Wykryto wyłączony javascript

Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.

Logi - Bluescreen z błędem 0x7f - Wirus czy coś ze sprzętem ?

Rozpoczęty przez tameo , 31 05 2012 13:18

Temat jest zamknięty

6 odpowiedzi w tym temacie

#1 tameo

Nowy

4 postów

Napisano 31 05 2012 - 13:18

Ostatnio dosyć nieregularnie wyskakuje mi blue screen z błędem 0x7f (0 0 0 0) bez żadnego dodatkowego komunikatu.
Zrobiłem memtesta korzystając z pld rescue cd oraz chkdsk dysku c:\ Nic nie wykazały.

Załączam logi z OTL i proszę o pomoc:

OTL logfile created on: 2012-05-31 11:22:36 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = g:\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,57 Gb Available Physical Memory | 28,54% Memory free
3,85 Gb Paging File | 2,07 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,00 Gb Total Space | 2,25 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
Drive D: | 96,46 Gb Total Space | 17,01 Gb Free Space | 17,64% Space Free | Partition Type: NTFS
Drive G: | 96,42 Gb Total Space | 17,26 Gb Free Space | 17,90% Space Free | Partition Type: NTFS

Computer Name: DOWN | User Name: Kot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-05-31 11:22:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- g:\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-05-30 00:22:19 | 001,227,288 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2012-05-16 09:44:47 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2012-03-22 15:40:27 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012-02-17 22:05:54 | 000,424,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Kits\8.0\Debuggers\x86\windbg.exe
PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-09-08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-03-17 07:43:37 | 000,670,720 | ---- | M] (Yealink) -- C:\Program Files\SkypeMate\SkypeMate.exe
PRC - [2010-06-22 23:37:17 | 001,850,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010-04-15 05:55:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2010-01-07 22:21:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009-04-10 15:59:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2008-04-15 14:00:00 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2012-05-30 10:13:30 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_80c2ffa.dll
MOD - [2012-05-30 00:22:18 | 000,436,760 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\ppgooglenaclpluginchrome.dll
MOD - [2012-05-30 00:22:17 | 008,522,776 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\PepperFlash\pepflashplayer.dll
MOD - [2012-05-30 00:22:15 | 003,989,016 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\pdf.dll
MOD - [2012-05-30 00:21:01 | 000,526,872 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\libglesv2.dll
MOD - [2012-05-30 00:20:59 | 000,104,984 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\libegl.dll
MOD - [2012-05-30 00:20:50 | 000,140,328 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\avutil-51.dll
MOD - [2012-05-30 00:20:48 | 000,262,184 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\avformat-54.dll
MOD - [2012-05-30 00:20:47 | 002,387,496 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\avcodec-54.dll
MOD - [2012-04-05 21:53:26 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012-02-21 11:18:08 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012-02-21 11:15:07 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012-02-21 09:47:25 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012-02-21 09:47:14 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012-02-21 09:46:48 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012-02-21 09:42:58 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012-02-21 00:39:45 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011-10-14 21:20:09 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011-10-13 10:12:03 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010-07-29 18:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Total Video Converter\TVCShellExt.dll
MOD - [2010-03-16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2008-09-16 20:18:06 | 000,132,608 | R--- | M] () -- C:\Program Files\WIN.RAR.3.80.pl\RarExt.dll
MOD - [2008-05-02 06:15:37 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-03-29 16:42:20 | 000,159,744 | ---- | M] () -- C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll
MOD - [2008-03-29 14:11:52 | 000,023,552 | ---- | M] () -- C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mkunicode.dll
MOD - [2001-10-28 14:12:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012-05-30 10:13:30 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-05-05 13:25:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-03 07:47:17 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-02-15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-04-25 05:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2010-04-15 05:55:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-07 22:21:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009-04-10 15:59:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-04-15 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008-04-15 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008-04-15 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\xgfyaxzbanaocij.sys -- (yjoozickwqcaumm)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers zqsbsqr.sys -- (tzqsbsqr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\qzmohxrt.sys -- (qzmohxrt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\imzggdp.sys -- (nyvhlkpzgpeaear)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\Kot\USTAWI~1\Temp\kpvxbwrb.sys -- (fuunwbktlxe)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\fujmeccb.sys -- (fujmeccb)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012-04-06 07:16:18 | 007,746,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012-02-23 14:31:22 | 000,099,856 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011-10-07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-02-08 10:09:54 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-01-16 16:22:38 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2011-01-15 00:51:11 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-04-19 14:03:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009-07-10 08:33:04 | 001,381,632 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009-05-25 09:21:28 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-05-17 19:10:12 | 000,083,808 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008-04-15 14:00:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008-04-15 14:00:00 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008-04-15 14:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008-04-15 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2008-04-15 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2008-04-15 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2007-12-17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006-11-02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = wyborcza.pl/0,0.html?p=030
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Gazeta.pl - Polska i świat - wiadomości | informacje | wydarzenia
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = %s - Google Search
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...20-521CF1A7B4F5
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search
IE - HKCU\..\SearchScopes\{E5E8E333-4FEA-4696-AA06-F2C8F8BB4195}: "URL" = {searchTerms} - Yahoo! Search Results
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: last-tab-close-button@victor.sacharin:0.3.3
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-01 11:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-16 09:46:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-03 07:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-16 09:52:31 | 000,000,000 | ---D | M]

[2010-04-19 11:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Extensions
[2012-05-04 13:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Firefox\Profiles\37xvwh11.default\extensions
[2012-01-04 17:32:38 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Firefox\Profiles\37xvwh11.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2011-03-03 17:12:58 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Firefox\Profiles\37xvwh11.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2012-01-09 17:47:23 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Firefox\Profiles\37xvwh11.default\extensions\foxmarks@kei(2).com
[2012-04-04 00:14:21 | 000,001,530 | ---- | M] () -- C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\Firefox\Profiles\37xvwh11.default\searchplugins\mbc.xml
[2012-03-19 10:11:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-02-29 00:35:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-12-21 11:22:02 | 000,275,540 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\KOT\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\37XVWH11.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012-01-07 00:30:20 | 000,634,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\KOT\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\37XVWH11.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-02-28 23:31:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-04-23 01:12:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012-05-03 07:47:16 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-28 23:31:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009-07-31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
[2012-05-16 09:44:58 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-02-11 16:31:51 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-11 16:31:51 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-11 16:31:51 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-11 16:31:51 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-11 16:31:51 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-11 16:31:51 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1155.2\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.132\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Kot\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\plugins\npganymedenet.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Angry Birds = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.97_0\
CHR - Extension: QRreader beta = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bfdjglobiolninfgldchakgfldifphic\0.4_0\
CHR - Extension: YouTube = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YoutubeDownloader = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bpmpofdpdkjkfcchimkmfflegbppinlc\1.2_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: youtump3.com = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cpojoompnnbjbenmcndghifipifpekhc\1.1_0\
CHR - Extension: Search by Image (by Google) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.1.1_0\
CHR - Extension: Radio Internetowe = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dbibbpnjegagchjhlfhndkkpkgnacihf\1_0\
CHR - Extension: Download All = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dichiooocmfaijgfjjohpjdbelmficee\1.5.6_0\
CHR - Extension: FTP Free = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn\2.5_0\
CHR - Extension: I-AM-STUDYING BLOCKER = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\emebnfadbcfbcnebjhlohinanlbkcmhj\1.15.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.33_0\
CHR - Extension: Mp3 Songs Search & Download = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gpncnmchclinokbnkchkhjpallpogken\1.0_0\
CHR - Extension: G+ Circle Include = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hfbmndhcmbebgglomcgjjdgojedkbdpf\0.3_0\
CHR - Extension: Facebook for Google+\u2122 = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ijbnajmkoalaoooodnmfecbbnecmhhid\1.9.37_0\
CHR - Extension: Yulia Brodskaya = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko\2_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: YouTube Downloader = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdlfdceinfchfhcajcgkfclokinpfiai\1.6.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: FB Dislike = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lpekolbadenjphaaapbgdienjjpgbali\1.3.2_0\
CHR - Extension: Sprawdzanie poczty Google = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: -1 Minus One for Google Plus\u2122 = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\naieljaeedpjcgjlhnkpnobnbkocahfe\1.6_0\
CHR - Extension: F.B. Purity - Cleans Up Facebook = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\5.3.0_0\
CHR - Extension: Google+ Ultimate = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nhogbifmjccfhopdggilcbeamcmlhmgo\1.3.4_0\
CHR - Extension: Rozszerzenie Subskrypcje RSS (od Google) = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\
CHR - Extension: G+me for Google Plus\u2122 = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oacdcllhgpddmlnhajiacfakhlilbicp\6.0.3_0\
CHR - Extension: Auto-Translate = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk\2.0.3_0\
CHR - Extension: Plus Minus = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pidkbnhjgdngcfcaikoocdanfijkgdli\1.5.5_0\
CHR - Extension: Tlumacz = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pkpofhilebgcccknccaapjlapkijkdai\1.1_0\

O1 HOSTS File: ([2010-06-29 12:47:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\Kot\Menu Start\Programy\Autostart\SkypeMate.lnk = C:\Program Files\SkypeMate\SkypeMate.exe (Yealink)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Kot\Dane aplikacji\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E376880-D542-4836-B6B3-767B07381CD9}: DhcpNameServer = 194.204.152.34 194.204.159.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Kot/USTAWI~1/Temp/msohtmlclip1/01/clip_image002.jpg
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-19 12:16:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1c150eef-1f40-11e0-a0b2-002618b28333}\Shell - "" = AutoRun
O33 - MountPoints2\{1c150eef-1f40-11e0-a0b2-002618b28333}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{8bb3fd5c-9f22-11df-9f3e-002618b28333}\Shell\AutoRun\command - "" = setise\\zeljko.exe
O33 - MountPoints2\{8bb3fd5c-9f22-11df-9f3e-002618b28333}\Shell\explore\command - "" = setise\\\zeljko.exe
O33 - MountPoints2\{8bb3fd5c-9f22-11df-9f3e-002618b28333}\Shell\open\command - "" = setise\\\zeljko.exe
O33 - MountPoints2\{8f9f33ef-c1d7-11df-9f94-002618b28333}\Shell\AutoRun\command - "" = H:\TEMP/bracacelika.exe
O33 - MountPoints2\{8f9f33ef-c1d7-11df-9f94-002618b28333}\Shell\open\command - "" = H:\TEMP/bracacelika.exe
O33 - MountPoints2\{de2bb256-335a-11e0-a0e9-002618b28333}\Shell - "" = AutoRun
O33 - MountPoints2\{de2bb256-335a-11e0-a0e9-002618b28333}\Shell\AutoRun\command - "" = E:\Installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-05-31 10:57:50 | 000,000,000 | ---D | C] -- C:\Minidump
[2012-05-31 00:39:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kot\Recent
[2012-05-30 15:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kot\Pulpit\gram
[2012-05-29 14:38:40 | 000,000,000 | ---D | C] -- C:\symbole
[2012-05-29 14:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Kits
[2012-05-29 14:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft
[2012-05-29 14:23:43 | 000,000,000 | ---D | C] -- C:\Common7
[2012-05-29 14:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Kits
[2012-05-29 13:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-05-29 12:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
[2012-05-16 09:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012-05-16 09:45:46 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012-05-16 09:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\RealNetworks
[2012-05-05 20:31:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kot\Menu Start\Programy\Narzędzia administracyjne
[2012-05-04 10:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\ATI
[2012-05-04 10:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kot\Dane aplikacji\ATI
[2012-05-04 10:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI
[2012-05-04 10:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Catalyst Control Center
[2012-05-04 10:14:12 | 000,099,856 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys
[2012-05-04 10:13:42 | 000,956,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll
[2012-05-04 10:13:42 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe
[2012-05-04 10:13:42 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe
[2012-05-04 10:13:42 | 000,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll
[2012-05-04 10:13:42 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODCLI.exe
[2012-05-04 10:13:41 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODE.exe
[2012-05-04 10:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-05-04 10:10:49 | 000,000,000 | ---D | C] -- C:\AMD
[2012-05-03 07:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Mozilla
[2012-05-03 07:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-05-31 11:45:33 | 000,001,124 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskUserS-1-5-21-725345543-839522115-1177238915-1003UA.job
[2012-05-31 11:25:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS asks\Adobe Flash Player Updater.job
[2012-05-31 11:03:00 | 000,556,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-05-31 11:03:00 | 000,509,136 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-05-31 11:03:00 | 000,113,476 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-05-31 11:03:00 | 000,090,618 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-05-31 11:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS asks\Scheduled Update for Ask Toolbar.job
[2012-05-31 10:58:13 | 000,000,274 | ---- | M] () -- C:\WINDOWS asks\RealUpgradeLogonTaskS-1-5-21-725345543-839522115-1177238915-1003.job
[2012-05-31 10:57:58 | 000,000,294 | ---- | M] () -- C:\WINDOWS asks\RealUpgradeLogonTaskS-1-5-21-725345543-839522115-1177238915-500.job
[2012-05-31 10:57:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-05-31 09:47:29 | 099,522,551 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-05-30 21:48:48 | 001,175,892 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\Polska_960_-_992.png
[2012-05-30 14:45:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskUserS-1-5-21-725345543-839522115-1177238915-1003Core.job
[2012-05-30 14:31:01 | 000,000,972 | ---- | M] () -- C:\WINDOWS asks\Google Software Updater.job
[2012-05-29 21:42:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-05-29 14:54:34 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-05-29 13:15:35 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-05-29 00:09:56 | 002,688,752 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\roza.tiff
[2012-05-29 00:09:56 | 000,002,725 | ---- | M] () -- C:\Documents and Settings\Kot\.recently-used.xbel
[2012-05-28 11:49:58 | 000,013,191 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\Kubuś Świderski.jpg
[2012-05-28 11:47:49 | 000,015,709 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\rosa.jpg
[2012-05-27 11:54:17 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012-05-27 11:54:08 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012-05-26 17:31:19 | 000,151,870 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-05-26 16:47:23 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-24 11:29:12 | 000,179,471 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\LO_Pawel.jpg
[2012-05-22 10:42:39 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\Kot\Pulpit\Skrót do MBL.lnk
[2012-05-16 09:54:07 | 000,000,282 | ---- | M] () -- C:\WINDOWS asks\RealUpgradeScheduledTaskS-1-5-21-725345543-839522115-1177238915-1003.job
[2012-05-16 09:45:46 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2012-05-16 09:44:53 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2012-05-16 09:44:53 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2012-05-09 01:06:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS asks\RealUpgradeScheduledTaskS-1-5-21-725345543-839522115-1177238915-500.job
[2012-05-05 13:25:12 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012-05-05 13:25:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-05-30 21:48:47 | 001,175,892 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\Polska_960_-_992.png
[2012-05-30 00:44:01 | 000,271,298 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2012-05-29 00:09:56 | 000,002,725 | ---- | C] () -- C:\Documents and Settings\Kot\.recently-used.xbel
[2012-05-29 00:09:55 | 002,688,752 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\roza.tiff
[2012-05-28 11:49:57 | 000,013,191 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\Kubuś Świderski.jpg
[2012-05-28 11:47:40 | 000,015,709 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\rosa.jpg
[2012-05-24 11:29:11 | 000,179,471 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\LO_Pawel.jpg
[2012-05-22 10:42:42 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Kot\Pulpit\Skrót do MBL.lnk
[2012-05-04 10:13:42 | 000,245,896 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2012-05-04 09:43:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-03-19 16:25:31 | 000,000,024 | ---- | C] () -- C:\WINDOWS\Wilga-PSJP.INI
[2012-02-28 22:42:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-01-02 17:07:44 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011-09-19 09:41:09 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\B2441E094D.sys
[2011-09-19 09:41:08 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2011-05-06 20:16:20 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p31].bmp
[2011-05-06 20:16:05 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p30].bmp
[2011-05-06 20:15:52 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p29].bmp
[2011-05-06 20:15:39 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p28].bmp
[2011-05-06 20:15:28 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p27].bmp
[2011-05-06 20:15:20 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p26].bmp
[2011-05-06 20:15:08 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p25].bmp
[2011-05-06 20:14:59 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p24].bmp
[2011-05-06 20:14:50 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p23].bmp
[2011-05-06 20:14:42 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p22].bmp
[2011-05-06 20:14:32 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p21].bmp
[2011-05-06 20:14:23 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p20].bmp
[2011-05-06 20:14:10 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p19].bmp
[2011-05-06 20:13:59 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p18].bmp
[2011-05-06 20:13:47 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p17].bmp
[2011-05-06 20:13:33 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p16].bmp
[2011-05-06 20:13:22 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p15].bmp
[2011-05-06 20:13:15 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p14].bmp
[2011-05-06 20:13:08 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p13].bmp
[2011-05-06 20:13:01 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p12].bmp
[2011-05-06 20:12:45 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p11].bmp
[2011-05-06 20:12:33 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p10].bmp
[2011-05-06 20:12:21 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p09].bmp
[2011-05-06 20:12:08 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p08].bmp
[2011-05-06 20:12:01 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p07].bmp
[2011-05-06 20:11:52 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p06].bmp
[2011-05-06 20:11:41 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p05].bmp
[2011-05-06 20:11:34 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p04].bmp
[2011-05-06 20:11:24 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p03].bmp
[2011-05-06 20:11:13 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p02].bmp
[2011-05-06 20:11:02 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0002]-[p01].bmp
[2011-03-09 11:41:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2011-03-05 17:16:52 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0007]-[p03].bmp
[2011-03-05 17:16:34 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0007]-[p02].bmp
[2011-03-05 17:16:12 | 002,525,238 | ---- | C] () -- C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\[j0007]-[p01].bmp
[2011-01-19 11:07:17 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01pol.exe
[2010-12-01 12:47:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2010-12-01 12:44:51 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010-11-12 22:20:23 | 000,000,221 | ---- | C] () -- C:\WINDOWS\ao97pr.ini
[2010-10-27 19:05:46 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-09-27 21:38:29 | 000,209,098 | ---- | C] () -- C:\WINDOWS\hphins34.dat.temp
[2010-09-27 21:38:28 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hphmdl34.dat.temp
[2010-09-27 20:22:15 | 000,178,584 | ---- | C] () -- C:\WINDOWS\hphins34.dat
[2010-09-27 20:22:14 | 000,000,532 | ---- | C] () -- C:\WINDOWS\hphmdl34.dat
[2010-06-29 12:53:23 | 000,102,471 | ---- | C] () -- C:\WINDOWS\System32\msvcrt2.dll
[2010-06-29 12:34:41 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-06-29 12:34:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-06-29 12:34:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-06-29 12:34:41 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-06-29 12:34:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-06-10 02:20:20 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8

