desktop\sched.exe"" ["Avira GmbH"]Belkin High-Speed Mode Wireless G USB Driver, Belkin High-Speed Mode Wireless G USB Network Adapter Service, "C:\Program Files\Belkin\F5D7051\WLService.exe" [null data]Bluetooth Service, btwdins, "C:\Program Files\Belkin\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe" ["Broadcom Corporation."]Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]LightScribeService Direct Disc Labeling Service, LightScribeService, ""C:\Program Files\Common Files\LightScribe\LSSrvc.exe"" ["Hewlett-Packard Company"]Nero BackItUp Scheduler 4.0, Nero BackItUp Scheduler 4.0, "C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe" ["Nero AG"]NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]Process Monitor, LVPrcSrv, "c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe" ["Logitech Inc."]ServiceLayer, ServiceLayer, ""C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"" ["Nokia"]Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]}Print Monitors:---------------HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON SX510W Series 32MonitorBE\Driver = "E_FLBFIE.DLL" ["SEIKO EPSON CORPORATION"]EpsonNet Print Port\Driver = "enppmon.dll" ["SEIKO EPSON CORPORATION"]Port drukarki interfejsu Bluetooth\Driver = "bthcrp.dll" ["Broadcom Corporation."]Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS]---------- (launch time: 2010-03-03 11:00:44)<<!>>: Suspicious data at a malware launch point.<<H>>: Suspicious data at a browser hijack point.+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter.+ To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box.---------- (total run time: 191 seconds, including 10 seconds for message boxes)nie mogłem zapisać logów z programu GMER...
Użytkownik hary edytował ten post 04 03 2010 - 14:25
#4
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 05 03 2010 - 16:52
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
Następnie uruchom OTL ponownie, tym razem kliknij "Run Scan".
Pokaż nowy log OTL.txt oraz raport z usuwania.
.
Kliknij w Run Fix. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.:OTL
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O33 - MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\Shell\AutoRun\command - "" = H:\s1.exe -- File not found
O33 - MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\Shell\open\Command - "" = H:\s1.exe -- File not found
O33 - MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\Shell\AutoRun\command - "" = H:\s1.exe -- File not found
O33 - MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\Shell\open\Command - "" = H:\s1.exe -- File not found
[2010-03-02 19:54:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-03-02 19:38:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-08 21:54:56 | 000,098,304 | RHS- | M] () -- C:\s1.exe
[2010-03-02 19:31:39 | 000,097,280 | RHS- | M] () -- C:\fk.exe
[2010-03-02 15:32:11 | 000,096,768 | RHS- | M] () -- C:\k1d.exe
[2010-03-10 22:44:55 | 000,096,768 | RHS- | C] () -- C:\k1d.exe
[2010-03-08 21:55:23 | 000,098,304 | RHS- | C] () -- C:\s1.exe
[2010-03-02 19:32:05 | 000,097,280 | RHS- | C] () -- C:\fk.exe
:Files
D:\fk.exe
E:\fk.exe
D:\s1.exe
E:\s1.exe
D:\k1d.exe
E:\k1d.exe
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
:Commands
[emptytemp]
[resethosts]
[Reboot]
Następnie uruchom OTL ponownie, tym razem kliknij "Run Scan".
Pokaż nowy log OTL.txt oraz raport z usuwania.
.
#5
hary
-
-
- 791 postów
The Untouchable
Napisano 07 03 2010 - 17:26
fix info OTL
nowy log OTL
Jakieś nowe sugestie?
