Skocz do zawartości


Zdjęcie

Logi - Profilaktyczna kontrola

Rozpoczęty przez lukaszcba1989 , 06 09 2010 14:51

  • Zamknięty Temat jest zamknięty
6 odpowiedzi w tym temacie

#1 lukaszcba1989

lukaszcba1989

    Nowy

  • 4 postów

Napisano 06 09 2010 - 14:51

Log OTL

OTL logfile created on: 10-09-06 15:07:57 - Run 2OTL by OldTimer - Version 3.2.11.0     Folder = D:\Instalki\CzyścicieleWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File freePaging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 20,51 Gb Total Space | 8,79 Gb Free Space | 42,85% Space Free | Partition Type: NTFSDrive D: | 59,57 Gb Total Space | 9,52 Gb Free Space | 15,98% Space Free | Partition Type: NTFSDrive E: | 97,65 Gb Total Space | 8,00 Gb Free Space | 8,20% Space Free | Partition Type: NTFSDrive F: | 55,15 Gb Total Space | 18,26 Gb Free Space | 33,12% Space Free | Partition Type: NTFSG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: XXXCurrent User Name: ŁukaszLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-09-06 14:32:28 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Instalki\Czyściciele\OTL.exePRC - [2010-08-10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- D:\Advanced SystemCare 3\AWC.exePRC - [2010-07-26 10:30:16 | 000,014,808 | ---- | M] (Mozilla Corporation) -- D:\Mozilla\plugin-container.exePRC - [2010-07-26 10:30:10 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla\firefox.exePRC - [2010-05-29 14:31:14 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- D:\AdMuncher\AdMunch.exePRC - [2010-05-07 16:38:14 | 001,051,976 | ---- | M] (TuneUp Software) -- D:\TubeUpUtilities2010\TuneUpUtilitiesService32.exePRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- D:\Eset\Zainstalowane\ekrn.exePRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- D:\Eset\Zainstalowane\egui.exePRC - [2009-10-02 00:00:00 | 002,430,048 | ---- | M] (Lavalys, Inc.) -- D:\EVEREST Ultimate Edition\everest.exePRC - [2009-07-01 18:38:40 | 001,481,056 | ---- | M] (Nullsoft) -- D:\Winamp\winamp.exePRC - [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- D:\Tlen.pl\tlen.exePRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe  ========== Modules (SafeList) ========== MOD - [2010-09-06 14:32:28 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Instalki\Czyściciele\OTL.exeMOD - [2010-05-29 14:31:14 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- D:\AdMuncher\AM31318.dllMOD - [2008-06-19 14:20:08 | 000,017,408 | ---- | M] () -- D:\Tlen.pl\hook.dllMOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx  ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)SRV - [2010-09-02 15:10:54 | 000,008,192 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)SRV - [2010-08-16 13:02:16 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- D:\TubeUpUtilities2010\TuneUpDefragService.exe -- (TuneUp.Defrag)SRV - [2010-05-07 16:38:14 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\TubeUpUtilities2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)SRV - [2010-05-07 16:34:32 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Eset\Zainstalowane\EHttpSrv.exe -- (EhttpSrv)SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- D:\Eset\Zainstalowane\ekrn.exe -- (ekrn)SRV - [2010-01-09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)  ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- D:\TuneUpUtilities2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)DRV - [2010-08-23 17:26:54 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)DRV - [2010-07-10 00:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)DRV - [2010-06-04 14:33:06 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)DRV - [2009-12-30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)DRV - [2009-10-02 00:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Running] -- D:\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)DRV - [2009-02-24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)DRV - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2007-06-19 09:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)DRV - [2007-06-14 10:41:58 | 004,429,312 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)DRV - [2007-05-04 18:41:50 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2007-05-04 18:41:48 | 000,046,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2007-04-24 11:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)DRV - [2007-04-24 11:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)DRV - [2007-04-24 11:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)DRV - [2007-04-23 15:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)DRV - [2007-04-23 15:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)DRV - [2007-04-23 15:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)DRV - [2007-04-23 15:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)DRV - [2007-04-23 15:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ==========  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542"FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.search.update: falseFF - prefs.js..browser.startup.homepage: "http://www.wp.pl/"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0  FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla\components [2010-07-26 10:30:20 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla\plugins [2010-07-26 10:30:20 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: D:\Thunderbird\components [2010-09-04 12:04:37 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Eset\Zainstalowane\Mozilla Thunderbird [2010-08-13 14:19:36 | 000,000,000 | ---D | M] [2010-08-18 09:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions[2010-08-18 09:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}[2010-08-26 15:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\j7fhauij.default\extensions[2010-08-09 16:31:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\j7fhauij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2010-05-23 17:05:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\j7fhauij.