< End of report >

OTL Extras logfile created on: 2012-05-31 11:22:36 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = g:\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,57 Gb Available Physical Memory | 28,54% Memory free
3,85 Gb Paging File | 2,07 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,00 Gb Total Space | 2,25 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
Drive D: | 96,46 Gb Total Space | 17,01 Gb Free Space | 17,64% Space Free | Partition Type: NTFS
Drive G: | 96,42 Gb Total Space | 17,26 Gb Free Space | 17,90% Space Free | Partition Type: NTFS

Computer Name: DOWN | User Name: Kot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Kot\Ustawienia lokalne emp\7zS0E3A\setup\hpznui01.exe" = C:\Documents and Settings\Kot\Ustawienia lokalne emp\7zS0E3A\setup\hpznui01.exe:*:Enabled:hpznui01.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Wolfenstein - Enemy Territory\ET.exe" = D:\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- ()
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
"D:\blobby volley\volley.exe" = D:\blobby volley\volley.exe:*:Enabled:volley -- ()
"D:\Wolfenstein - Enemy Territory\ETDED.exe" = D:\Wolfenstein - Enemy Territory\ETDED.exe:*:Enabled:ETDED -- ()
"C:\Documents and Settings\Kot\Ustawienia lokalne emp\7zS0E3A\setup\hpznui01.exe" = C:\Documents and Settings\Kot\Ustawienia lokalne emp\7zS0E3A\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\WinSCP\WinSCP.exe" = C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client -- (Martin Prikryl)
"D:\Heroes3\h3wog.exe" = D:\Heroes3\h3wog.exe:*:Enabled:Heroes of Might and Magic® III -- (The 3DO Company)
"C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Battlefield2\BF2.exe" = D:\Battlefield2\BF2.exe:*:Enabled:Battlefield 2
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG
"C:\Documents and Settings\Kot\Pulpit\SweetImSetup.exe" = C:\Documents and Settings\Kot\Pulpit\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\Program Files\Corel\DVD9\WinDVD.exe" = C:\Program Files\Corel\DVD9\WinDVD.exe:*:Enabled:WinDVD -- (Corel Corporation)
"C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe" = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\AeriaGames\WolfTeam-PL\Wolfteam.bin" = C:\AeriaGames\WolfTeam-PL\Wolfteam.bin:*:Enabled:WolfTeam
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.)
"D:\Cossacks\dmcr.exe" = D:\Cossacks\dmcr.exe:*:Enabled:dmcr -- (-GSC-)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Kot\Ustawienia lokalne\Dane aplikacji\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02B94925-4A1C-D7AC-A851-0E7A9D5ED8BE}" = CCC Help Thai
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{09D72100-CAC9-42BF-AD52-47F784C92DB6}" = LibreOffice 3.5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{11EECEB2-5C76-99CD-2E39-756CBDD73499}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java™ 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2AE31B63-387A-249C-2124-5C459B07B8E3}" = CCC Help Korean
"{2B1D90C0-F2C0-C20A-0C21-6B2DEEEB33BC}" = CCC Help Dutch
"{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B786ABD-AA64-0225-3925-8FA3F77FE53B}" = CCC Help Polish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Jednostki Specjalne
"{54D8C662-ED7A-8B98-2ADD-AE6F2F2D0299}" = CCC Help Danish
"{5D8663CC-B937-88A4-B76B-C4904CDD3D7D}" = Windows Driver Kit
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64CAA486-3CA5-4C81-8DAE-5D7D18E1956C}" = ChomikBox
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6808A819-8657-8AF7-1351-9702425337E7}" = CCC Help Chinese Traditional
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70AE4016-BCFD-9B62-5B9A-CCB831A3715B}" = CCC Help Czech
"{73F64EE9-AC9A-9585-E6DA-7547AD804820}" = CCC Help Chinese Standard
"{76312427-983B-9524-527B-3E44E4620334}" = CCC Help Greek
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77E75011-B477-842D-F291-7D0985797D56}" = CCC Help Swedish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BA70AE2-35EE-8A73-22BD-F2DB17CDD96D}" = Catalyst Control Center InstallProxy
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{96E58E89-4623-CE23-B743-0BFAA94677A6}" = CCC Help German
"{98A957AC-7BA3-82F7-A273-D8C783B23C5F}" = CCC Help French
"{98B069B8-EF38-CE76-1728-02AC63AC0438}" = Catalyst Control Center
"{9944163f-2367-4db7-ac77-b4963ca06996}" = Windows Driver Kit
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EEC34BF-9682-EE9D-ACE4-6C571E24A7EE}" = CCC Help Japanese
"{A1F8DAB8-C993-E9FB-708E-6C702D4E19DB}" = Kits Configuration Installer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB165295-EA7E-6753-55A8-429C08A85690}" = CCC Help Italian
"{AB3902FC-219F-A3A0-10EC-63CFF24DF707}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B293548D-735F-1F86-1C9C-1A56B8928FEE}" = AMD Catalyst Install Manager
"{B40B1EFB-BA7B-462A-EA58-0AD6A05EC931}" = CCC Help English
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7CD2ADE-855E-2A1C-683A-3A4C05A7CA5D}" = Catalyst Control Center Localization All
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C14BEC54-8253-6AC5-D446-506281A5E4F8}" = CCC Help Russian
"{C1EC6451-68A9-7EC2-2DB4-899A09A1CA09}" = CCC Help Norwegian
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C542D258-F474-6798-A018-EB480B8EDC6C}" = CCC Help Turkish
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CBCA600F-6B90-416D-9D19-477758C40946}" = DJ_SF_06_D5500_SW_Min
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE4E3BE-78F3-FB72-9DD3-EF690FC96D01}" = e-Deklaracje Desktop
"{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"{E60588F9-9961-1136-B5A1-74D15B1C0EA1}" = CCC Help Finnish
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{E7DF9EFA-42AE-475F-2C5C-E2E9AC953AA5}" = CCC Help Hungarian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F1C27587-F747-D0C8-907C-054B87A08B64}" = ccc-utility
"{F7170995-22B7-082B-63D3-776AD36AE749}" = CCC Help Portuguese
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FD8D2CC3-0345-4D98-B7DC-2EE70AC1A13C}" = Kozacy II - Bitwa o Europę
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE45D881-F9B6-40C0-A833-8CAF92094AB3}" = HP Deskjet D5500 Printer Driver 14.0 Rel. 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"a-squared Free_is1" = a-squared Free 4.5
"Audacity_is1" = Audacity 1.2.6
"Automatyczny Wyłącznik Systemu_is1" = Automatyczny Wyłącznik Systemu 2.0
"AVG" = AVG 2012
"Blender" = Blender (remove only)
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"Deus Ex" = Deus Ex
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"divx650vfw_is1" = DivX Pro 6.8.0 VFW
"e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Foxit Reader" = Foxit Reader
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"FreeCommander_is1" = FreeCommander 2009.02b
"GenoPro" = GenoPro
"Google Updater" = Aktualizator Google
"Inkscape" = Inkscape 0.48.1
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Multimedialny słownik szkolny PWN" = Multimedialny słownik szkolny PWN
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"Nero8Lite_is1" = Nero 8 Micro 8.3.2.1
"Opera 11.64.1403" = Opera 11.64
"PDF Editor 3" = PDF Editor 3
"Picasa 3" = Picasa 3
"PIT Format 2011_is1" = PIT Format 2011
"RealAlt_is1" = Real Alternative 2.0.2
"RealPlayer 15.0" = RealPlayer
"Recuva" = Recuva
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SkypeMate" = SkypeMate
"Slownik jezyka polskiego 3t" = Słownik języka polskiego PWN
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"SubEdit-Player_is1" = SubEdit-Player
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"WinAVI All in One Converter" = WinAVI All in One Converter
"WinGimp-2.0_is1" = GIMP 2.6.8
"winscp3_is1" = WinSCP 4.2.4 beta
"winusb0100" = Microsoft WinUsb 1.0
"xp-AntiSpy" = xp-AntiSpy 3.97-3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Użytkownik Celdur edytował ten post 31 05 2012 - 13:27

Do góry

#2 Celdur

Republic of Gamers

6 100 postów

Napisano 31 05 2012 - 13:23

Piszą że to niekoniecznie musi być wirus lub trojan.
Poleciłbym w ogóle wywalenie tego badziewia jakim jest Windows XP, który z byle powodów potrafi padać.

"Ten komunikat o błędzie może zostać wyświetlony, jeżeli jedno z poniższych stwierdzeń jest prawdziwe:

Wystąpiły problemy ze sprzętem lub oprogramowaniem komputera (najczęściej przyczyną jest awaria sprzętowa).
Użytkownik usiłował zwiększyć częstotliwość zegara procesora w komputerze (na przykład procesor 150 MHz został skonfigurowany do pracy z częstotliwością 187 MHz).

Powyższy błąd STOP oznacza, że w trybie jądra wystąpiła pułapka, która jest niedozwolona przez jądro lub zawsze jest krytyczna. Przyczyny wyświetlenia komunikatu STOP 0x7F najczęściej są następujące:

Uszkodzenie sprzętu na niskim poziomie, takie jak uszkodzenie pamięci (RAM)
Niezgodne moduły pamięci
Nieprawidłowe funkcjonowanie płyty głównej

Aby w przybliżeniu ustalić przyczynę, należy zbadać parametry wyświetlane w górnej części ekranu STOP:
**STOP 0x0000007F (0x000000XX, 0x00000000, 0x00000000, 0x00000000)
UNEXPECTED_KERNEL_MODE_TRAP"

Użytkownik Celdur edytował ten post 31 05 2012 - 13:25

Do góry

#3 tameo

Nowy

4 postów

Napisano 31 05 2012 - 13:43

Zasadniczo jestem fanem linuksa, ale rodzina chce mieć windę...

Sprawdziłem już pamięć i dysk. MB i procek mają po 3 lata, więc w sumie nie powinny się jeszcze za bardzo psuć.

Komunikatu niestety nie miałem żadnego, tylko błąd 7f i same zera w nawiasie.

Sprzętowo jedyne co jeszcze przychodzi mi do głowy, to problem ze sterami do grafiki, która była wymieniana z miesiąc temu, ale nie wiem jak to sprawdzić.

Do góry

#4 ordynat

Zaawansowany użytkownik

804 postów

Napisano 01 06 2012 - 06:38

Nawiasem mówiąc: w logach widać ślady infekcji.
To raczej nie ma nic wspólnego z Twoim problemen, ale trzeba to usunąć tak czy siak:
1) Daj log z >TDSSKiller

2) Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
DRV - File not found [Kernel | Auto | Stopped] -- C:DOCUME~1ADMINI~1USTAWI~1Tempxgfyaxzbanaocij.sys -- (yjoozickwqcaumm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:WINDOWSSystem32Drivers zqsbsqr.sys -- (tzqsbsqr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:WINDOWSSystem32Driversqzmohxrt.sys -- (qzmohxrt)
DRV - File not found [Kernel | Auto | Stopped] -- C:DOCUME~1ADMINI~1USTAWI~1Tempimzggdp.sys -- (nyvhlkpzgpeaear)
DRV - File not found [Kernel | Auto | Stopped] -- C:DOCUME~1KotUSTAWI~1Tempkpvxbwrb.sys -- (fuunwbktlxe)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:WINDOWSSystem32Driversfujmeccb.sys -- (fujmeccb)
IE - HKCU..URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
O3 - HKLM..Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU..ToolbarWebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU..ToolbarWebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..Run: [] File not found
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k File not found
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O33 - MountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333}ShellAutoRuncommand - "" = setisezeljko.exe
O33 - MountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333}Shellexplorecommand - "" = setisezeljko.exe
O33 - MountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333}Shellopencommand - "" = setisezeljko.exe
O33 - MountPoints2{8f9f33ef-c1d7-11df-9f94-002618b28333}ShellAutoRuncommand - "" = H:TEMP/bracacelika.exe
O33 - MountPoints2{8f9f33ef-c1d7-11df-9f94-002618b28333}Shellopencommand - "" = H:TEMP/bracacelika.exe

:Commands
[emptytemp]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Scriptem.
.