All processes killed========== OTL ==========Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9c5f409f-908e-11de-82e2-001150c2715d}\ not found.File H:\s1.exe not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c5f409f-908e-11de-82e2-001150c2715d}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9c5f409f-908e-11de-82e2-001150c2715d}\ not found.File H:\s1.exe not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd6597fe-92e3-11de-82e9-001150c2715d}\ not found.File H:\s1.exe not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd6597fe-92e3-11de-82e9-001150c2715d}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd6597fe-92e3-11de-82e9-001150c2715d}\ not found.File H:\s1.exe not found.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1005\Dc6 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1005 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc80 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc79 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\XML folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\VirtualKeyboard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\SelectionControl folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Logo folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_State folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_SetupWizard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_Settings folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_PlayerControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_OSD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_MenuItems folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_MediaCategory folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_InfoPanel folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_Handlers folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_FileTypes folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Icons_Content folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Specials folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_SetupWizard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Settings folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_PlayerControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_OSD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Notifications folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_InfoPanel folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Content_ListViewItem folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Content_ListView folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\BG_Content_IconView folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics\Backgrounds folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin\Graphics folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Spin folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\XML folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\VirtualKeyboard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\SelectionControl folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Logo folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_State folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_SetupWizard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_Settings folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_PlayerControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_OSD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_Notifications folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_MenuItems folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_MediaCategory folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_InfoPanel folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_Handlers folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_FileTypes folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Icons_Content folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Specials folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_SetupWizard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Settings folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_PlayerControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_OSD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_MenuItems folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_InfoPanel folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Handlers folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Content_ListViewItem folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Content_ListView folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Content_IconView folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\BG_Content_BigListView folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Backgrounds_Others folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics\Backgrounds folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere\Graphics folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins\Horizon Sphere folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Skins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Menu Templates\Thumbnails folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78\Menu Templates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc78 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc77 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc76\Skins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc76\Logos folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc76 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc75 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc74 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc73 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc72\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc72 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\Video folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\Pictures folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\MenuTemplates\Pictures folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\MenuTemplates\HD\Pictures folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\MenuTemplates\HD\Buttons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\MenuTemplates\HD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\MenuTemplates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\Buttons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Wobble folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Wanderlust folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\ToyTrucks folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Towers folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\ScreenBows folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\RoomCubes folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Monitors folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Lattice folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\JellyBalloons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Floating folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\Cube folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\BabyBoom folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\AbstractFrames folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\AbstractCircle folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3\AbstractBricks folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\4_3 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Wobble folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Wanderlust folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\ToyTrucks folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Towers folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\ScreenBows folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\RoomCubes folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Monitors folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Lattice folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\JellyBalloons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Floating folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\Cube folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\BabyBoom folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\AbstractFrames folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\AbstractCircle folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9\AbstractBricks folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus\16_9 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations\Menus folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71\3DAnimations folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc71 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc70 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc69 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc68 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc67\Templates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc67 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc66\Uninstall folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc66 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc65\SecurDisc folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc65\CDI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc65 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\SD\Orbit folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\SD\LemonClouds folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\SD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\HD\Orbit folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\HD\LemonClouds folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D\HD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Standard2D folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D\Menus\4_3\Cube folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D\Menus\4_3 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D\Menus\16_9\Cube folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D\Menus\16_9 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D\Menus folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\Smart3D folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\MovieWizard\BlueHorizon\bluehorizon_nsla folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\MovieWizard\BlueHorizon folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates\MovieWizard folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Templates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\NeroDiscCopy9.Gadget\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\NeroDiscCopy9.Gadget folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\WEDll folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\rich\white folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\rich\red folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\rich\green folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\rich\black folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\rich folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\filedlg folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview\default folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE\NeroPreview folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NPRE folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\MultiChannelDll folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\GuiControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\DX folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\AudioPluginMgr folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor\AudioEffects folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero WaveEditor folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Refs folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\PTT\plugins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Profiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\rich\white folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\rich\red folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\rich\green folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\rich\black folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\rich folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\filedlg folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview\default folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE\NeroPreview folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NPRE folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NeroAPIFiles\CDI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero3D\Licenses folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero3D folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.FormatOptionsLib folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.DVDEngine folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Nero.BDEngine folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\NCBUI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Graphic Objects folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Buttons\TextButtons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Buttons\NavigationButtons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Buttons\FrameButtons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision\Buttons folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Vision folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\rich\white folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\rich\red folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\rich\green folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\rich\black folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\rich folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\filedlg folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview\default folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE\NeroPreview folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NPRE folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.NMBC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\NCBUI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Feeds\Common folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\Feeds folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart\AudioPluginMgr folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero StartSmart folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\WEDll folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Templates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Weather folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Vehicles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Traffic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Stadion folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Sequencer folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Party folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Office folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Jungle folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Horror folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Farm folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples\Concert folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Samples folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Techno folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Synth folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Rock folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Jazz folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Industrial folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\House folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Hiphop folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Funk folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\Acoustic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums\808 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox\Drums folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SoundBox folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\ScratchBox\Samples folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\ScratchBox\Loops folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\ScratchBox folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\rich\white folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\rich\red folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\rich\green folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\rich\black folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\rich folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\filedlg folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview\default folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE\NeroPreview folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NPRE folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\NCBUI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\MultiChannelDll folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\GuiControls folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\DX folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\AudioPluginMgr folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax\AudioEffects folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero SoundTrax folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.UPnPServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib\zi\Asia folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib\zi\America folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib\zi folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib\security folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib\ext folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive\jlib folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDInteractive folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero ShowTime folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero RescueAgent folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\rich\white folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\rich\red folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\rich\green folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\rich\black folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\rich folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\filedlg folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview\default folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE\NeroPreview folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NPRE folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NeroAPIFiles folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode\NCBUI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Recode folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero PhotoSnap\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero PhotoSnap folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\PTT\plugins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\pl-PL folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\es-CL folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live\en-US folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Live folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero InfoTool folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\SecurDisc folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\CoverEdCtrl folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\CDI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express\AudioPluginMgr folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Express folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero DriveSpeed folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero DiscSpeed folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero CoverDesigner\Templates folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero CoverDesigner folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero BurnRights folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\SMC\plug-ins folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\SMC folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\SecurDisc folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\PTT folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\OnlineServices folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\NScCoreComponents folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\NFD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.NeDiscRecog folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.NeDiscManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.HttpManager folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.DiscNavVcd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.DiscNavDvd folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.DiscNavBD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.BDThumbnail folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\Nero.BDGraphic folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\CoverEdCtrl folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\CDI folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM\AudioPluginMgr folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64\Nero Burning ROM folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc64 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc63.dll_pliki folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc51 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc49.Keygen-Lz0\keygen folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc49.Keygen-Lz0 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc46 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc111 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc110\InCD folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc110 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc107 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc106 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004\Dc105 folder moved successfully.C:\RECYCLER\S-1-5-21-606747145-261478967-1417001333-1004 folder moved successfully.C:\RECYCLER folder moved successfully.C:\Qoobox\Quarantine\Registry_backups folder moved successfully.C:\Qoobox\Quarantine\E folder moved successfully.C:\Qoobox\Quarantine\D folder moved successfully.C:\Qoobox\Quarantine\C\WINDOWS folder moved successfully.C:\Qoobox\Quarantine\C folder moved successfully.C:\Qoobox\Quarantine folder moved successfully.C:\Qoobox\BackEnv folder moved successfully.C:\Qoobox folder moved successfully.File C:\s1.exe not found.File C:\fk.exe not found.File C:\k1d.exe not found.File C:\k1d.exe not found.File C:\s1.exe not found.File C:\fk.exe not found.