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} O1 HOSTS File: ([2010-08-12 11:21:46 | 000,416,627 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: 127.0.0.1	www.007guard.comO1 - Hosts: 127.0.0.1	007guard.comO1 - Hosts: 127.0.0.1	008i.comO1 - Hosts: 127.0.0.1	www.008k.comO1 - Hosts: 127.0.0.1	008k.comO1 - Hosts: 127.0.0.1	www.00hq.comO1 - Hosts: 127.0.0.1	00hq.comO1 - Hosts: 127.0.0.1	010402.comO1 - Hosts: 127.0.0.1	www.032439.comO1 - Hosts: 127.0.0.1	032439.comO1 - Hosts: 127.0.0.1	www.0scan.comO1 - Hosts: 127.0.0.1	0scan.comO1 - Hosts: 127.0.0.1	1000gratisproben.comO1 - Hosts: 127.0.0.1	www.1000gratisproben.comO1 - Hosts: 127.0.0.1	1001namen.comO1 - Hosts: 127.0.0.1	www.1001namen.comO1 - Hosts: 127.0.0.1	100888290cs.comO1 - Hosts: 127.0.0.1	www.100888290cs.comO1 - Hosts: 127.0.0.1	www.100sexlinks.comO1 - Hosts: 127.0.0.1	100sexlinks.comO1 - Hosts: 127.0.0.1	10sek.comO1 - Hosts: 127.0.0.1	www.10sek.comO1 - Hosts: 127.0.0.1	www.1-2005-search.comO1 - Hosts: 127.0.0.1	1-2005-search.comO1 - Hosts: 14381 more lines...O4 - HKLM..\Run: [Ad Muncher] D:\AdMuncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [egui] D:\Eset\Zainstalowane\egui.exe (ESET)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKCU..\Run: [Advanced SystemCare 3] D:\Advanced SystemCare 3\AWC.exe (IObit)O4 - HKCU..\Run: [EVEREST AutoStart] D:\EVEREST Ultimate Edition\everest.exe (Lavalys, Inc.)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2010-05-23 14:25:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk /p \??\C) -  File not foundO34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-09-06 15:07:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Recent[2010-09-05 14:14:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\DEA314C409294250BC9298E4C105F28D.TMP[2010-09-05 14:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard[2010-09-04 12:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\foobar2000[2010-09-03 17:03:17 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache[2010-09-03 16:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Nuty na organy[2010-09-03 12:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Pliki programu Outlook[2010-09-02 15:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services[2010-09-02 15:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER[2010-09-02 15:04:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET[2010-09-02 15:04:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition[2010-09-02 15:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft[2010-09-02 15:02:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW[2010-09-02 15:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services[2010-09-02 15:01:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft Help[2010-09-02 15:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office[2010-09-02 15:01:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help[2010-09-02 15:01:13 | 000,000,000 | RH-D | C] -- C:\MSOCache[2010-09-01 16:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Activision[2010-08-30 14:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\GRETECH[2010-08-29 12:41:58 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\eax.dll[2010-08-29 12:41:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\embedded[2010-08-26 15:56:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Downloads[2010-08-26 15:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Sawer[2010-08-26 14:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Hardcore[2010-08-26 14:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\VirtualDJ[2010-08-26 14:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit[2010-08-26 14:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments[2010-08-26 13:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Pobieranie[2010-08-25 16:30:22 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll[2010-08-25 16:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Image-Line[2010-08-25 16:30:10 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm[2010-08-25 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim[2010-08-25 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line[2010-08-25 10:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\gegl-0.0[2010-08-24 22:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz[2010-08-23 17:32:52 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe[2010-08-23 17:20:09 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll[2010-08-23 17:20:08 | 013,549,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll[2010-08-23 17:20:08 | 002,914,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll[2010-08-23 17:20:08 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll[2010-08-23 17:20:07 | 010,260,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll[2010-08-23 17:20:07 | 004,595,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll[2010-08-23 17:20:07 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll[2010-08-23 17:20:07 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll[2010-08-23 17:20:06 | 001,388,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll[2010-08-23 16:07:56 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys[2010-08-20 15:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Ascaron Entertainment[2010-08-20 15:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Ascaron Entertainment[2010-08-18 17:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\NFS ProStreet[2010-08-18 17:15:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\SecuROM[2010-08-18 09:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Thunderbird[2010-08-18 09:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Thunderbird[2010-08-17 10:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\VS Revo Group[2010-08-16 13:02:19 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe[2010-08-16 13:02:17 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll[2010-08-13 18:22:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Łukasz\IETldCache[2010-08-13 