Do góry

#5 tameo

Nowy

4 postów

Napisano 04 06 2012 - 11:01

Dzięki za pomoc. Podaję logi:

TDSS:

10:14:10.0968 5792 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
10:14:11.0359 5792 ============================================================
10:14:11.0359 5792 Current date / time: 2012/06/04 10:14:11.0359
10:14:11.0359 5792 SystemInfo:
10:14:11.0359 5792
10:14:11.0359 5792 OS Version: 5.1.2600 ServicePack: 3.0
10:14:11.0359 5792 Product type: Workstation
10:14:11.0359 5792 ComputerName: DOWN
10:14:11.0359 5792 UserName: Kot
10:14:11.0359 5792 Windows directory: C:WINDOWS
10:14:11.0359 5792 System windows directory: C:WINDOWS
10:14:11.0359 5792 Processor architecture: Intel x86
10:14:11.0359 5792 Number of processors: 1
10:14:11.0359 5792 Page size: 0x1000
10:14:11.0359 5792 Boot type: Normal boot
10:14:11.0359 5792 ============================================================
10:14:15.0781 5792 Drive DeviceHarddisk0DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:14:15.0796 5792 ============================================================
10:14:15.0796 5792 DeviceHarddisk0DR0:
10:14:15.0796 5792 MBR partitions:
10:14:15.0796 5792 DeviceHarddisk0DR0Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2800A34
10:14:15.0812 5792 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x5001525, BlocksNum 0xC0D7B2C
10:14:15.0828 5792 DeviceHarddisk0DR0Partition2: MBR, Type 0x7, StartLBA 0x110D9090, BlocksNum 0xC0EB4F1
10:14:15.0828 5792 ============================================================
10:14:15.0843 5792 C: <-> DeviceHarddisk0DR0Partition0
10:14:15.0890 5792 D: <-> DeviceHarddisk0DR0Partition2
10:14:15.0906 5792 G: <-> DeviceHarddisk0DR0Partition1
10:14:15.0906 5792 ============================================================
10:14:15.0906 5792 Initialize success
10:14:15.0906 5792 ============================================================
10:14:17.0375 5844 ============================================================
10:14:17.0375 5844 Scan started
10:14:17.0375 5844 Mode: Manual;
10:14:17.0375 5844 ============================================================
10:14:20.0140 5844 a2free		  (160270fb6706b45392b3c20753bef1a9) C:Program Filesa-squared Freea2service.exe
10:14:21.0062 5844 a2free - ok
10:14:21.0250 5844 Abiosdsk - ok
10:14:21.0265 5844 abp480n5 - ok
10:14:21.0296 5844 ACPI		    (05118282f5d039595a2b92b4a4afe197) C:WINDOWSsystem32DRIVERSACPI.sys
10:14:21.0312 5844 ACPI - ok
10:14:21.0406 5844 ACPIEC		  (66a42b7db194e24b973bbcce840a0f3f) C:WINDOWSsystem32driversACPIEC.sys
10:14:22.0718 5844 ACPIEC - ok
10:14:22.0890 5844 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:WINDOWSsystem32MacromedFlashFlashPlayerUpdateService.exe
10:14:22.0906 5844 AdobeFlashPlayerUpdateSvc - ok
10:14:22.0906 5844 adpu160m - ok
10:14:22.0937 5844 aec			 (8bed39e3c35d6a489438b8141717a557) C:WINDOWSsystem32driversaec.sys
10:14:23.0046 5844 aec - ok
10:14:23.0406 5844 AFD			 (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:WINDOWSSystem32driversafd.sys
10:14:23.0687 5844 AFD - ok
10:14:23.0703 5844 Aha154x - ok
10:14:23.0734 5844 aic78u2 - ok
10:14:23.0750 5844 aic78xx - ok
10:14:24.0312 5844 Akamai		  (c775d704feb2b600a5bf7b0b088546af) c:program filescommon filesakamai/netsession_win_80c2ffa.dll
10:14:24.0312 5844 Suspicious file (Hidden): c:program filescommon filesakamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
10:14:24.0328 5844 Akamai ( HiddenFile.Multi.Generic ) - warning
10:14:24.0328 5844 Akamai - detected HiddenFile.Multi.Generic (1)
10:14:24.0484 5844 ALG			 (d1738dddff196c5cee6d867c136af745) C:WINDOWSSystem32alg.exe
10:14:24.0500 5844 ALG - ok
10:14:24.0515 5844 AliIde - ok
10:14:24.0515 5844 amsint - ok
10:14:24.0531 5844 AppMgmt		 (1561430da2f2ab81cc0ce71af95a778d) C:WINDOWSSystem32appmgmts.dll
10:14:24.0812 5844 AppMgmt - ok
10:14:24.0812 5844 asc - ok
10:14:24.0828 5844 asc3350p - ok
10:14:24.0828 5844 asc3550 - ok
10:14:24.0875 5844 AsIO		    (2b4e66fac6503494a2c6f32bb6ab3826) C:WINDOWSsystem32driversAsIO.sys
10:14:25.0109 5844 AsIO - ok
10:14:25.0296 5844 aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:WINDOWSMicrosoft.NETFrameworkv4.0.30319aspnet_state.exe
10:14:25.0625 5844 aspnet_state - ok
10:14:25.0640 5844 AsyncMac	    (b153affac761e7f5fcfa822b9c4e97bc) C:WINDOWSsystem32DRIVERSasyncmac.sys
10:14:26.0109 5844 AsyncMac - ok
10:14:26.0140 5844 atapi		   (9f3a2f5aa6875c72bf062c712cfa2674) C:WINDOWSsystem32DRIVERSatapi.sys
10:14:26.0156 5844 atapi - ok
10:14:26.0156 5844 Atdisk - ok
10:14:26.0437 5844 Ati HotKey Poller (7eeb8386f9ac3721edad9b21e5c2f2d4) C:WINDOWSsystem32Ati2evxx.exe
10:14:26.0953 5844 Ati HotKey Poller - ok
10:14:27.0000 5844 ATI Smart	   (b979ba0120b6db757196a8e2e873fe3c) C:WINDOWSsystem32ati2sgag.exe
10:14:27.0406 5844 ATI Smart - ok
10:14:28.0062 5844 ati2mtag	    (28f1b6ccd2e0a184da7d9f266bfeb267) C:WINDOWSsystem32DRIVERSati2mtag.sys
10:14:28.0781 5844 ati2mtag - ok
10:14:28.0968 5844 AtiHDAudioService (f3c66593c93776a7614569137c74c724) C:WINDOWSsystem32driversAtihdXP3.sys
10:14:29.0234 5844 AtiHDAudioService - ok
10:14:29.0250 5844 Atmarpc		 (9916c1225104ba14794209cfa8012159) C:WINDOWSsystem32DRIVERSatmarpc.sys
10:14:29.0468 5844 Atmarpc - ok
10:14:29.0531 5844 AudioSrv	    (3a28d3e7bad0eed3810cd918b2525b54) C:WINDOWSSystem32audiosrv.dll
10:14:29.0890 5844 AudioSrv - ok
10:14:29.0921 5844 audstub		 (d9f724aa26c010a217c97606b160ed68) C:WINDOWSsystem32DRIVERSaudstub.sys
10:14:30.0046 5844 audstub - ok
10:14:31.0625 5844 AVGIDSAgent	 (6d440ff3f44ca72edfd6176c6d6a89c0) C:Program FilesAVGAVG2012AVGIDSAgent.exe
10:14:32.0046 5844 AVGIDSAgent - ok
10:14:32.0234 5844 AVGIDSDriver    (4fa401b33c1b50c816486f6951244a14) C:WINDOWSsystem32DRIVERSAVGIDSDriver.Sys
10:14:32.0250 5844 AVGIDSDriver - ok
10:14:32.0343 5844 AVGIDSEH	    (69578bc9d43d614c6b3455db4af19762) C:WINDOWSsystem32DRIVERSAVGIDSEH.Sys
10:14:32.0375 5844 AVGIDSEH - ok
10:14:32.0453 5844 AVGIDSFilter    (6df528406aa22201f392b9b19121cd6f) C:WINDOWSsystem32DRIVERSAVGIDSFilter.Sys
10:14:32.0515 5844 AVGIDSFilter - ok
10:14:32.0562 5844 AVGIDSShim	  (1e01c2166b5599802bcd61b9691f7476) C:WINDOWSsystem32DRIVERSAVGIDSShim.Sys
10:14:32.0765 5844 AVGIDSShim - ok
10:14:32.0812 5844 Avgldx86	    (bf8118cd5e2255387b715b534d64acd1) C:WINDOWSsystem32DRIVERSavgldx86.sys
10:14:33.0078 5844 Avgldx86 - ok
10:14:33.0093 5844 Avgmfx86	    (1c77ef67f196466adc9924cb288afe87) C:WINDOWSsystem32DRIVERSavgmfx86.sys
10:14:33.0109 5844 Avgmfx86 - ok
10:14:33.0140 5844 Avgrkx86	    (f2038ed7284b79dcef581468121192a9) C:WINDOWSsystem32DRIVERSavgrkx86.sys
10:14:33.0140 5844 Avgrkx86 - ok
10:14:33.0171 5844 Avgtdix		 (a6d562b612216d8d02a35ebeb92366bd) C:WINDOWSsystem32DRIVERSavgtdix.sys
10:14:33.0406 5844 Avgtdix - ok
10:14:33.0546 5844 avgwd		   (6699ece24fe4b3f752a66c66a602ee86) C:Program FilesAVGAVG2012avgwdsvc.exe
10:14:33.0562 5844 avgwd - ok
10:14:33.0593 5844 Beep		    (da1f27d85e0d1525f6621372e7b685e9) C:WINDOWSsystem32driversBeep.sys
10:14:33.0812 5844 Beep - ok
10:14:33.0859 5844 BITS		    (78200faa6fd9c69394134c238c87fb7f) C:WINDOWSsystem32qmgr.dll
10:14:34.0187 5844 BITS - ok
10:14:34.0265 5844 Browser		 (b98ed6d85339a66a73f32fb569eb6c01) C:WINDOWSSystem32browser.dll
10:14:34.0281 5844 Browser - ok
10:14:34.0281 5844 catchme - ok
10:14:34.0312 5844 cbidf2k		 (90a673fc8e12a79afbed2576f6a7aaf9) C:WINDOWSsystem32driverscbidf2k.sys
10:14:34.0515 5844 cbidf2k - ok
10:14:34.0546 5844 CCDECODE	    (0be5aef125be881c4f854c554f2b025c) C:WINDOWSsystem32DRIVERSCCDECODE.sys
10:14:34.0687 5844 CCDECODE - ok
10:14:34.0687 5844 cd20xrnt - ok
10:14:34.0718 5844 Cdaudio		 (c1b486a7658353d33a10cc15211a873b) C:WINDOWSsystem32driversCdaudio.sys
10:14:34.0953 5844 Cdaudio - ok
10:14:34.0984 5844 Cdfs		    (c885b02847f5d2fd45a24e219ed93b32) C:WINDOWSsystem32driversCdfs.sys
10:14:34.0984 5844 Cdfs - ok
10:14:35.0015 5844 Cdrom		   (1f4260cc5b42272d71f79e570a27a4fe) C:WINDOWSsystem32DRIVERScdrom.sys
10:14:35.0390 5844 Cdrom - ok
10:14:35.0390 5844 Changer - ok
10:14:35.0421 5844 CiSvc		   (45b63df2fb498d219fcbb4425cade676) C:WINDOWSsystem32cisvc.exe
10:14:35.0609 5844 CiSvc - ok
10:14:35.0640 5844 ClipSrv		 (c94f1b6f61858d6389c0fa06954fb9c4) C:WINDOWSsystem32clipsrv.exe
10:14:36.0031 5844 ClipSrv - ok
10:14:36.0109 5844 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe
10:14:36.0890 5844 clr_optimization_v2.0.50727_32 - ok
10:14:37.0203 5844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:WINDOWSMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe
10:14:37.0968 5844 clr_optimization_v4.0.30319_32 - ok
10:14:37.0968 5844 CmdIde - ok
10:14:37.0984 5844 COMSysApp - ok
10:14:38.0000 5844 Cpqarray - ok
10:14:38.0062 5844 CryptSvc	    (6b105fe95f2e9f0b6346044ba59d41c9) C:WINDOWSSystem32cryptsvc.dll
10:14:38.0312 5844 CryptSvc - ok
10:14:38.0312 5844 dac2w2k - ok
10:14:38.0328 5844 dac960nt - ok
10:14:38.0375 5844 DcomLaunch	  (c9e5ac78d9a00b1de8ce2ad1bdde7e42) C:WINDOWSsystem32rpcss.dll
10:14:38.0406 5844 DcomLaunch - ok
10:14:38.0453 5844 Dhcp		    (6b4afe7c676cff3eff2dc06a4ee945f7) C:WINDOWSSystem32dhcpcsvc.dll
10:14:38.0468 5844 Dhcp - ok
10:14:38.0484 5844 Disk		    (044452051f3e02e7963599fc8f4f3e25) C:WINDOWSsystem32DRIVERSdisk.sys
10:14:38.0484 5844 Disk - ok
10:14:38.0500 5844 dmadmin - ok
10:14:38.0562 5844 dmboot		  (bc9219abc5696942e6f9ac8a9b28670f) C:WINDOWSsystem32driversdmboot.sys
10:14:38.0906 5844 dmboot - ok
10:14:39.0015 5844 dmio		    (5fa232e3ba6e1346f9f5a7e519320cb0) C:WINDOWSsystem32driversdmio.sys
10:14:39.0046 5844 dmio - ok
10:14:39.0078 5844 dmload		  (e9317282a63ca4d188c0df5e09c6ac5f) C:WINDOWSsystem32driversdmload.sys
10:14:39.0109 5844 dmload - ok
10:14:39.0156 5844 dmserver	    (d858920a05076914d34b0388e8d96cc0) C:WINDOWSSystem32dmserver.dll
10:14:39.0359 5844 dmserver - ok
10:14:39.0437 5844 DMusic		  (8a208dfcf89792a484e76c40e5f50b45) C:WINDOWSsystem32driversDMusic.sys
10:14:39.0531 5844 DMusic - ok
10:14:39.0578 5844 Dnscache	    (4ce42967710beb87ae805d9da7a87499) C:WINDOWSSystem32dnsrslvr.dll
10:14:39.0890 5844 Dnscache - ok
10:14:39.0953 5844 Dot3svc		 (e0b7d66cf29d9adccf873c77821cd4ca) C:WINDOWSSystem32dot3svc.dll
10:14:40.0187 5844 Dot3svc - ok
10:14:40.0203 5844 dpti2o - ok
10:14:40.0234 5844 drmkaud		 (8f5fcff8e8848afac920905fbd9d33c8) C:WINDOWSsystem32driversdrmkaud.sys
10:14:40.0359 5844 drmkaud - ok
10:14:40.0406 5844 dtsoftbus01	 (555e54ac2f601a8821cef58961653991) C:WINDOWSsystem32DRIVERSdtsoftbus01.sys
10:14:40.0421 5844 dtsoftbus01 - ok
10:14:40.0500 5844 DvmMDES		 (355e50803a28af282a87faa2612b95ce) C:ASUS.SYSconfigDVMExportService.exe
10:14:41.0187 5844 DvmMDES - ok
10:14:41.0281 5844 EapHost		 (5f256c1ad50fefdc442cd5aab58c7dd8) C:WINDOWSSystem32eapsvc.dll
10:14:41.0593 5844 EapHost - ok
10:14:41.0671 5844 ERSvc		   (ed1b71382c31fd2cf3cdc4672efad6ea) C:WINDOWSSystem32ersvc.dll
10:14:42.0140 5844 ERSvc - ok
10:14:42.0234 5844 Eventlog	    (8816e60bf654353e8e0d35ed98875445) C:WINDOWSsystem32services.exe
10:14:42.0468 5844 Eventlog - ok
10:14:42.0531 5844 EventSystem	 (5bb3e442e43c7bb0f38203f23c920d3c) C:WINDOWSsystem32es.dll
10:14:42.0531 5844 EventSystem - ok
10:14:42.0578 5844 Fastfat		 (38d332a6d56af32635675f132548343e) C:WINDOWSsystem32driversFastfat.sys
10:14:42.0578 5844 Fastfat - ok
10:14:42.0609 5844 FastUserSwitchingCompatibility (55aae86c7c2cadf6972acd1d76c24a98) C:WINDOWSSystem32shsvcs.dll
10:14:42.0843 5844 FastUserSwitchingCompatibility - ok
10:14:42.0937 5844 Fdc			 (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:WINDOWSsystem32DRIVERSfdc.sys
10:14:43.0203 5844 Fdc - ok
10:14:43.0390 5844 Fips		    (09e2a4d33f81a06a8aab2ba0a0b5d235) C:WINDOWSsystem32driversFips.sys
10:14:43.0640 5844 Fips - ok
10:14:43.0750 5844 Flpydisk	    (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:WINDOWSsystem32DRIVERSflpydisk.sys
10:14:43.0984 5844 Flpydisk - ok
10:14:44.0015 5844 FltMgr		  (b2cf4b0786f8212cb92ed2b50c6db6b0) C:WINDOWSsystem32DRIVERSfltMgr.sys
10:14:44.0031 5844 FltMgr - ok
10:14:44.0156 5844 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe
10:14:44.0468 5844 FontCache3.0.0.0 - ok
10:14:44.0500 5844 Fs_Rec		  (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:WINDOWSsystem32driversFs_Rec.sys
10:14:44.0687 5844 Fs_Rec - ok
10:14:44.0718 5844 Ftdisk		  (ed6d921d8ab423138fb35beee6d6a6cb) C:WINDOWSsystem32DRIVERSftdisk.sys
10:14:44.0734 5844 Ftdisk - ok
10:14:44.0734 5844 fujmeccb - ok
10:14:44.0812 5844 fuunwbktlxe - ok
10:14:44.0843 5844 giveio		  (77ebf3e9386daa51551af429052d88d0) C:WINDOWSsystem32giveio.sys
10:14:44.0843 5844 giveio - ok
10:14:44.0875 5844 Gpc			 (0a02c63c8b144bd8c86b103dee7c86a2) C:WINDOWSsystem32DRIVERSmsgpc.sys
10:14:45.0171 5844 Gpc - ok
10:14:45.0234 5844 gusvc		   (408ddd80eede47175f6844817b90213e) C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
10:14:45.0968 5844 gusvc - ok
10:14:46.0000 5844 hamachi		 (64b48a0d899deca24c424a2cac3ecffa) C:WINDOWSsystem32DRIVERShamachi.sys
10:14:46.0203 5844 hamachi - ok
10:14:46.0265 5844 HDAudBus	    (573c7d0a32852b48f3058cfd8026f511) C:WINDOWSsystem32DRIVERSHDAudBus.sys
10:14:46.0265 5844 HDAudBus - ok
10:14:46.0312 5844 helpsvc		 (af752014f7eb61542e3f35b9374d7e76) C:WINDOWSPCHealthHelpCtrBinariespchsvc.dll
10:14:46.0609 5844 helpsvc - ok
10:14:46.0640 5844 HidServ		 (1776c3b6069eeecc8042535296c1866a) C:WINDOWSSystem32hidserv.dll
10:14:46.0796 5844 HidServ - ok
10:14:46.0828 5844 hidusb		  (ccf82c5ec8a7326c3066de870c06daf1) C:WINDOWSsystem32DRIVERShidusb.sys