========== FILES ==========File\Folder D:\fk.exe not found.File\Folder E:\fk.exe not found.File\Folder D:\s1.exe not found.File\Folder E:\s1.exe not found.File\Folder D:\k1d.exe not found.File\Folder E:\k1d.exe not found.========== REGISTRY ==========Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 33170 bytes->Flash cache emptied: 41044 bytes User: greggor->Temp folder emptied: 38365768 bytes->Temporary Internet Files folder emptied: 2734650 bytes->Java cache emptied: 2967381 bytes->FireFox cache emptied: 144594706 bytes->Google Chrome cache emptied: 136484848 bytes->Flash cache emptied: 76486 bytes User: hary->Temp folder emptied: 8674140 bytes->Temporary Internet Files folder emptied: 1551654 bytes->Java cache emptied: 1860637 bytes->FireFox cache emptied: 213495345 bytes->Google Chrome cache emptied: 10463948 bytes->Flash cache emptied: 35083 bytes User: LocalService->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 360474 bytes->FireFox cache emptied: 3193490 bytes->Flash cache emptied: 405 bytes User: NetworkService->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 33170 bytes User: Właściciel %systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 2148726 bytes%systemroot%\System32 .tmp files removed: 2775588 bytes%systemroot%\System32\dllcache .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 131552 bytesRecycleBin emptied: 0 bytes Total Files Cleaned = 544,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.HOSTS file reset successfully OTL by OldTimer - Version 3.1.32.0 log created on 03072010_151059Files\Folders moved on Reboot...Registry entries deleted on Reboot...nowy log OTL
OTL logfile created on: 2010-03-07 15:18:26 - Run 1OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\hary\Moje dokumenty\PobieranieWindows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 48,89 Gb Total Space | 24,64 Gb Free Space | 50,39% Space Free | Partition Type: NTFSDrive D: | 78,42 Gb Total Space | 59,13 Gb Free Space | 75,40% Space Free | Partition Type: NTFSDrive E: | 105,57 Gb Total Space | 63,56 Gb Free Space | 60,21% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: GREGGCurrent User Name: haryLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-03-02 20:12:11 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hary\Moje dokumenty\Pobieranie\OTL.exePRC - [2010-02-23 13:53:47 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exePRC - [2009-12-21 18:39:12 | 000,015,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exePRC - [2009-11-11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exePRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exePRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exePRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exePRC - [2009-08-20 18:01:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exePRC - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exePRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exePRC - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exePRC - [2009-03-02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exePRC - [2009-01-12 09:54:02 | 000,669,520 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exePRC - [2008-04-14 17:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2007-02-08 00:13:48 | 000,774,168 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exePRC - [2007-02-08 00:12:48 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exePRC - [2007-02-08 00:12:20 | 000,230,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exePRC - [2007-02-06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exePRC - [2007-02-06 16:43:26 | 000,252,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exePRC - [2006-10-11 11:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exePRC - [2006-09-20 07:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exePRC - [2006-09-19 15:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exePRC - [2006-05-30 20:24:20 | 000,061,440 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\emMON.exePRC - [2005-06-13 14:45:54 | 000,827,392 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLanCfgG.exePRC - [2004-03-29 15:08:16 | 000,049,152 | ---- | M] () -- C:\Program Files\Belkin\F5D7051\WLService.exe ========== Modules (SafeList) ========== MOD - [2010-03-02 20:12:11 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hary\Moje dokumenty\Pobieranie\OTL.exeMOD - [2010-02-23 13:54:35 | 000,118,784 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dllMOD - [2010-02-23 13:53:48 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dllMOD - [2009-08-13 13:56:27 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dllMOD - [2007-02-06 16:45:14 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dllMOD - [2006-10-04 21:07:12 | 000,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dllMOD - [2003-02-21 03:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSVCR71.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (NBService)SRV - [2009-11-06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)SRV - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)SRV - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)SRV - [2007-02-06 16:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)SRV - [2007-02-06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)SRV - [2006-10-26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)SRV - [2005-04-03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)SRV - [2004-03-29 15:08:16 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\F5D7051\WLService.exe -- (Belkin High-Speed Mode Wireless G USB Network Adapter Service) ========== Driver Services (SafeList) ========== DRV - [2009-12-07 18:36:24 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)DRV - [2009-09-29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)DRV - [2009-09-29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)DRV - [2009-09-29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)DRV - [2009-08-21 09:45:43 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)DRV - [2009-08-20 17:40:21 | 000,017,801 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)DRV - [2009-05-11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)DRV - [2009-04-28 20:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)DRV - [2009-03-30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)DRV - [2009-02-13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)DRV - [2008-11-19 17:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)DRV - [2008-11-19 17:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)DRV - [2008-11-19 17:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)DRV - [2008-04-13 19:45:36 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)DRV - [2008-04-13 18:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)DRV - [2008-04-13 18:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)DRV - [2008-04-13 18:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)DRV - [2008-04-13 16:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)DRV - [2008-04-13 16:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2008-02-28 05:34:00 | 006,663,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)DRV - [2007-02-06 16:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)DRV - [2007-02-06 16:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)DRV - [2007-02-06 16:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)DRV - [2007-02-03 09:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)DRV - [2007-02-03 09:27:28 | 000,938,272 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)DRV - [2007-02-03 09:27:16 | 000,014,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)DRV - [2006-09-12 20:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)DRV - [2006-09-12 04:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)DRV - [2006-08-21 22:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)DRV - [2004-08-13 10:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)DRV - [2003-09-25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)DRV - [2001-08-17 20:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web"FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"FF - prefs.js..browser.search.selectedEngine: "XfireXO Customized Web Search"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-01-05 20:43:25 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-02-23 13:54:36 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-04 14:47:01 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-03 12:46:52 | 000,000,000 | ---D | M] [2009-08-21 13:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Extensions[2010-03-03 11:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions[2009-09-20 11:49:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2009-12-29 15:25:12 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}[2009-12-07 11:38:26 | 000,000,000 | ---D | M] (gTranslate) -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}[2009-12-23 18:59:08 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\conduit.xml[2009-12-23 09:52:28 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\translaticapl---angielsko-polski.xml[2009-12-23 09:52:19 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\hary\Dane aplikacji\Mozilla\Firefox\Profiles\taqkkna5.default\searchplugins\translaticapl---polsko-angielski.xml[2010-03-03 11:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-01-13 22:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll[2010-01-16 01:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2010-01-16 01:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-01-16 01:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-01-16 01:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-01-16 01:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-01-16 01:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-03-07 15:12:35 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: ::1 localhostO2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)O4 - HKLM..\Run: [emMON] C:\WINDOWS\emMON.exe (eMPIA Technology, Inc.)O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe File not foundO4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe File not foundO4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)O4 - HKCU..\Run: [EPSON SX510W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)O4 - Startup: C:\Documents and Settings\hary\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O32 - Unable to read "AutoRun" value or value not present!O32 - AutoRun File - [2009-08-20 17:12:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35 - comfile [open] -- "%1" %*O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-03-08 21:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Boilsoft Video Joiner[2010-03-07 15:12:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2010-03-07 15:10:59 | 000,000,000 | ---D | C] -- C:\_OTL[2010-03-04 13:16:09 | 000,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex7L.ocx[2010-03-04 13:16:08 | 001,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\WINDOWS\System32\NMSDVDXU.dll[2010-03-04 13:16:08 | 000,630,784 | ---- | C] (ComponentOne) -- C:\WINDOWS\System32\vsflex8u.ocx[2010-03-04 13:16:08 | 000,244,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx[2010-03-04 11:26:41 | 000,258,048 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\esn.dll[2010-03-04 11:26:41 | 000,180,224 | ---- | C] (LG Electronics) -- C:\WINDOWS\AuthDll.dll[2010-03-04 11:26:41 | 000,090,112 | ---- | C] (LG Electronics) -- C:\WINDOWS\LGMobileDL.dll[2010-03-03 11:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Xfire[2010-03-03 11:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\DownloadToolz[2010-03-03 11:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire[2010-03-03 11:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO[2010-03-03 11:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\XfireXO[2010-03-03 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead[2010-03-03 11:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Pulpit\Wisin & Yandel - 2010 lost Edition (2007)[2010-03-03 11:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Pulpit\hary i baby[2010-03-03 11:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Pulpit\Reggaeton[2010-03-03 11:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent[2010-03-03 11:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update[2010-03-03 10:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Moje dokumenty\Folder wymiany interfejsu Bluetooth[2010-03-03 08:25:17 | 000,000,000 | ---D | C] -- C:\divx[2010-03-02 19:54:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER(2)[2010-03-02 19:41:04 | 000,000,000 | ---D | C] -- C:\cmdcons[2010-03-02 19:38:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2010-03-02 13:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2010-02-24 22:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Moje dokumenty\hary i baby[2010-02-24 15:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar[2010-02-23 13:54:29 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll[2010-02-23 13:54:24 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll[2010-02-23 13:54:24 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll[2010-02-23 13:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared[2010-02-23 13:53:48 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll[2010-02-23 13:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Real[2010-02-23 13:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real[2010-02-23 13:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real[2010-02-23 13:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Real[2010-02-23 13:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\WinZip[2010-02-23 13:37:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip[2010-02-23 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip[2010-02-19 10:57:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll[2010-02-19 10:57:09 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll[2010-02-19 10:57:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs[2010-02-19 10:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect[2010-02-19 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar[2010-02-19 10:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar[2010-02-17 00:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Sun[2010-02-16 15:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Azureus[2010-02-16 15:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Azureus[2010-02-14 13:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\FastStone[2010-02-14 13:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Photo Resizer[2010-02-14 11:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hary\Dane aplikacji\Mp3tag[2010-02-14 11:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag[2010-02-12 21:22:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump[2009-12-29 15:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire[2009-12-18 16:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple[2009-12-05 16:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google[2009-11-16 22:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-11-16 22:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Temp[2009-10-06 13:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google[2009-08-27 08:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Google[2009-08-27 08:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Macromedia[2009-08-27 08:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe[2009-08-27 08:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft[2009-08-27 08:07:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft[2009-08-21 13:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla[2009-08-21 13:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla[2009-08-20 17:12:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft ========== Files - Modified Within 30 Days ========== [2010-03-11 00:52:42 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A71BEF23-ED52-4F43-BE54-6A994587F05D}.job[2010-03-10 12:34:14 | 000,016,529 | R--- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\akt35.jpeg[2010-03-10 12:24:53 | 000,053,425 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Funny-Picture.jpg[2010-03-10 11:30:31 | 007,871,253 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\zwirek muchomotek.flv[2010-03-10 10:54:31 | 045,109,535 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Hitler w poszukiwaniu elektro.flv[2010-03-08 21:44:15 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Boilsoft Video Joiner.lnk[2010-03-07 15:16:16 | 000,171,862 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2010-03-07 15:15:43 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-03-07 15:15:41 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-03-07 15:15:33 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job[2010-03-07 15:15:33 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-03-07 15:15:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-03-07 15:15:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-03-07 15:14:04 | 008,376,320 | ---- | M] () -- C:\Documents and Settings\hary\ntuser.dat[2010-03-07 15:14:04 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\hary\ntuser.ini[2010-03-07 15:12:35 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts[2010-03-07 14:59:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job[2010-03-07 14:48:43 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-03-06 09:33:25 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-03-05 18:43:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-03-05 12:53:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job[2010-03-05 11:17:30 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\HijackThis.lnk[2010-03-05 09:01:52 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-03-05 08:33:58 | 001,097,218 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010-03-05 08:33:58 | 000,493,966 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-03-05 08:33:58 | 000,435,568 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-03-05 08:33:58 | 000,085,032 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-03-05 08:33:58 | 000,068,272 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-03-03 13:25:12 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2010-03-03 12:46:49 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DivX Player.lnk[2010-03-03 12:46:43 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DivX Converter Mobile.lnk[2010-03-02 19:42:39 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2010-02-23 14:15:42 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\hary\Pulpit\ALLPlayer V3.1.lnk[2010-02-23 13:54:29 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll[2010-02-23 13:54:24 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll[2010-02-23 13:54:24 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll[2010-02-23 13:53:48 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll[2010-02-23 13:53:48 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll[2010-02-22 21:32:08 | 000,019,280 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\luki.jpg[2010-02-21 10:40:54 | 016,825,696 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\gein-the_sermon.mp3[2010-02-21 10:15:51 | 015,065,339 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Current Value & Snow-Edge Of Dreams.mp3[2010-02-19 10:57:14 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Winamp.lnk[2010-02-19 10:57:14 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk[2010-02-18 23:09:25 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2010-02-14 13:56:47 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\FastStone Photo Resizer.lnk[2010-02-14 13:56:47 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FastStone Photo Resizer.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Mp3tag.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mp3tag.lnk[2010-02-14 10:47:38 | 013,289,472 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\Oceanic.mp3[2010-02-14 09:32:51 | 012,732,416 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\01_knockout.mp3[2010-02-06 09:02:12 | 000,398,871 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\doda.jpg[2010-02-06 08:58:51 | 000,208,686 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\doda tatuaz.jpg[2010-02-06 08:55:06 | 000,045,612 | ---- | M] () -- C:\Documents and Settings\hary\Moje dokumenty\img91139.tatuaze.209410.jpg ========== Files Created - No Company Name ========== [2010-03-10 12:34:14 | 000,016,529 | R--- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\akt35.jpeg[2010-03-10 12:24:52 | 000,053,425 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Funny-Picture.jpg[2010-03-10 11:28:16 | 007,871,253 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\zwirek muchomotek.flv[2010-03-10 10:46:58 | 045,109,535 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Hitler w poszukiwaniu elektro.flv[2010-03-08 21:44:15 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Boilsoft Video Joiner.lnk[2010-03-05 11:17:29 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\HijackThis.lnk[2010-03-04 11:26:41 | 000,221,291 | ---- | C] () -- C:\WINDOWS\Imei_dll.dll[2010-03-04 11:26:41 | 000,040,960 | ---- | C] () -- C:\WINDOWS\Sublock.dll[2010-03-03 