10:14:47.0031 5844 hidusb - ok
10:14:47.0484 5844 hkmsvc		  (f0273916da6fb64cc88e0bd77619554f) C:WINDOWSSystem32kmsvc.dll
10:14:47.0765 5844 hkmsvc - ok
10:14:47.0781 5844 hpn - ok
10:14:47.0984 5844 HPSLPSVC	    (a04f4ac48895774a2cf9d1c9eaaacef0) C:Program FilesHPDigital ImagingbinHPSLPSVC32.DLL
10:14:48.0640 5844 HPSLPSVC - ok
10:14:48.0671 5844 HPZid412	    (d03d10f7ded688fecf50f8fbf1ea9b8a) C:WINDOWSsystem32DRIVERSHPZid412.sys
10:14:48.0937 5844 HPZid412 - ok
10:14:49.0000 5844 HPZipr12	    (89f41658929393487b6b7d13c8528ce3) C:WINDOWSsystem32DRIVERSHPZipr12.sys
10:14:49.0171 5844 HPZipr12 - ok
10:14:49.0203 5844 HPZius12	    (abcb05ccdbf03000354b9553820e39f8) C:WINDOWSsystem32DRIVERSHPZius12.sys
10:14:49.0375 5844 HPZius12 - ok
10:14:49.0468 5844 HTTP		    (f80a415ef82cd06ffaf0d971528ead38) C:WINDOWSsystem32DriversHTTP.sys
10:14:49.0484 5844 HTTP - ok
10:14:49.0531 5844 HTTPFilter	  (aa268079ac119f3a596e5e27aee4bd17) C:WINDOWSSystem32w3ssl.dll
10:14:49.0531 5844 HTTPFilter - ok
10:14:49.0531 5844 i2omgmt - ok
10:14:49.0546 5844 i2omp - ok
10:14:49.0625 5844 i8042prt	    (177b372af55c4460d0968b5f1d02aa1c) C:WINDOWSsystem32DRIVERSi8042prt.sys
10:14:49.0875 5844 i8042prt - ok
10:14:50.0687 5844 idsvc		   (c01ac32dc5c03076cfb852cb5da5229c) C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe
10:14:51.0265 5844 idsvc - ok
10:14:51.0296 5844 Imapi		   (083a052659f5310dd8b6a6cb05edcf8e) C:WINDOWSsystem32DRIVERSimapi.sys
10:14:51.0453 5844 Imapi - ok
10:14:51.0484 5844 ImapiService    (9125af650608a921f98a789e5c5ba864) C:WINDOWSsystem32imapi.exe
10:14:51.0500 5844 ImapiService - ok
10:14:51.0515 5844 ini910u - ok
10:14:51.0531 5844 IntelIde	    (0d3140db49f05b2b69467bd5daf1c94b) C:WINDOWSsystem32DRIVERSintelide.sys
10:14:51.0546 5844 IntelIde - ok
10:14:51.0562 5844 intelppm	    (da153edc09de8c4f846c085caa39d1cc) C:WINDOWSsystem32DRIVERSintelppm.sys
10:14:51.0734 5844 intelppm - ok
10:14:51.0781 5844 Ip6Fw		   (3bb22519a194418d5fec05d800a19ad0) C:WINDOWSsystem32DRIVERSIp6Fw.sys
10:14:51.0953 5844 Ip6Fw - ok
10:14:51.0984 5844 IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:WINDOWSsystem32DRIVERSipfltdrv.sys
10:14:52.0140 5844 IpFilterDriver - ok
10:14:52.0781 5844 IpInIp		  (b87ab476dcf76e72010632b5550955f5) C:WINDOWSsystem32DRIVERSipinip.sys
10:14:53.0015 5844 IpInIp - ok
10:14:53.0078 5844 IpNat		   (cc748ea12c6effde940ee98098bf96bb) C:WINDOWSsystem32DRIVERSipnat.sys
10:14:53.0078 5844 IpNat - ok
10:14:53.0109 5844 IPSec		   (23c74d75e36e7158768dd63d92789a91) C:WINDOWSsystem32DRIVERSipsec.sys
10:14:53.0296 5844 IPSec - ok
10:14:53.0328 5844 IRENUM		  (c93c9ff7b04d772627a3646d89f7bf89) C:WINDOWSsystem32DRIVERSirenum.sys
10:14:53.0453 5844 IRENUM - ok
10:14:53.0546 5844 isapnp		  (c8eef2e93835b81bd335de2123121283) C:WINDOWSsystem32DRIVERSisapnp.sys
10:14:53.0562 5844 isapnp - ok
10:14:53.0593 5844 Iviaspi		 (4ac11b2250106774f694df2db4ffed61) C:WINDOWSsystem32driversiviaspi.sys
10:14:53.0703 5844 Iviaspi - ok
10:14:53.0765 5844 IviRegMgr	   (213822072085b5bbad9af30ab577d817) C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe
10:14:54.0109 5844 IviRegMgr - ok
10:14:54.0218 5844 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:Program FilesJavajre6binjqs.exe
10:14:54.0234 5844 JavaQuickStarterService - ok
10:14:54.0250 5844 JRAID		   (4cb79edbdfe4faa1b7d713dd94b001ae) C:WINDOWSsystem32DRIVERSjraid.sys
10:14:54.0265 5844 JRAID - ok
10:14:54.0281 5844 Kbdclass	    (2aeca45d4aeaacbdcb77ad11184e4601) C:WINDOWSsystem32DRIVERSkbdclass.sys
10:14:54.0578 5844 Kbdclass - ok
10:14:54.0687 5844 kbdhid		  (f718dcddac2544bc693f22977d06f78b) C:WINDOWSsystem32DRIVERSkbdhid.sys
10:14:54.0984 5844 kbdhid - ok
10:14:56.0343 5844 kmixer		  (692bcf44383d056aed41b045a323d378) C:WINDOWSsystem32driverskmixer.sys
10:14:56.0578 5844 kmixer - ok
10:14:57.0140 5844 KSecDD		  (c6ebf1d6ad71df30db49b8d3287e1368) C:WINDOWSsystem32driversKSecDD.sys
10:14:57.0468 5844 KSecDD - ok
10:14:57.0781 5844 LanmanServer    (005a9ae1d43cb7e28036637c094d7d7d) C:WINDOWSSystem32srvsvc.dll
10:14:58.0062 5844 LanmanServer - ok
10:14:58.0125 5844 lanmanworkstation (fa17019da45c5d6464776a639a5a9abb) C:WINDOWSSystem32wkssvc.dll
10:14:58.0265 5844 lanmanworkstation - ok
10:14:58.0281 5844 lbrtfdc - ok
10:14:58.0312 5844 LmHosts		 (437aa83d68f9fac234ca68dbd40db705) C:WINDOWSSystem32lmhsvc.dll
10:14:58.0546 5844 LmHosts - ok
10:14:58.0578 5844 mnmdd		   (4ae068242760a1fb6e1a44bf4e16afa6) C:WINDOWSsystem32driversmnmdd.sys
10:14:58.0718 5844 mnmdd - ok
10:14:58.0750 5844 mnmsrvc		 (845814a8cb9d704d030f076e1bce83f3) C:WINDOWSsystem32mnmsrvc.exe
10:14:59.0031 5844 mnmsrvc - ok
10:14:59.0062 5844 Modem		   (4a068db7dc37d5afedb6512d2931d7b3) C:WINDOWSsystem32driversModem.sys
10:14:59.0281 5844 Modem - ok
10:14:59.0343 5844 Mouclass	    (fbed3df6b884f8cf00447b73507f2c48) C:WINDOWSsystem32DRIVERSmouclass.sys
10:15:00.0046 5844 Mouclass - ok
10:15:00.0125 5844 mouhid		  (ecec1e6cd558ab80f944f31326e9d3b5) C:WINDOWSsystem32DRIVERSmouhid.sys
10:15:00.0406 5844 mouhid - ok
10:15:00.0843 5844 MountMgr	    (a80b9a0bad1b73637dbcbba7df72d3fd) C:WINDOWSsystem32driversMountMgr.sys
10:15:01.0062 5844 MountMgr - ok
10:15:02.0015 5844 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
10:15:03.0125 5844 MozillaMaintenance - ok
10:15:03.0250 5844 mraid35x - ok
10:15:05.0046 5844 MRxDAV		  (11d42bb6206f33fbb3ba0288d3ef81bd) C:WINDOWSsystem32DRIVERSmrxdav.sys
10:15:05.0765 5844 MRxDAV - ok
10:15:08.0640 5844 MRxSmb		  (fb2fccc70f7174c7bf64f48e96d3adf4) C:WINDOWSsystem32DRIVERSmrxsmb.sys
10:15:08.0687 5844 MRxSmb - ok
10:15:08.0718 5844 MSDTC		   (a54c5eecc7d3424824410bae0aa6c371) C:WINDOWSsystem32msdtc.exe
10:15:08.0921 5844 MSDTC - ok
10:15:09.0000 5844 Msfs		    (c941ea2454ba8350021d774daf0f1027) C:WINDOWSsystem32driversMsfs.sys
10:15:09.0000 5844 Msfs - ok
10:15:09.0000 5844 MSIServer - ok
10:15:09.0031 5844 MSKSSRV		 (d1575e71568f4d9e14ca56b7b0453bf1) C:WINDOWSsystem32driversMSKSSRV.sys
10:15:09.0218 5844 MSKSSRV - ok
10:15:09.0250 5844 MSPCLOCK	    (325bb26842fc7ccc1fcce2c457317f3e) C:WINDOWSsystem32driversMSPCLOCK.sys
10:15:09.0375 5844 MSPCLOCK - ok
10:15:09.0390 5844 MSPQM		   (bad59648ba099da4a17680b39730cb3d) C:WINDOWSsystem32driversMSPQM.sys
10:15:09.0500 5844 MSPQM - ok
10:15:09.0781 5844 mssmbios	    (af5f4f3f14a8ea2c26de30f7a1e17136) C:WINDOWSsystem32DRIVERSmssmbios.sys
10:15:09.0781 5844 mssmbios - ok
10:15:09.0812 5844 MSTEE		   (e53736a9e30c45fa9e7b5eac55056d1d) C:WINDOWSsystem32driversMSTEE.sys
10:15:09.0968 5844 MSTEE - ok
10:15:10.0109 5844 MTsensor	    (d48659bb24c48345d926ecb45c1ebdf5) C:WINDOWSsystem32DRIVERSASACPI.sys
10:15:10.0468 5844 MTsensor - ok
10:15:10.0843 5844 Mup			 (de6a75f5c270e756c5508d94b6cf68f5) C:WINDOWSsystem32driversMup.sys
10:15:10.0843 5844 Mup - ok
10:15:11.0031 5844 NABTSFEC	    (5b50f1b2a2ed47d560577b221da734db) C:WINDOWSsystem32DRIVERSNABTSFEC.sys
10:15:11.0250 5844 NABTSFEC - ok
10:15:12.0609 5844 napagent	    (14cb8528e17d1221c50fc8ca88b1795f) C:WINDOWSSystem32qagentrt.dll
10:15:12.0968 5844 napagent - ok
10:15:13.0796 5844 NDIS		    (1df7f42665c94b825322fae71721130d) C:WINDOWSsystem32driversNDIS.sys
10:15:13.0828 5844 NDIS - ok
10:15:13.0843 5844 NdisIP		  (7ff1f1fd8609c149aa432f95a8163d97) C:WINDOWSsystem32DRIVERSNdisIP.sys
10:15:14.0031 5844 NdisIP - ok
10:15:14.0125 5844 NdisTapi	    (0109c4f3850dfbab279542515386ae22) C:WINDOWSsystem32DRIVERSndistapi.sys
10:15:14.0312 5844 NdisTapi - ok
10:15:14.0390 5844 Ndisuio		 (f927a4434c5028758a842943ef1a3849) C:WINDOWSsystem32DRIVERSndisuio.sys
10:15:14.0421 5844 Ndisuio - ok
10:15:14.0468 5844 NdisWan		 (edc1531a49c80614b2cfda43ca8659ab) C:WINDOWSsystem32DRIVERSndiswan.sys
10:15:14.0828 5844 NdisWan - ok
10:15:14.0843 5844 NDProxy		 (9282bd12dfb069d3889eb3fcc1000a9b) C:WINDOWSsystem32driversNDProxy.sys
10:15:14.0968 5844 NDProxy - ok
10:15:15.0000 5844 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:WINDOWSsystem32HPZinw12.dll
10:15:15.0000 5844 Net Driver HPZ12 - ok
10:15:15.0015 5844 NetBIOS		 (5d81cf9a2f1a3a756b66cf684911cdf0) C:WINDOWSsystem32DRIVERSnetbios.sys
10:15:15.0031 5844 NetBIOS - ok
10:15:15.0046 5844 NetBT		   (74b2b2f5bea5e9a3dc021d685551bd3d) C:WINDOWSsystem32DRIVERSnetbt.sys
10:15:15.0578 5844 NetBT - ok
10:15:15.0687 5844 NetDDE		  (cbb409b314309fcffce5e682e91338c6) C:WINDOWSsystem32netdde.exe
10:15:15.0984 5844 NetDDE - ok
10:15:15.0984 5844 NetDDEdsdm	  (cbb409b314309fcffce5e682e91338c6) C:WINDOWSsystem32netdde.exe
10:15:16.0000 5844 NetDDEdsdm - ok
10:15:16.0078 5844 Netlogon	    (88296f7943f30a1ee3af735440b92268) C:WINDOWSsystem32lsass.exe
10:15:16.0281 5844 Netlogon - ok
10:15:16.0312 5844 Netman		  (4fe97d0b1b182df2a9bdd4c02155ef5e) C:WINDOWSSystem32netman.dll
10:15:16.0343 5844 Netman - ok
10:15:16.0859 5844 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:WINDOWSMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe
10:15:17.0625 5844 NetTcpPortSharing - ok
10:15:17.0875 5844 Nla			 (bf80d884e1c60ded1c7cea3ec6f9dc28) C:WINDOWSSystem32mswsock.dll
10:15:17.0890 5844 Nla - ok
10:15:17.0937 5844 Npfs		    (3182d64ae053d6fb034f44b6def8034a) C:WINDOWSsystem32driversNpfs.sys
10:15:17.0937 5844 Npfs - ok
10:15:17.0937 5844 npggsvc - ok
10:15:18.0078 5844 Ntfs		    (78a08dd6a8d65e697c18e1db01c5cdca) C:WINDOWSsystem32driversNtfs.sys
10:15:18.0109 5844 Ntfs - ok
10:15:18.0109 5844 NtLmSsp		 (88296f7943f30a1ee3af735440b92268) C:WINDOWSsystem32lsass.exe
10:15:18.0125 5844 NtLmSsp - ok
10:15:18.0156 5844 Null		    (73c1e1f395918bc2c6dd67af7591a3ad) C:WINDOWSsystem32driversNull.sys
10:15:18.0703 5844 Null - ok
10:15:18.0828 5844 NwlnkFlt	    (b305f3fad35083837ef46a0bbce2fc57) C:WINDOWSsystem32DRIVERSnwlnkflt.sys
10:15:19.0609 5844 NwlnkFlt - ok
10:15:19.0890 5844 NwlnkFwd	    (c99b3415198d1aab7227f2c88fd664b9) C:WINDOWSsystem32DRIVERSnwlnkfwd.sys
10:15:20.0296 5844 NwlnkFwd - ok
10:15:21.0062 5844 nyvhlkpzgpeaear - ok
10:15:22.0796 5844 odserv		  (84de1dd996b48b05ace31ad015fa108a) C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE
10:15:23.0421 5844 odserv - ok
10:15:23.0484 5844 ose			 (5a432a042dae460abe7199b758e8606c) C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE
10:15:23.0984 5844 ose - ok
10:15:24.0093 5844 Parport		 (2d4cdaebced17743aa9e25d3016dc229) C:WINDOWSsystem32DRIVERSparport.sys
10:15:24.0281 5844 Parport - ok
10:15:24.0312 5844 PartMgr		 (beb3ba25197665d82ec7065b724171c6) C:WINDOWSsystem32driversPartMgr.sys
10:15:24.0312 5844 PartMgr - ok
10:15:24.0328 5844 ParVdm		  (453ec2c2a20a1382f564541918520eeb) C:WINDOWSsystem32driversParVdm.sys
10:15:24.0468 5844 ParVdm - ok
10:15:24.0828 5844 PCI			 (6862c69168d787b85a7d95ccd33c694e) C:WINDOWSsystem32DRIVERSpci.sys
10:15:24.0843 5844 PCI - ok
10:15:24.0843 5844 PCIDump - ok
10:15:24.0890 5844 PCIIde		  (548cf2d6369eae441a4c6baa75bc4f0a) C:WINDOWSsystem32driversPCIIde.sys
10:15:24.0906 5844 PCIIde - ok
10:15:24.0937 5844 Pcmcia		  (8db27f1ae9593c94095485305a583862) C:WINDOWSsystem32driversPcmcia.sys
10:15:25.0140 5844 Pcmcia - ok
10:15:25.0187 5844 PDCOMP - ok
10:15:25.0250 5844 PDFRAME - ok
10:15:25.0359 5844 PDRELI - ok
10:15:25.0546 5844 PDRFRAME - ok
10:15:25.0609 5844 perc2 - ok
10:15:25.0921 5844 perc2hib - ok
10:15:26.0484 5844 PlugPlay	    (8816e60bf654353e8e0d35ed98875445) C:WINDOWSsystem32services.exe
10:15:26.0484 5844 PlugPlay - ok
10:15:26.0562 5844 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:WINDOWSsystem32HPZipm12.dll
10:15:26.0578 5844 Pml Driver HPZ12 - ok
10:15:26.0609 5844 PnkBstrA	    (a1dd33d16f277ce34124ee52ab2c0f14) C:WINDOWSsystem32PnkBstrA.exe
10:15:26.0609 5844 PnkBstrA - ok
10:15:26.0625 5844 PolicyAgent	 (88296f7943f30a1ee3af735440b92268) C:WINDOWSsystem32lsass.exe
10:15:26.0625 5844 PolicyAgent - ok
10:15:26.0687 5844 PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:WINDOWSsystem32DRIVERSraspptp.sys
10:15:26.0828 5844 PptpMiniport - ok
10:15:26.0828 5844 ProtectedStorage (88296f7943f30a1ee3af735440b92268) C:WINDOWSsystem32lsass.exe
10:15:26.0828 5844 ProtectedStorage - ok
10:15:26.0859 5844 PSched		  (09298ec810b07e5d582cb3a3f9255424) C:WINDOWSsystem32DRIVERSpsched.sys
10:15:27.0046 5844 PSched - ok
10:15:27.0828 5844 PSI_SVC_2	   (a6a7ad767bf5141665f5c675f671b3e1) C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
10:15:27.0859 5844 PSI_SVC_2 - ok
10:15:27.0921 5844 Ptilink		 (80d317bd1c3dbc5d4fe7b1678c60cadd) C:WINDOWSsystem32DRIVERSptilink.sys
10:15:28.0187 5844 Ptilink - ok
10:15:28.0250 5844 PxHelp20	    (e42e3433dbb4cffe8fdd91eab29aea8e) C:WINDOWSsystem32DriversPxHelp20.sys
10:15:28.0281 5844 PxHelp20 - ok
10:15:28.0343 5844 ql1080 - ok
10:15:28.0453 5844 Ql10wnt - ok
10:15:28.0593 5844 ql12160 - ok
10:15:28.0656 5844 ql1240 - ok
10:15:28.0750 5844 ql1280 - ok
10:15:28.0843 5844 qzmohxrt - ok
10:15:29.0000 5844 RasAcd		  (fe0d99d6f31e4fad8159f690d68ded9c) C:WINDOWSsystem32DRIVERSrasacd.sys
10:15:29.0218 5844 RasAcd - ok
10:15:29.0703 5844 RasAuto		 (bc22c5e1238d4d36d65679e249c483c3) C:WINDOWSSystem32rasauto.dll
10:15:29.0906 5844 RasAuto - ok
10:15:29.0968 5844 Rasl2tp		 (11b4a627bc9614b885c4969bfa5ff8a6) C:WINDOWSsystem32DRIVERSrasl2tp.sys
10:15:30.0125 5844 Rasl2tp - ok
10:15:30.0171 5844 RasMan		  (0c392e397b8d34aaaf19ec6119cbb788) C:WINDOWSSystem32rasmans.dll
10:15:30.0171 5844 RasMan - ok
10:15:30.0203 5844 RasPppoe	    (5bc962f2654137c9909c3d4603587dee) C:WINDOWSsystem32DRIVERSraspppoe.sys
10:15:30.0343 5844 RasPppoe - ok
10:15:30.0375 5844 Raspti		  (fdbb1d60066fcfbb7452fd8f9829b242) C:WINDOWSsystem32DRIVERSraspti.sys
10:15:30.0531 5844 Raspti - ok
10:15:30.0578 5844 Rdbss		   (7ad224ad1a1437fe28d89cf22b17780a) C:WINDOWSsystem32DRIVERSrdbss.sys
10:15:30.0578 5844 Rdbss - ok
10:15:30.0609 5844 RDPCDD		  (4912d5b403614ce99c28420f75353332) C:WINDOWSsystem32DRIVERSRDPCDD.sys
10:15:30.0750 5844 RDPCDD - ok
10:15:30.0812 5844 rdpdr		   (15cabd0f7c00c47c70124907916af3f1) C:WINDOWSsystem32DRIVERSrdpdr.sys
10:15:30.0968 5844 rdpdr - ok
10:15:31.0015 5844 RDPWD		   (5b3055daa788bd688594d2f5981f2a83) C:WINDOWSsystem32driversRDPWD.sys
10:15:31.0171 5844 RDPWD - ok
10:15:31.0218 5844 RDSessMgr	   (f83907a9a038db2e35329b039628d293) C:WINDOWSsystem32sessmgr.exe
10:15:31.0453 5844 RDSessMgr - ok
10:15:31.0468 5844 redbook		 (e0c7bbd18040b58651bac700c804861d) C:WINDOWSsystem32DRIVERSredbook.sys
10:15:31.0625 5844 redbook - ok
10:15:31.0656 5844 regi		    (001b4278407f4303efc902a2b16f2453) C:WINDOWSsystem32driversregi.sys
10:15:31.0656 5844 regi - ok
10:15:31.0703 5844 RemoteAccess    (b3f57e6115bcd4dbade9874f300655e3) C:WINDOWSSystem32mprdim.dll
10:15:31.0843 5844 RemoteAccess - ok
10:15:31.0890 5844 RpcLocator	  (6bc4d5a70f46ea27ddc14e5414c862a5) C:WINDOWSsystem32locator.exe
10:15:32.0031 5844 RpcLocator - ok
10:15:32.0078 5844 RpcSs		   (c9e5ac78d9a00b1de8ce2ad1bdde7e42) C:WINDOWSSystem32rpcss.dll
10:15:32.0093 5844 RpcSs - ok
10:15:32.0140 5844 RSVP		    (9acee3313020a01235336c2a483afd1a) C:WINDOWSsystem32rsvp.exe
10:15:32.0328 5844 RSVP - ok
10:15:32.0359 5844 RTLE8023xp	  (b0e1648aae1e59bdd0854af07a605399) C:WINDOWSsystem32DRIVERSRtenicxp.sys
10:15:32.0500 5844 RTLE8023xp - ok
10:15:32.0531 5844 SamSs		   (88296f7943f30a1ee3af735440b92268) C:WINDOWSsystem32lsass.exe
10:15:32.0531 5844 SamSs - ok
10:15:32.0562 5844 SCardSvr	    (c6f479218e94896738c06af5ba6ab3d3) C:WINDOWSSystem32SCardSvr.exe
10:15:32.0687 5844 SCardSvr - ok
10:15:32.0765 5844 Schedule	    (dd73c11a5c4d14945846384b90a61a4b) C:WINDOWSsystem32schedsvc.dll
10:15:32.0906 5844 Schedule - ok
10:15:33.0109 5844 Secdrv		  (90a3935d05b494a5a39d37e71f09a677) C:WINDOWSsystem32DRIVERSsecdrv.sys
10:15:33.0218 5844 Secdrv - ok
10:15:33.0390 5844 seclogon	    (2aad9026648120fffe2a8d871bb2bbc7) C:WINDOWSSystem32seclogon.dll
10:15:33.0546 5844 seclogon - ok
10:15:33.0640 5844 seehcri		 (e5b56569a9f79b70314fede6c953641e) C:WINDOWSsystem32DRIVERSseehcri.sys
10:15:33.0796 5844 seehcri - ok
10:15:33.0859 5844 SENS		    (9d01e29d59723eb73b72107b208dafe6) C:WINDOWSsystem32sens.dll
10:15:33.0859 5844 SENS - ok
10:15:33.0875 5844 serenum		 (0f29512ccd6bead730039fb4bd2c85ce) C:WINDOWSsystem32DRIVERSserenum.sys
10:15:34.0015 5844 serenum - ok
10:15:34.0046 5844 Serial		  (d07b02f88165e69b9f17162cf592c8a6) C:WINDOWSsystem32DRIVERSserial.sys
10:15:34.0203 5844 Serial - ok
10:15:34.0281 5844 Sfloppy		 (8e6b8c671615d126fdc553d1e2de5562) C:WINDOWSsystem32DRIVERSsfloppy.sys
10:15:34.0375 5844 Sfloppy - ok
10:15:34.0437 5844 SharedAccess    (da5c015911f68f22ed821e9ee49ab233) C:WINDOWSSystem32ipnathlp.dll
10:15:34.0468 5844 SharedAccess - ok
10:15:34.0500 5844 ShellHWDetection (55aae86c7c2cadf6972acd1d76c24a98) C:WINDOWSSystem32shsvcs.dll
10:15:34.0500 5844 ShellHWDetection - ok
10:15:34.0515 5844 Simbad - ok
10:15:34.0578 5844 SkypeUpdate	 (db0405d9aad62f0762e0876ac142b7e1) C:Program FilesSkypeUpdaterUpdater.exe
10:15:34.0593 5844 SkypeUpdate - ok
10:15:34.0625 5844 SLIP		    (866d538ebe33709a5c9f5c62b73b7d14) C:WINDOWSsystem32DRIVERSSLIP.sys
10:15:34.0718 5844 SLIP - ok
10:15:34.0734 5844 Sparrow - ok
10:15:34.0765 5844 speedfan	    (5d6401db90ec81b71f8e2c5c8f0fef23) C:WINDOWSsystem32speedfan.sys
10:15:34.0781 5844 speedfan - ok
10:15:34.0796 5844 splitter	    (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:WINDOWSsystem32driverssplitter.sys
10:15:34.0812 5844 splitter - ok
10:15:34.0843 5844 Spooler		 (60784f891563fb1b767f70117fc2428f) C:WINDOWSsystem32spoolsv.exe
10:15:34.0953 5844 Spooler - ok
10:15:35.0062 5844 sptd		    (cdddec541bc3c96f91ecb48759673505) C:WINDOWSsystem32Driverssptd.sys
10:15:35.0078 5844 Suspicious file (NoAccess): C:WINDOWSsystem32Driverssptd.sys. md5: cdddec541bc3c96f91ecb48759673505
10:15:35.0078 5844 sptd ( LockedFile.Multi.Generic ) - warning
10:15:35.0078 5844 sptd - detected LockedFile.Multi.Generic (1)
10:15:35.0203 5844 sr			  (eb032822be406ef220d546ddffcf0002) C:WINDOWSsystem32DRIVERSsr.sys
10:15:35.0203 5844 sr - ok
10:15:35.0296 5844 srservice	   (316d0e66074ae4cde641c50d3a1c5148) C:WINDOWSsystem32srsvc.dll
10:15:35.0312 5844 srservice - ok
10:15:35.0359 5844 Srv			 (9b390283569ea58d43d2586032b892f5) C:WINDOWSsystem32DRIVERSsrv.sys
10:15:35.0375 5844 Srv - ok
10:15:35.0390 5844 SSDPSRV		 (2c0b1224aa36b4ca1753302baa855882) C:WINDOWSSystem32ssdpsrv.dll
10:15:35.0390 5844 SSDPSRV - ok
10:15:35.0437 5844 StarOpen	    (306521935042fc0a6988d528643619b3) C:WINDOWSsystem32driversStarOpen.sys
10:15:35.0437 5844 StarOpen - ok
10:15:35.0468 5844 stisvc		  (41508ea375c97dc2b56e5f1afc067187) C:WINDOWSsystem32wiaservc.dll
10:15:35.0484 5844 stisvc - ok
10:15:35.0515 5844 streamip	    (77813007ba6265c4b6098187e6ed79d2) C:WINDOWSsystem32DRIVERSStreamIP.sys
10:15:35.0687 5844 streamip - ok
10:15:35.0718 5844 swenum		  (3941d127aef12e93addf6fe6ee027e0f) C:WINDOWSsystem32DRIVERSswenum.sys
10:15:35.0890 5844 swenum - ok
10:15:35.0953 5844 swmidi		  (8ce882bcc6cf8a62f2b2323d95cb3d01) C:WINDOWSsystem32driversswmidi.sys
10:15:36.0000 5844 swmidi - ok
10:15:36.0015 5844 SwPrv - ok
10:15:36.0015 5844 symc810 - ok
10:15:36.0031 5844 symc8xx - ok
10:15:36.0031 5844 sym_hi - ok
10:15:36.0046 5844 sym_u3 - ok
10:15:36.0093 5844 sysaudio	    (8b83f3ed0f1688b4958f77cd6d2bf290) C:WINDOWSsystem32driverssysaudio.sys
10:15:36.0125 5844 sysaudio - ok
10:15:36.0187 5844 SysmonLog	   (e42048198518f9162027a9984cbb7b5c) C:WINDOWSsystem32smlogsvc.exe
10:15:36.0296 5844 SysmonLog - ok
10:15:36.0359 5844 TapiSrv		 (2340e6977548038c88e39a9ecbb3fadc) C:WINDOWSSystem32	apisrv.dll
10:15:36.0390 5844 TapiSrv - ok
10:15:36.0437 5844 Tcpip		   (ad978a1b783b5719720cff204b666c8e) C:WINDOWSsystem32DRIVERS	cpip.sys
10:15:36.0718 5844 Tcpip - ok
10:15:36.0750 5844 TDPIPE		  (6471a66807f5e104e4885f5b67349397) C:WINDOWSsystem32driversTDPIPE.sys
10:15:36.0953 5844 TDPIPE - ok
10:15:37.0078 5844 TDTCP		   (c56b6d0402371cf3700eb322ef3aaf61) C:WINDOWSsystem32driversTDTCP.sys
10:15:37.0250 5844 TDTCP - ok
10:15:37.0359 5844 TermDD		  (88155247177638048422893737429d9e) C:WINDOWSsystem32DRIVERS	ermdd.sys
10:15:37.0609 5844 TermDD - ok
10:15:37.0765 5844 TermService	 (52e0505408edd4ab5ccc7f83b67b4299) C:WINDOWSSystem32	ermsrv.dll
10:15:37.0796 5844 TermService - ok
10:15:37.0843 5844 Themes		  (55aae86c7c2cadf6972acd1d76c24a98) C:WINDOWSSystem32shsvcs.dll
10:15:37.0843 5844 Themes - ok
10:15:37.0859 5844 TosIde - ok
10:15:37.0890 5844 TrkWks		  (9e70eb419d7785c286dc458a019bab9b) C:WINDOWSsystem32	rkwks.dll
10:15:37.0906 5844 TrkWks - ok
10:15:37.0921 5844 tzqsbsqr - ok
10:15:37.0937 5844 Udfs		    (5787b80c2e3c5e2f56c2a233d91fa2c9) C:WINDOWSsystem32driversUdfs.sys
10:15:38.0078 5844 Udfs - ok
10:15:38.0078 5844 ultra - ok
10:15:38.0125 5844 Update		  (402ddc88356b1bac0ee3dd1580c76a31) C:WINDOWSsystem32DRIVERSupdate.sys
10:15:38.0250 5844 Update - ok
10:15:38.0281 5844 upnphost	    (e96a6baee0b2a14a38b45830d6e30697) C:WINDOWSSystem32upnphost.dll
10:15:38.0390 5844 upnphost - ok
10:15:38.0406 5844 UPS			 (eb90e28b28541ec845e5345609355ca7) C:WINDOWSSystem32ups.exe
10:15:38.0515 5844 UPS - ok
10:15:38.0578 5844 usbaudio	    (e919708db44ed8543a7c017953148330) C:WINDOWSsystem32driversusbaudio.sys
10:15:38.0843 5844 usbaudio - ok
10:15:38.0890 5844 usbccgp		 (173f317ce0db8e21322e71b7e60a27e8) C:WINDOWSsystem32DRIVERSusbccgp.sys
10:15:39.0078 5844 usbccgp - ok
10:15:39.0125 5844 usbehci		 (65dcf09d0e37d4c6b11b5b0b76d470a7) C:WINDOWSsystem32DRIVERSusbehci.sys
10:15:39.0281 5844 usbehci - ok
10:15:39.0312 5844 usbhub		  (1ab3cdde553b6e064d2e754efe20285c) C:WINDOWSsystem32DRIVERSusbhub.sys
10:15:39.0406 5844 usbhub - ok
10:15:39.0453 5844 usbprint	    (a717c8721046828520c9edf31288fc00) C:WINDOWSsystem32DRIVERSusbprint.sys
10:15:39.0687 5844 usbprint - ok
10:15:39.0718 5844 usbscan		 (a0b8cf9deb1184fbdd20784a58fa75d4) C:WINDOWSsystem32DRIVERSusbscan.sys
10:15:39.0890 5844 usbscan - ok
10:15:39.0906 5844 USBSTOR		 (a32426d9b14a089eaa1d922e0c5801a9) C:WINDOWSsystem32DRIVERSUSBSTOR.SYS
10:15:39.0906 5844 USBSTOR - ok
10:15:39.0937 5844 usbuhci		 (26496f9dee2d787fc3e61ad54821ffe6) C:WINDOWSsystem32DRIVERSusbuhci.sys
10:15:40.0062 5844 usbuhci - ok
10:15:40.0109 5844 usbvideo	    (63bbfca7f390f4c49ed4b96bfb1633e0) C:WINDOWSsystem32Driversusbvideo.sys
10:15:40.0234 5844 usbvideo - ok
10:15:40.0265 5844 VgaSave		 (0d3a8fafceacd8b7625cd549757a7df1) C:WINDOWSSystem32driversvga.sys
10:15:40.0375 5844 VgaSave - ok
10:15:40.0484 5844 VIAHdAudAddService (3cf5faf72b43bc9bc196a98946f53a0e) C:WINDOWSsystem32driversviahduaa.sys
10:15:40.0531 5844 VIAHdAudAddService - ok
10:15:40.0531 5844 ViaIde - ok
10:15:40.0562 5844 VolSnap		 (56b191ac5fc0df219949c95a6c87afe7) C:WINDOWSsystem32driversVolSnap.sys
10:15:40.0562 5844 VolSnap - ok
10:15:40.0593 5844 VSS			 (7f2d7bffc4554e1c742dd3629fd1fb1b) C:WINDOWSSystem32vssvc.exe
10:15:40.0750 5844 VSS - ok
10:15:40.0796 5844 W32Time		 (a672ca3981352f8e9c30fea056e80a62) C:WINDOWSsystem32w32time.dll
10:15:40.0796 5844 W32Time - ok
10:15:40.0812 5844 Wanarp		  (e20b95baedb550f32dd489265c1da1f6) C:WINDOWSsystem32DRIVERSwanarp.sys
10:15:41.0000 5844 Wanarp - ok
10:15:41.0062 5844 Wdf01000	    (bbcfeab7e871cddac2d397ee7fa91fdc) C:WINDOWSsystem32Driverswdf01000.sys
10:15:41.0281 5844 Wdf01000 - ok
10:15:41.0296 5844 WDICA - ok
10:15:41.0406 5844 wdmaud		  (6768acf64b18196494413695f0c3a00f) C:WINDOWSsystem32driverswdmaud.sys
10:15:41.0500 5844 wdmaud - ok
10:15:41.0640 5844 WebClient	   (81fb88b975e25d76e00b69879d8a434c) C:WINDOWSSystem32webclnt.dll
10:15:41.0828 5844 WebClient - ok
10:15:41.0906 5844 winmgmt		 (70c22297534a88b0ad0568900ab5a6d9) C:WINDOWSsystem32wbemWMIsvc.dll
10:15:41.0906 5844 winmgmt - ok
10:15:41.0953 5844 WinUSB		  (fd600b032e741eb6aab509fc630f7c42) C:WINDOWSsystem32DRIVERSWinUSB.sys
10:15:42.0109 5844 WinUSB - ok
10:15:42.0140 5844 WmdmPmSN	    (c51b4a5c05a5475708e3c81c7765b71d) C:WINDOWSsystem32mspmsnsv.dll
10:15:42.0281 5844 WmdmPmSN - ok
10:15:42.0359 5844 Wmi			 (e0dc77033075f52bc9aee300dfd854f8) C:WINDOWSSystem32advapi32.dll
10:15:42.0390 5844 Wmi - ok
10:15:42.0421 5844 WmiApSrv	    (a2b12d80a1670511b047a7d8bb647598) C:WINDOWSsystem32wbemwmiapsrv.exe
10:15:42.0437 5844 WmiApSrv - ok
10:15:42.0546 5844 WMPNetworkSvc   (cdfa647aa82fdba6c9c7a06155afcb40) C:Program FilesWindows Media PlayerWMPNetwk.exe
10:15:42.0687 5844 WMPNetworkSvc - ok
10:15:42.0718 5844 WpdUsb		  (cf4def1bf66f06964dc0d91844239104) C:WINDOWSsystem32DRIVERSwpdusb.sys
10:15:42.0812 5844 WpdUsb - ok
10:15:43.0250 5844 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:WINDOWSMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe
10:15:43.0765 5844 WPFFontCache_v0400 - ok
10:15:43.0796 5844 WS2IFSL		 (6abe6e225adb5a751622a9cc3bc19ce8) C:WINDOWSSystem32driversws2ifsl.sys
10:15:43.0890 5844 WS2IFSL - ok
10:15:43.0984 5844 wscsvc		  (b6669f49d42e09bc0f9889faa0f3336d) C:WINDOWSsystem32wscsvc.dll
10:15:44.0000 5844 wscsvc - ok
10:15:44.0031 5844 WSTCODEC	    (c98b39829c2bbd34e454150633c62c78) C:WINDOWSsystem32DRIVERSWSTCODEC.SYS
10:15:44.0171 5844 WSTCODEC - ok
10:15:44.0203 5844 wuauserv	    (04550d5eb7ee82c115db547c01df09fd) C:WINDOWSsystem32wuauserv.dll
10:15:44.0281 5844 wuauserv - ok
10:15:44.0312 5844 WudfPf		  (f15feafffbb3644ccc80c5da584e6311) C:WINDOWSsystem32DRIVERSWudfPf.sys
10:15:44.0312 5844 WudfPf - ok
10:15:44.0343 5844 WUDFRd		  (28b524262bce6de1f7ef9f510ba3985b) C:WINDOWSsystem32DRIVERSWUDFRd.sys
10:15:44.0421 5844 WUDFRd - ok
10:15:44.0437 5844 WudfSvc		 (05231c04253c5bc30b26cbaae680ed89) C:WINDOWSSystem32WUDFSvc.dll
10:15:44.0828 5844 WudfSvc - ok
10:15:45.0359 5844 WZCSVC		  (c2842273aaa77ac031edb87fa19a2147) C:WINDOWSSystem32wzcsvc.dll
10:15:45.0500 5844 WZCSVC - ok
10:15:45.0656 5844 xmlprov		 (24ed6935771359a5aef1fe8bf0c56f39) C:WINDOWSSystem32xmlprov.dll
10:15:45.0828 5844 xmlprov - ok
10:15:45.0906 5844 yjoozickwqcaumm - ok
10:15:45.0968 5844 MBR (0x1B8)	 (32052574bf9f325ae309abc7bfd04460) DeviceHarddisk0DR0
10:15:48.0250 5844 DeviceHarddisk0DR0 - ok
10:15:48.0281 5844 Boot (0x1200)   (c496d5712dd97334fbc79167609d9822) DeviceHarddisk0DR0Partition0
10:15:48.0296 5844 DeviceHarddisk0DR0Partition0 - ok
10:15:48.0359 5844 Boot (0x1200)   (1fe38ce03e21ebef0d45ea881ed3e786) DeviceHarddisk0DR0Partition1
10:15:48.0359 5844 DeviceHarddisk0DR0Partition1 - ok
10:15:48.0421 5844 Boot (0x1200)   (8e4d2c20f84ac9ab362aee501200bddb) DeviceHarddisk0DR0Partition2
10:15:48.0421 5844 DeviceHarddisk0DR0Partition2 - ok
10:15:48.0437 5844 ============================================================
10:15:48.0437 5844 Scan finished
10:15:48.0453 5844 ============================================================
10:15:48.0546 5836 Detected object count: 2
10:15:48.0546 5836 Actual detected object count: 2
10:16:25.0453 5836 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
10:16:25.0453 5836 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
10:16:25.0453 5836 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:16:25.0453 5836 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:16:41.0421 5784 Deinitialize success