12:46:49 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DivX Player.lnk[2010-03-03 12:46:43 | 000,000,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DivX Converter Mobile.lnk[2010-03-02 19:41:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2010-03-02 19:41:04 | 000,262,400 | ---- | C] () -- C:\cmldr[2010-02-25 03:00:12 | 008,376,320 | ---- | C] () -- C:\Documents and Settings\hary\ntuser.dat[2010-02-24 18:37:35 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-02-24 18:37:35 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1004.job[2010-02-23 14:15:42 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\hary\Pulpit\ALLPlayer V3.1.lnk[2010-02-23 13:54:40 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-02-23 13:54:39 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-261478967-1417001333-1005.job[2010-02-22 21:32:07 | 000,019,280 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\luki.jpg[2010-02-21 10:31:31 | 016,825,696 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\gein-the_sermon.mp3[2010-02-21 10:07:19 | 015,065,339 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Current Value & Snow-Edge Of Dreams.mp3[2010-02-19 10:57:14 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk[2010-02-14 13:56:47 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\FastStone Photo Resizer.lnk[2010-02-14 13:56:47 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FastStone Photo Resizer.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Mp3tag.lnk[2010-02-14 11:24:42 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mp3tag.lnk[2010-02-14 11:15:31 | 000,145,576 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\why-so-serious.jpg[2010-02-14 10:41:22 | 013,289,472 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\Oceanic.mp3[2010-02-14 09:27:14 | 012,732,416 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\01_knockout.mp3[2010-02-06 09:02:11 | 000,398,871 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\doda.jpg[2010-02-06 08:58:51 | 000,208,686 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\doda tatuaz.jpg[2010-02-06 08:55:05 | 000,045,612 | ---- | C] () -- C:\Documents and Settings\hary\Moje dokumenty\img91139.tatuaze.209410.jpg[2010-01-25 01:19:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI[2010-01-23 12:46:42 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini[2009-11-30 19:37:34 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll[2009-09-30 14:33:27 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI[2009-09-29 11:12:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL[2009-09-29 11:10:58 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll[2009-09-29 11:08:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI[2009-09-20 16:46:23 | 002,392,064 | ---- | C] () -- C:\WINDOWS\System32\videotrans.dll[2009-09-20 16:46:23 | 000,215,040 | ---- | C] () -- C:\WINDOWS\System32\videoformat.dll[2009-09-20 16:46:22 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\imgscaler.dll[2009-09-20 16:46:22 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\img_utils.dll[2009-09-20 16:46:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\videocore.dll[2009-09-20 16:46:12 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-09-18 10:17:55 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll[2009-09-15 22:54:19 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini[2009-09-02 12:37:59 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll[2009-09-01 11:52:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll[2009-09-01 11:52:27 | 000,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini[2009-08-26 18:18:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2009-08-23 13:51:27 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini[2009-08-23 09:57:26 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini[2009-08-22 15:41:56 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log[2009-08-21 13:08:03 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\hary\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-08-21 09:49:15 | 000,000,055 | ---- | C] () -- C:\WINDOWS\QRPhotoDVDSlideshow.INI[2009-08-20 17:40:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\F5D7051.dll[2009-08-20 17:40:06 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll[2009-08-20 17:28:47 | 000,015,158 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2009-08-20 17:28:47 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys[2009-08-20 17:28:39 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2008-07-23 16:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2008-07-23 16:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest[2008-02-28 05:34:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2008-02-28 05:34:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2008-02-28 05:34:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2008-02-28 05:34:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2008-02-28 05:34:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2007-02-06 16:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys[2007-02-06 16:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys[2005-10-14 09:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll[2005-10-14 09:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll[2005-10-14 09:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll[2005-10-14 09:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2005-10-14 09:56:50 | 000,128,512 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll[2005-10-14 09:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll[2005-10-14 09:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll[2005-03-30 04:13:22 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll< End of report >
Jakieś nowe sugestie?
Użytkownik hary edytował ten post 07 03 2010 - 17:33
#6
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 07 03 2010 - 18:06
W nowym logu nie ma już nic szkodliwego.
Kosmetyka:
Do Notatnika wklej:
plik uruchom (dwuklik i OK).
Użyj szczepionki >http://www.bezpieczenstwosystemow.pl/index.php?topic=1647.0 - post nr 2
W OTL kliknij na przycisk "CleanUp" - to go usunie razem z jego Kwarantanną.
Usuń kopie szkodników z folderu "System Volume Information" poprzez chwilowe wyłączenie "Przywracania Systemu":
To wszystko z mojej strony.
.
Kosmetyka:
Do Notatnika wklej:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "InCD"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SecurDisc"=-Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>
plik uruchom (dwuklik i OK).
Użyj szczepionki >http://www.bezpieczenstwosystemow.pl/index.php?topic=1647.0 - post nr 2
W OTL kliknij na przycisk "CleanUp" - to go usunie razem z jego Kwarantanną.
Usuń kopie szkodników z folderu "System Volume Information" poprzez chwilowe wyłączenie "Przywracania Systemu":
>START>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.
(W czasie tego chwilowego wyłączenia te kopie usuną się samoczynnie, więc nie ma potrzeby zaglądania do folderu.)
Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).
To wszystko z mojej strony.
.
#7
hary
-
-
- 791 postów
The Untouchable
Napisano 08 03 2010 - 20:04
zrobiłem wszystko wg. instrukcji...
dzięki Ordynat za pomoc...
dzięki Ordynat za pomoc...
Użytkownicy przeglądający ten temat: 0
0 użytkowników, 0 gości, 0 anonimowych