Skrypt OTLa:
All processes killed
========== OTL ==========
Service yjoozickwqcaumm stopped successfully!
Service yjoozickwqcaumm deleted successfully!
File C:DOCUME~1ADMINI~1USTAWI~1Tempxgfyaxzbanaocij.sys not found.
Service tzqsbsqr stopped successfully!
Service tzqsbsqr deleted successfully!
File C:WINDOWSSystem32Drivers zqsbsqr.sys not found.
Service qzmohxrt stopped successfully!
Service qzmohxrt deleted successfully!
File C:WINDOWSSystem32Driversqzmohxrt.sys not found.
Service nyvhlkpzgpeaear stopped successfully!
Service nyvhlkpzgpeaear deleted successfully!
File C:DOCUME~1ADMINI~1USTAWI~1Tempimzggdp.sys not found.
Service fuunwbktlxe stopped successfully!
Service fuunwbktlxe deleted successfully!
File C:DOCUME~1KotUSTAWI~1Tempkpvxbwrb.sys not found.
Service fujmeccb stopped successfully!
Service fujmeccb deleted successfully!
File C:WINDOWSSystem32Driversfujmeccb.sys not found.
Registry value HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerURLSearchHooks{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyOverride| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunKernelFaultCheck deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} not found.
Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8bb3fd5c-9f22-11df-9f3e-002618b28333} not found.
File setisezeljko.exe not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8bb3fd5c-9f22-11df-9f3e-002618b28333} not found.
File setisezeljko.exe not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8bb3fd5c-9f22-11df-9f3e-002618b28333} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8bb3fd5c-9f22-11df-9f3e-002618b28333} not found.
File setisezeljko.exe not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8f9f33ef-c1d7-11df-9f94-002618b28333} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8f9f33ef-c1d7-11df-9f94-002618b28333} not found.
File H:TEMP/bracacelika.exe not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8f9f33ef-c1d7-11df-9f94-002618b28333} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8f9f33ef-c1d7-11df-9f94-002618b28333} not found.
File H:TEMP/bracacelika.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 3140461 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 78652539 bytes
->Flash cache emptied: 43161 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: Kot
->Temp folder emptied: 3860361 bytes
->Temporary Internet Files folder emptied: 2495328 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 403700925 bytes
->Google Chrome cache emptied: 14023092 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 57910 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%System32 .tmp files removed: 2596 bytes
%systemroot%System32dllcache .tmp files removed: 0 bytes
%systemroot%System32drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 288048 bytes
RecycleBin emptied: 206380456 bytes

Total Files Cleaned = 680,00 mb

OTL by OldTimer - Version 3.2.44.0 log created on 06042012_101723

FilesFolders moved on Reboot...
FileFolder C:Documents and SettingsKotUstawienia lokalneTempUlgi podatkowe_2010.doc not found!
FileFolder C:WINDOWS empPerflib_Perfdata_5f4.dat not found!

Registry entries deleted on Reboot...

OTL logfile created on: 2012-06-04 10:30:31 - Run 2
OTL by OldTimer - Version 3.2.44.0 Folder = G:Moje dokumentyDownloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,45% Memory free
3,85 Gb Paging File | 2,61 Gb Available in Paging File | 67,94% Paging File free
Paging file location(s): C:pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 20,00 Gb Total Space | 2,79 Gb Free Space | 13,95% Space Free | Partition Type: NTFS
Drive D: | 96,46 Gb Total Space | 17,01 Gb Free Space | 17,64% Space Free | Partition Type: NTFS
Drive G: | 96,42 Gb Total Space | 18,86 Gb Free Space | 19,56% Space Free | Partition Type: NTFS

Computer Name: DOWN | User Name: Kot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-05-31 11:22:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- G:Moje dokumentyDownloadsOTL.exe
PRC - [2012-05-30 00:22:19 | 001,227,288 | ---- | M] (Google Inc.) -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplicationchrome.exe
PRC - [2012-05-16 09:44:47 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:Program FilesRealrealplayerUpdaterealsched.exe
PRC - [2012-05-10 17:54:32 | 000,161,336 | ---- | M] (Google) -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleGoogle Talk Plugingoogletalkplugin.exe
PRC - [2012-03-22 15:40:27 | 000,180,648 | ---- | M] (Google Inc.) -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleUpdate1.3.21.111GoogleCrashHandler.exe
PRC - [2012-01-24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgtray.exe
PRC - [2011-11-28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgnsx.exe
PRC - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012AVGIDSAgent.exe
PRC - [2011-10-10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgemcx.exe
PRC - [2011-09-08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgrsx.exe
PRC - [2011-08-15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgcsrvx.exe
PRC - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:Program FilesAVGAVG2012avgwdsvc.exe
PRC - [2011-03-17 07:43:37 | 000,670,720 | ---- | M] (Yealink) -- C:Program FilesSkypeMateSkypeMate.exe
PRC - [2010-06-22 23:37:17 | 001,850,368 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe
PRC - [2010-04-15 05:55:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) -- C:Program Filesa-squared Freea2service.exe
PRC - [2009-04-10 15:59:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:ASUS.SYSconfigDVMExportService.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
PRC - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2012-05-30 10:13:30 | 003,417,376 | ---- | M] () -- c:Program FilesCommon FilesAkamainetsession_win_80c2ffa.dll
MOD - [2012-05-30 00:22:18 | 000,436,760 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2ppgooglenaclpluginchrome.dll
MOD - [2012-05-30 00:22:17 | 008,522,776 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2PepperFlashpepflashplayer.dll
MOD - [2012-05-30 00:22:15 | 003,989,016 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2pdf.dll
MOD - [2012-05-30 00:21:01 | 000,526,872 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2libglesv2.dll
MOD - [2012-05-30 00:20:59 | 000,104,984 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2libegl.dll
MOD - [2012-05-30 00:20:50 | 000,140,328 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2avutil-51.dll
MOD - [2012-05-30 00:20:48 | 000,262,184 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2avformat-54.dll
MOD - [2012-05-30 00:20:47 | 002,387,496 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2avcodec-54.dll
MOD - [2012-04-05 21:53:26 | 000,270,336 | ---- | M] () -- C:Program FilesATI TechnologiesATI.ACECore-StaticCLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012-02-21 11:18:08 | 011,817,472 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Web29bdc8352d3c26e3c572ea60639dec3bSystem.Web.ni.dll
MOD - [2012-02-21 11:15:07 | 000,971,264 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Configuration94a40f415bfa947e251888bbe88bb973System.Configuration.ni.dll
MOD - [2012-02-21 09:47:25 | 005,450,752 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Xml77e1279cbf4eecfb0284b63316fe43feSystem.Xml.ni.dll
MOD - [2012-02-21 09:47:14 | 012,430,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Formsad99ac6b5666edb8ee742dd64f9578afSystem.Windows.Forms.ni.dll
MOD - [2012-02-21 09:46:48 | 001,587,200 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawing9351cf29bb1ba951e45a9b3b0edab937System.Drawing.ni.dll
MOD - [2012-02-21 09:42:58 | 007,953,408 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System9e3803cd2a11f056291862e306a8e2b2System.ni.dll
MOD - [2012-02-21 00:39:45 | 000,303,104 | ---- | M] () -- C:WINDOWSassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
MOD - [2011-10-14 21:20:09 | 000,025,600 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32Accessibilityd86a3346c3d90ff12d0df9d7726f3eceAccessibility.ni.dll
MOD - [2011-10-13 10:12:03 | 011,490,816 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlibca87ba84221991839abbe7d4bc9c6721mscorlib.ni.dll
MOD - [2010-03-16 12:22:12 | 000,014,848 | ---- | M] () -- C:Program FilesATI TechnologiesATI.ACECore-StaticAxInterop.WBOCXLib.dll
MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:WINDOWSsystem32msdmo.dll
MOD - [2008-03-29 16:42:20 | 000,159,744 | ---- | M] () -- C:Program FilesSubEdit-PlayercodecMatroskaSplittermmfinfo.dll
MOD - [2008-03-29 14:11:52 | 000,023,552 | ---- | M] () -- C:Program FilesSubEdit-PlayercodecMatroskaSplittermkunicode.dll
MOD - [2001-10-28 14:12:30 | 000,116,224 | ---- | M] () -- C:WINDOWSsystem32pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012-05-30 10:13:30 | 003,417,376 | ---- | M] () [Auto | Running] -- c:program filescommon filesakamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-05-05 13:25:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:WINDOWSsystem32MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-03 07:47:17 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-02-15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program FilesSkypeUpdaterUpdater.exe -- (SkypeUpdate)
SRV - [2011-10-12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:Program FilesAVGAVG2012AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:Program FilesAVGAVG2012avgwdsvc.exe -- (avgwd)
SRV - [2011-04-25 05:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:WINDOWSsystem32GameMon.des -- (npggsvc)
SRV - [2010-04-15 05:55:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:Program Filesa-squared Freea2service.exe -- (a2free)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-04-10 15:59:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:ASUS.SYSconfigDVMExportService.exe -- (DvmMDES)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-04-15 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32netdde.exe -- (NetDDEdsdm)
SRV - [2008-04-15 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32netdde.exe -- (NetDDE)
SRV - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32scardsvr.exe -- (SCardSvr)
SRV - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32mprdim.dll -- (RemoteAccess)
SRV - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32ersvc.dll -- (ERSvc)
SRV - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSsystem32wuauserv.dll -- (wuauserv)
SRV - [2008-04-15 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSSystem32dllhost.exe -- (COMSysApp)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe -- (PSI_SVC_2)
SRV - [2007-01-04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:ComboFixcatchme.sys -- (catchme)
DRV - [2012-04-06 07:16:18 | 007,746,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversati2mtag.sys -- (ati2mtag)
DRV - [2012-02-23 14:31:22 | 000,099,856 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversAtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011-10-07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:WINDOWSsystem32driversavgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 07:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversAVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:WINDOWSsystem32driversavgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:WINDOWSsystem32driversavgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:WINDOWSsystem32driversavgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 02:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversAVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 02:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:WINDOWSsystem32driversAVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-07-11 02:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversAVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-02-08 10:09:54 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:WINDOWSsystem32driversdtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-01-16 16:22:38 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversseehcri.sys -- (seehcri)
DRV - [2011-01-15 00:51:11 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32drivershamachi.sys -- (hamachi)
DRV - [2010-04-19 14:03:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:WINDOWSsystem32driverssptd.sys -- (sptd)
DRV - [2009-07-10 08:33:04 | 001,381,632 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversviahduaa.sys -- (VIAHdAudAddService)
DRV - [2009-05-25 09:21:28 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversRtenicxp.sys -- (RTLE8023xp)
DRV - [2009-05-17 19:10:12 | 000,083,808 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:WINDOWSsystem32driversjraid.sys -- (JRAID)
DRV - [2008-04-15 14:00:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:WINDOWSsystem32driversdmboot.sys -- (dmboot)
DRV - [2008-04-15 14:00:00 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:WINDOWSSystem32driverspcmcia.sys -- (Pcmcia)
DRV - [2008-04-15 14:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:WINDOWSSystem32driversudfs.sys -- (Udfs)
DRV - [2008-04-15 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:WINDOWSSystem32driverscbidf2k.sys -- (cbidf2k)
DRV - [2008-04-15 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:WINDOWSsystem32driversws2ifsl.sys -- (WS2IFSL)
DRV - [2008-04-15 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:WINDOWSSystem32driversacpiec.sys -- (ACPIEC)
DRV - [2007-12-17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:WINDOWSsystem32driversAsIO.sys -- (AsIO)
DRV - [2007-04-17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:WINDOWSsystem32driversregi.sys -- (regi)
DRV - [2006-11-02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driverswinusb.sys -- (WinUSB)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:WINDOWSsystem32speedfan.sys -- (speedfan)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:WINDOWSSystem32driversStarOpen.sys -- (StarOpen)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversASACPI.sys -- (MTsensor)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:WINDOWSsystem32giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = wyborcza.pl/0,0.html?p=030
IE - HKLM..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com/ie
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.gazeta.pl/0,0.html?p=128
IE - HKCUSoftwareMicrosoftInternet ExplorerSearchURLg, = http://www.google.com/search?q=%s
IE - HKCU..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU..SearchScopes{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=AU&apn_dtid=YYYYYYYYPL&apn_uid=95a744c3-416c-4403-84ff-45d40cec12ef&apn_sauid=1C9BBFCF-7683-4363-9E20-521CF1A7B4F5
IE - HKCU..SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GPCK_pl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU..SearchScopes{E5E8E333-4FEA-4696-AA06-F2C8F8BB4195}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: last-tab-close-button@victor.sacharin:0.3.3
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - user.js - File not found

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32_11_2_202_235.dll ()
FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)
FF - HKLMSoftwareMozillaPlugins@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLMSoftwareMozillaPlugins@ganymede/GanymedeNetPlugin,version=1.0: C:Program FilesGanymedePluginsnpganymedenet.dll ( )
FF - HKLMSoftwareMozillaPlugins@google.com/npPicasa3,version=3.0.0: C:Program FilesGooglePicasa3npPicasa3.dll (Google, Inc.)
FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program FilesJavajre6binplugin2npjp2.dll (Sun Microsystems, Inc.)
FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program FilesMicrosoft Silverlight4.1.10111.0npctrl.dll ( Microsoft Corporation)
FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)
FF - HKLMSoftwareMozillaPlugins@pack.google.com/Google Updater;version=14: C:Program FilesGoogleGoogle Updater2.4.2432.1652npCIDetect14.dll (Google)
FF - HKLMSoftwareMozillaPlugins@real.com/nppl3260;version=15.0.4.53: c:program filesrealrealplayerNetscape6nppl3260.dll (RealNetworks, Inc.)
FF - HKLMSoftwareMozillaPlugins@real.com/nprjplug;version=15.0.4.53: c:program filesrealrealplayerNetscape6nprjplug.dll (RealNetworks, Inc.)
FF - HKLMSoftwareMozillaPlugins@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLMSoftwareMozillaPlugins@real.com/nprphtml5videoshim;version=15.0.4.53: C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLMSoftwareMozillaPlugins@real.com/nprpplugin;version=15.0.4.53: c:program filesrealrealplayerNetscape6nprpplugin.dll (RealPlayer)
FF - HKLMSoftwareMozillaPluginsAdobe Reader: C:Program FilesAdobeReader 9.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
FF - HKCUSoftwareMozillaPlugins@talk.google.com/GoogleTalkPlugin: C:Documents and SettingsKotDane aplikacjiMozillapluginsnpgoogletalk.dll (Google)
FF - HKCUSoftwareMozillaPlugins@talk.google.com/O3DPlugin: C:Documents and SettingsKotDane aplikacjiMozillapluginsnpgtpo3dautoplugin.dll ()
FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleUpdate1.3.21.111npGoogleUpdate3.dll (Google Inc.)
FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleUpdate1.3.21.111npGoogleUpdate3.dll (Google Inc.)
FF - HKCUSoftwareMozillaPlugins@unity3d.com/UnityPlayer,version=1.0: C:Documents and SettingsKotUstawienia lokalneDane aplikacjiUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxextensions{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:Program FilesAVGAVG2012Firefox4 [2012-02-01 11:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxextensions{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginFirefoxExt [2012-05-16 09:46:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 12.0extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2012-05-03 07:47:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 12.0extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2012-05-16 09:52:31 | 000,000,000 | ---D | M]

[2010-04-19 11:05:07 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsKotDane aplikacjiMozillaExtensions
[2012-05-04 13:44:37 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsKotDane aplikacjiMozillaFirefoxProfiles37xvwh11.defaultextensions
[2012-01-04 17:32:38 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:Documents and SettingsKotDane aplikacjiMozillaFirefoxProfiles37xvwh11.defaultextensions{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2011-03-03 17:12:58 | 000,000,000 | ---D | M] (PDF Download) -- C:Documents and SettingsKotDane aplikacjiMozillaFirefoxProfiles37xvwh11.defaultextensions{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2012-01-09 17:47:23 | 000,000,000 | ---D | M] ("Xmarks") -- C:Documents and SettingsKotDane aplikacjiMozillaFirefoxProfiles37xvwh11.defaultextensionsfoxmarks@kei(2).com
[2012-04-04 00:14:21 | 000,001,530 | ---- | M] () -- C:Documents and SettingsKotDane aplikacjiMozillaFirefoxProfiles37xvwh11.defaultsearchpluginsmbc.xml
[2012-03-19 10:11:21 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions
[2012-02-29 00:35:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program FilesMozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-12-21 11:22:02 | 000,275,540 | ---- | M] () (No name found) -- C:DOCUMENTS AND SETTINGSKOTDANE APLIKACJIMOZILLAFIREFOXPROFILES37XVWH11.DEFAULTEXTENSIONS{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012-01-07 00:30:20 | 000,634,964 | ---- | M] () (No name found) -- C:DOCUMENTS AND SETTINGSKOTDANE APLIKACJIMOZILLAFIREFOXPROFILES37XVWH11.DEFAULTEXTENSIONS{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-02-28 23:31:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:PROGRAM FILESJAVAJRE6LIBDEPLOYJQSFF
[2010-04-23 01:12:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:WINDOWSMICROSOFT.NETFRAMEWORKV3.5WINDOWS PRESENTATION FOUNDATIONDOTNETASSISTANTEXTENSION
[2012-05-03 07:47:16 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:Program Filesmozilla firefoxcomponentsbrowsercomps.dll
[2012-02-28 23:31:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Filesmozilla firefoxpluginsnpdeployJava1.dll
[2009-07-31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:Program Filesmozilla firefoxpluginsnpdjvu.dll
[2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:Program Filesmozilla firefoxpluginsnpganymedenet.dll
[2012-05-16 09:44:58 | 000,129,144 | ---- | M] (RealPlayer) -- C:Program Filesmozilla firefoxpluginsnprpplugin.dll
[2012-02-11 16:31:51 | 000,002,767 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsallegro-pl.xml
[2012-02-11 16:31:51 | 000,001,406 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsfbc-pl.xml
[2012-02-11 16:31:51 | 000,000,917 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsmerlin-pl.xml
[2012-02-11 16:31:51 | 000,000,858 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginspwn-pl.xml
[2012-02-11 16:31:51 | 000,001,183 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginswikipedia-pl.xml
[2012-02-11 16:31:51 | 000,001,683 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginswp-pl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplication21.0.1155.2gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataPepperFlash11.2.31.132pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:WINDOWSsystem32MacromedFlashNPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsjmfkcklnlgedgbglfkkgedjfmejoahla12.0.0.1901_0plugins/avgnpss.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:Documents and SettingsKotDane aplikacjiMozillapluginsnpgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:Documents and SettingsKotDane aplikacjiMozillapluginsnpgtpo3dautoplugin.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeApplicationpluginsnpganymedenet.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:Program FilesAdobeReader 9.0ReaderBrowsernppdf32.dll
CHR - plugin: Microsoftu00AE Windows Media Player Firefox Plugin (Enabled) = C:Program FilesMozilla Firefoxpluginsnp-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:Program FilesMozilla FirefoxpluginsnpdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:Program FilesJavajre6binplugin2npjp2.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:Program FilesMozilla Firefoxpluginsnpdjvu.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:Program FilesMozilla FirefoxpluginsNPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program FilesMozilla Firefoxpluginsnppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:Program FilesMozilla Firefoxpluginsnprpplugin.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program FilesMozilla Firefoxpluginsnpqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program FilesMozilla Firefoxpluginsnprjplug.dll
CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpdrmv2.dll
CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpwmsdrm.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:Documents and SettingsAll UsersDane aplikacjiid SoftwareQuakeLivenpquakezero.dll
CHR - plugin: Google Update (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleUpdate1.3.21.111npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:Program FilesGoogleGoogle Updater2.4.2432.1652npCIDetect14.dll
CHR - plugin: Unity Player (Enabled) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiUnityWebPlayerloadernpUnity3D32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll
CHR - plugin: Picasa (Enabled) = C:Program FilesGooglePicasa3npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:Program FilesMicrosoft Silverlight4.1.10111.0npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:WINDOWSsystem32AdobeDirectornp32dsw.dll
CHR - Extension: Turn Off the Lights = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsbfbmjmiodbnnpllbbbfblcplfjjepjdn2.0.0.97_0
CHR - Extension: QRreader beta = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsbfdjglobiolninfgldchakgfldifphic0.4_0
CHR - Extension: YouTube = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.5_0
CHR - Extension: YoutubeDownloader = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsbpmpofdpdkjkfcchimkmfflegbppinlc1.2_0
CHR - Extension: Szukaj w Google = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.19_0
CHR - Extension: youtump3.com = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionscpojoompnnbjbenmcndghifipifpekhc1.1_0
CHR - Extension: Search by Image (by Google) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsdajedkncpodkggklbegccjpmnglmnflm1.1.1_0
CHR - Extension: Radio Internetowe = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsdbibbpnjegagchjhlfhndkkpkgnacihf1_0
CHR - Extension: Download All = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsdichiooocmfaijgfjjohpjdbelmficee1.5.6_0
CHR - Extension: FTP Free = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsehdgcfaoankkonoiichmblcfijkomfbn2.5_0
CHR - Extension: I-AM-STUDYING BLOCKER = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsemebnfadbcfbcnebjhlohinanlbkcmhj1.15.1_0
CHR - Extension: AdBlock = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom2.5.34_0
CHR - Extension: Mp3 Songs Search & Download = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsgpncnmchclinokbnkchkhjpallpogken1.0_0
CHR - Extension: G+ Circle Include = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionshfbmndhcmbebgglomcgjjdgojedkbdpf0.3_0
CHR - Extension: Facebook for Google+u2122 = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsijbnajmkoalaoooodnmfecbbnecmhhid1.9.37_0
CHR - Extension: Yulia Brodskaya = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsjlgdloilieclkegafohackmhffbmdpko2_0
CHR - Extension: AVG Safe Search = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsjmfkcklnlgedgbglfkkgedjfmejoahla12.0.0.1901_0
CHR - Extension: YouTube Downloader = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionskdlfdceinfchfhcajcgkfclokinpfiai1.6.1_0
CHR - Extension: Skype Click to Call = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0
CHR - Extension: FB Dislike = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionslpekolbadenjphaaapbgdienjjpgbali1.3.2_0
CHR - Extension: Sprawdzanie poczty Google = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsmihcahmgecmbnbcchbopgniflfhgnkff3.2_0
CHR - Extension: -1 Minus One for Google Plusu2122 = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsnaieljaeedpjcgjlhnkpnobnbkocahfe1.6_0
CHR - Extension: F.B. Purity - Cleans Up Facebook = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsncdlagniojmheiklojdcpdaeepochckl5.3.0_0
CHR - Extension: Google+ Ultimate = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsnhogbifmjccfhopdggilcbeamcmlhmgo1.3.4_0
CHR - Extension: Rozszerzenie Subskrypcje RSS (od Google) = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsnlbjncdgjeocebhnmkbbbdekmmmcbfjd2.2.0_0
CHR - Extension: G+me for Google Plusu2122 = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsoacdcllhgpddmlnhajiacfakhlilbicp6.0.3_0
CHR - Extension: Auto-Translate = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionsobgoiaeapddkeekbocomnjlckbbfapmk2.0.3_0
CHR - Extension: Plus Minus = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionspidkbnhjgdngcfcaikoocdanfijkgdli1.5.5_0
CHR - Extension: Tlumacz = C:Documents and SettingsKotUstawienia lokalneDane aplikacjiGoogleChromeUser DataDefaultExtensionspkpofhilebgcccknccaapjlapkijkdai1.1_0

O1 HOSTS File: ([2010-06-29 12:47:56 | 000,000,027 | ---- | M]) - C:WINDOWSsystem32driversetchosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Documents and SettingsAll UsersDane aplikacjiRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG2012avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll (Google Inc.)
O4 - HKLM..Run: [APSDaemon] C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.)
O4 - HKLM..Run: [AVG_TRAY] C:Program FilesAVGAVG2012avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..Run: [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..Run: [TkBellExe] C:program filesrealrealplayerupdaterealsched.exe (RealNetworks, Inc.)
O4 - Startup: C:Documents and SettingsKotMenu StartProgramyAutostartSkypeMate.lnk = C:Program FilesSkypeMateSkypeMate.exe (Yealink)
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoResolveTrack = 1
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoResolveSearch = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:WINDOWSSystem32GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:Documents and SettingsKotDane aplikacjiDVDVideoSoftIEHelpersfreeyoutubedownload.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 194.204.152.34 194.204.159.1
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8E376880-D542-4836-B6B3-767B07381CD9}: DhcpNameServer = 194.204.152.34 194.204.159.1
O18 - ProtocolHandlerlinkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG2012avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:WINDOWSexplorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) - C:WINDOWSsystem32userinit.exe (Microsoft Corporation)
O20 - WinlogonNotifyAtiExtEvent: DllName - (Ati2evxx.dll) - C:WINDOWSSystem32ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:Documents and SettingsKotUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O24 - Desktop BackupWallPaper: C:Documents and SettingsKotUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-19 12:16:31 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2{1c150eef-1f40-11e0-a0b2-002618b28333}Shell - "" = AutoRun
O33 - MountPoints2{1c150eef-1f40-11e0-a0b2-002618b28333}ShellAutoRuncommand - "" = E:Startme.exe
O33 - MountPoints2{de2bb256-335a-11e0-a0e9-002618b28333}Shell - "" = AutoRun
O33 - MountPoints2{de2bb256-335a-11e0-a0e9-002618b28333}ShellAutoRuncommand - "" = E:Installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37 - HKLM...com [@ = ComFile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*
O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-06-03 23:39:24 | 000,000,000 | RH-D | C] -- C:Documents and SettingsKotRecent
[2012-05-31 22:20:31 | 000,000,000 | ---D | C] -- C:Documents and SettingsKotPulpitPawel
[2012-05-31 10:57:50 | 000,000,000 | ---D | C] -- C:Minidump
[2012-05-30 15:58:29 | 000,000,000 | ---D | C] -- C:Documents and SettingsKotPulpitgram
[2012-05-29 14:38:40 | 000,000,000 | ---D | C] -- C:symbole
[2012-05-29 14:25:46 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramyWindows Kits
[2012-05-29 14:25:01 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesMicrosoft
[2012-05-29 14:23:43 | 000,000,000 | ---D | C] -- C:Common7
[2012-05-29 14:23:23 | 000,000,000 | ---D | C] -- C:Program FilesWindows Kits
[2012-05-29 13:58:05 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft.NET
[2012-05-29 12:59:52 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersDane aplikacjiPackage Cache
[2012-05-16 09:46:15 | 000,000,000 | ---D | C] -- C:Program FilesCommon Filesxing shared
[2012-05-16 09:45:46 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:WINDOWSSystem32rmoc3260.dll
[2012-05-16 09:44:51 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramyRealNetworks
[2012-05-05 20:31:26 | 000,000,000 | R--D | C] -- C:Documents and SettingsKotMenu StartProgramyNarzędzia administracyjne

========== Files - Modified Within 30 Days ==========

[2012-06-04 10:46:41 | 000,001,124 | ---- | M] () -- C:WINDOWS asksGoogleUpdateTaskUserS-1-5-21-725345543-839522115-1177238915-1003UA.job
[2012-06-04 10:29:28 | 000,556,068 | ---- | M] () -- C:WINDOWSSystem32perfh015.dat
[2012-06-04 10:29:28 | 000,509,136 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat
[2012-06-04 10:29:28 | 000,113,476 | ---- | M] () -- C:WINDOWSSystem32perfc015.dat
[2012-06-04 10:29:28 | 000,090,618 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat
[2012-06-04 10:25:12 | 000,000,274 | ---- | M] () -- C:WINDOWS asksRealUpgradeLogonTaskS-1-5-21-725345543-839522115-1177238915-1003.job
[2012-06-04 10:25:11 | 000,000,294 | ---- | M] () -- C:WINDOWS asksRealUpgradeLogonTaskS-1-5-21-725345543-839522115-1177238915-500.job
[2012-06-04 10:25:03 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat
[2012-06-04 10:01:00 | 000,000,230 | ---- | M] () -- C:WINDOWS asksScheduled Update for Ask Toolbar.job
[2012-06-04 09:34:56 | 099,711,565 | ---- | M] () -- C:WINDOWSSystem32driversAVGincavi.avm
[2012-06-04 09:25:00 | 000,000,930 | ---- | M] () -- C:WINDOWS asksAdobe Flash Player Updater.job
[2012-06-02 21:54:53 | 000,254,696 | ---- | M] () -- C:Documents and SettingsKotPulpitwinek- Rpmantyzm pod lupą.pdf
[2012-06-02 21:30:47 | 000,798,633 | ---- | M] () -- C:Documents and SettingsKotPulpit riumph003.jpg
[2012-06-02 21:27:42 | 000,782,092 | ---- | M] () -- C:Documents and SettingsKotPulpit riumph002.jpg
[2012-06-02 21:25:49 | 000,811,457 | ---- | M] () -- C:Documents and SettingsKotPulpit riumph001.jpg
[2012-06-02 17:31:17 | 000,151,835 | ---- | M] () -- C:WINDOWSSystem32driversAVGiavichjg.avm
[2012-06-01 22:18:11 | 009,672,203 | ---- | M] () -- C:Documents and SettingsKotPulpitcaddy002.pdf
[2012-06-01 22:08:56 | 006,698,679 | ---- | M] () -- C:Documents and SettingsKotPulpitcaddy001.pdf
[2012-05-31 22:16:56 | 000,030,782 | ---- | M] () -- C:Documents and SettingsKotPulpitA kolega komu kibicuje.jpg
[2012-05-30 14:45:00 | 000,001,072 | ---- | M] () -- C:WINDOWS asksGoogleUpdateTaskUserS-1-5-21-725345543-839522115-1177238915-1003Core.job
[2012-05-30 14:31:01 | 000,000,972 | ---- | M] () -- C:WINDOWS asksGoogle Software Updater.job
[2012-05-29 21:42:12 | 000,000,069 | ---- | M] () -- C:WINDOWSNeroDigital.ini
[2012-05-29 14:54:34 | 000,002,262 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl
[2012-05-29 13:15:35 | 000,000,664 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat
[2012-05-29 00:09:56 | 000,002,725 | ---- | M] () -- C:Documents and SettingsKot.recently-used.xbel
[2012-05-28 11:49:58 | 000,013,191 | ---- | M] () -- C:Documents and SettingsKotPulpitKubuś Świderski.jpg
[2012-05-27 11:54:17 | 000,138,328 | ---- | M] () -- C:WINDOWSSystem32driversPnkBstrK.sys
[2012-05-27 11:54:08 | 000,214,816 | ---- | M] () -- C:WINDOWSSystem32PnkBstrB.xtr
[2012-05-26 16:47:23 | 000,027,136 | ---- | M] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-22 10:42:39 | 000,000,624 | ---- | M] () -- C:Documents and SettingsKotPulpitSkrót do MBL.lnk
[2012-05-16 09:54:07 | 000,000,282 | ---- | M] () -- C:WINDOWS asksRealUpgradeScheduledTaskS-1-5-21-725345543-839522115-1177238915-1003.job
[2012-05-16 09:45:46 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:WINDOWSSystem32rmoc3260.dll
[2012-05-16 09:44:53 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:WINDOWSSystem32pndx5016.dll
[2012-05-16 09:44:53 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:WINDOWSSystem32pndx5032.dll
[2012-05-09 01:06:00 | 000,000,302 | ---- | M] () -- C:WINDOWS asksRealUpgradeScheduledTaskS-1-5-21-725345543-839522115-1177238915-500.job
[2012-05-05 13:25:12 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerApp.exe
[2012-05-05 13:25:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012-06-02 21:54:46 | 000,254,696 | ---- | C] () -- C:Documents and SettingsKotPulpitwinek- Rpmantyzm pod lupą.pdf
[2012-06-02 21:30:45 | 000,798,633 | ---- | C] () -- C:Documents and SettingsKotPulpit riumph003.jpg
[2012-06-02 21:27:41 | 000,782,092 | ---- | C] () -- C:Documents and SettingsKotPulpit riumph002.jpg
[2012-06-02 21:25:48 | 000,811,457 | ---- | C] () -- C:Documents and SettingsKotPulpit riumph001.jpg
[2012-06-01 22:17:22 | 009,672,203 | ---- | C] () -- C:Documents and SettingsKotPulpitcaddy002.pdf
[2012-06-01 22:08:05 | 006,698,679 | ---- | C] () -- C:Documents and SettingsKotPulpitcaddy001.pdf
[2012-05-31 22:16:49 | 000,030,782 | ---- | C] () -- C:Documents and SettingsKotPulpitA kolega komu kibicuje.jpg
[2012-05-30 00:44:01 | 000,271,298 | ---- | C] () -- C:Documents and SettingsLocalServiceUstawienia lokalneDane aplikacjiWPFFontCache_v0400-System.dat
[2012-05-29 00:09:56 | 000,002,725 | ---- | C] () -- C:Documents and SettingsKot.recently-used.xbel
[2012-05-28 11:49:57 | 000,013,191 | ---- | C] () -- C:Documents and SettingsKotPulpitKubuś Świderski.jpg
[2012-05-22 10:42:42 | 000,000,624 | ---- | C] () -- C:Documents and SettingsKotPulpitSkrót do MBL.lnk
[2012-05-04 09:43:43 | 000,000,664 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat
[2012-03-19 16:25:31 | 000,000,024 | ---- | C] () -- C:WINDOWSWilga-PSJP.INI
[2012-02-28 22:42:10 | 000,003,072 | ---- | C] () -- C:WINDOWSSystem32iacenc.dll
[2012-01-02 17:07:44 | 000,032,768 | ---- | C] () -- C:WINDOWSSystem32driverssp_rsdrv2.sys
[2011-09-19 09:41:09 | 000,000,088 | RHS- | C] () -- C:Documents and SettingsAll UsersDane aplikacjiB2441E094D.sys
[2011-09-19 09:41:08 | 000,002,516 | -HS- | C] () -- C:Documents and SettingsAll UsersDane aplikacjiKGyGaAvL.sys
[2011-05-06 20:16:20 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p31].bmp
[2011-05-06 20:16:05 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p30].bmp
[2011-05-06 20:15:52 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p29].bmp
[2011-05-06 20:15:39 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p28].bmp
[2011-05-06 20:15:28 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p27].bmp
[2011-05-06 20:15:20 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p26].bmp
[2011-05-06 20:15:08 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p25].bmp
[2011-05-06 20:14:59 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p24].bmp
[2011-05-06 20:14:50 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p23].bmp
[2011-05-06 20:14:42 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p22].bmp
[2011-05-06 20:14:32 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p21].bmp
[2011-05-06 20:14:23 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p20].bmp
[2011-05-06 20:14:10 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p19].bmp
[2011-05-06 20:13:59 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p18].bmp
[2011-05-06 20:13:47 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p17].bmp
[2011-05-06 20:13:33 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p16].bmp
[2011-05-06 20:13:22 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p15].bmp
[2011-05-06 20:13:15 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p14].bmp
[2011-05-06 20:13:08 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p13].bmp
[2011-05-06 20:13:01 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p12].bmp
[2011-05-06 20:12:45 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p11].bmp
[2011-05-06 20:12:33 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p10].bmp
[2011-05-06 20:12:21 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p09].bmp
[2011-05-06 20:12:08 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p08].bmp
[2011-05-06 20:12:01 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p07].bmp
[2011-05-06 20:11:52 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p06].bmp
[2011-05-06 20:11:41 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p05].bmp
[2011-05-06 20:11:34 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p04].bmp
[2011-05-06 20:11:24 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p03].bmp
[2011-05-06 20:11:13 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p02].bmp
[2011-05-06 20:11:02 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0002]-[p01].bmp
[2011-03-09 11:41:17 | 000,000,600 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacjiPUTTY.RND
[2011-03-05 17:16:52 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0007]-[p03].bmp
[2011-03-05 17:16:34 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0007]-[p02].bmp
[2011-03-05 17:16:12 | 002,525,238 | ---- | C] () -- C:Documents and SettingsKotUstawienia lokalneDane aplikacji[j0007]-[p01].bmp
[2011-01-19 11:07:17 | 000,075,776 | ---- | C] () -- C:WINDOWScadkasdeinst01pol.exe
[2010-12-01 12:47:33 | 000,000,000 | ---- | C] () -- C:Documents and SettingsAll UsersDane aplikacjiLauncherAccess.dt
[2010-12-01 12:44:51 | 000,005,632 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys
[2010-11-12 22:20:23 | 000,000,221 | ---- | C] () -- C:WINDOWSao97pr.ini
[2010-10-27 19:05:46 | 000,484,352 | ---- | C] () -- C:WINDOWSSystem32lame_enc.dll
[2010-09-27 21:38:29 | 000,209,098 | ---- | C] () -- C:WINDOWShphins34.dat.temp
[2010-09-27 21:38:28 | 000,000,606 | ---- | C] () -- C:WINDOWShphmdl34.dat.temp
[2010-09-27 20:22:15 | 000,178,584 | ---- | C] () -- C:WINDOWShphins34.dat
[2010-09-27 20:22:14 | 000,000,532 | ---- | C] () -- C:WINDOWShphmdl34.dat
[2010-06-29 12:53:23 | 000,102,471 | ---- | C] () -- C:WINDOWSSystem32msvcrt2.dll
[2010-06-29 12:34:41 | 000,256,512 | ---- | C] () -- C:WINDOWSPEV.exe
[2010-06-29 12:34:41 | 000,098,816 | ---- | C] () -- C:WINDOWSsed.exe
[2010-06-29 12:34:41 | 000,080,412 | ---- | C] () -- C:WINDOWSgrep.exe
[2010-06-29 12:34:41 | 000,077,312 | ---- | C] () -- C:WINDOWSMBR.exe
[2010-06-29 12:34:41 | 000,068,096 | ---- | C] () -- C:WINDOWSzip.exe
[2010-06-10 02:20:20 | 000,000,118 | ---- | C] () -- C:WINDOWSSystem32MRT.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:Documents and SettingsAll UsersDane aplikacjiTEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:Documents and SettingsAll UsersDane aplikacjiTEMP:A8ADE5D8

< End of report >

Do góry

#6 ordynat

Zaawansowany użytkownik

804 postów

Napisano 04 06 2012 - 12:34

TDSSKiller nic nie wykrył (to, co wykrył, to fałszywe wykrycia).

W nowym logu OTL nie widzę już niczego podejrzanego.

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
Jednocześnie zniknie TDSSKiller.