15:54:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM[2010-08-13 15:52:45 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll[2010-08-13 15:52:45 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll[2010-08-13 14:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET[2010-08-12 20:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira[2010-08-09 18:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\ESET[2010-08-09 18:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ESET[2010-08-09 18:19:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-09-06 15:06:55 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Łukasz\ntuser.dat[2010-09-06 15:05:08 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job[2010-09-06 15:04:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-09-06 15:04:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-09-06 14:53:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-527237240-1417001333-1005UA.job[2010-09-06 13:05:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-09-05 23:27:48 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Łukasz\ntuser.ini[2010-09-05 23:27:42 | 020,628,016 | -H-- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\IconCache.db[2010-09-05 14:14:03 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Transformers(TM) - War for Cybertron(TM).lnk[2010-09-04 12:32:06 | 010,531,816 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Touch Me.wav[2010-09-04 12:29:48 | 016,482,860 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\01 Intro.wav[2010-09-03 19:39:48 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\AWC Update.job[2010-09-03 17:15:27 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk[2010-09-03 17:15:25 | 000,000,273 | ---- | M] () -- C:\WINDOWS\game.ini[2010-09-03 15:53:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-527237240-1417001333-1005Core.job[2010-09-03 12:22:32 | 001,119,058 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010-09-03 12:22:32 | 000,503,798 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-09-03 12:22:32 | 000,444,320 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-09-03 12:22:32 | 000,090,888 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-09-03 12:22:32 | 000,072,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-09-02 20:23:48 | 000,050,728 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2010-09-02 16:00:26 | 000,011,866 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Turystyka.odt[2010-09-02 15:52:54 | 000,215,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2010-09-02 15:10:54 | 000,151,552 | ---- | M] () -- C:\WINDOWS\KMService.exe[2010-09-02 15:10:54 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\srvany.exe[2010-09-02 15:02:41 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini[2010-09-01 23:47:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2010-09-01 23:47:01 | 000,000,222 | RHS- | M] () -- C:\boot.ini[2010-09-01 16:56:43 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) - World at War(TM) Jeden gracz - Kooperacja.lnk[2010-08-29 12:44:01 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Uruchom grę Mafia.lnk[2010-08-26 16:21:41 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk[2010-08-26 15:55:29 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Google Chrome.lnk[2010-08-26 13:09:10 | 000,011,208 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Playlista.m3u[2010-08-25 10:15:34 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Łukasz\.recently-used.xbel[2010-08-23 17:26:54 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys[2010-08-23 17:25:02 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2010-08-23 17:25:02 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin[2010-08-23 17:20:45 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2010-08-23 17:20:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk[2010-08-20 15:38:56 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Port Royale 2.lnk[2010-08-20 15:37:48 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx[2010-08-19 17:39:12 | 000,000,582 | ---- | M] () -- C:\WINDOWS\eReg.dat[2010-08-18 17:24:41 | 000,001,581 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ ProStreet.lnk[2010-08-18 17:15:15 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll[2010-08-17 10:59:44 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo[2010-08-16 13:02:15 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk[2010-08-15 20:30:37 | 000,000,447 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Tropico.lnk[2010-08-15 09:26:37 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll[2010-08-13 17:58:41 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Szybkie Czyszczenie Dysku.lnk[2010-08-12 17:15:06 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-08-12 11:21:46 | 000,416,627 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2010-08-09 17:43:35 | 000,000,626 | -HS- | M] () -- C:\WINDOWS\KLIF.spi[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-09-05 14:14:03 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Transformers(TM) - War for Cybertron(TM).lnk[2010-09-04 12:32:05 | 010,531,816 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Touch Me.wav[2010-09-04 12:29:47 | 016,482,860 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\01 Intro.wav[2010-09-03 17:15:27 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk[2010-09-03 17:15:25 | 000,000,273 | ---- | C] () -- C:\WINDOWS\game.ini[2010-09-02 15:11:22 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMService.exe[2010-09-02 15:11:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe[2010-09-01 17:56:53 | 000,011,866 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Turystyka.odt[2010-09-01 16:56:43 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) - World at War(TM) Jeden gracz - Kooperacja.lnk[2010-08-29 12:44:01 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Uruchom grę Mafia.lnk[2010-08-26 15:55:29 | 000,002,317 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Google Chrome.lnk[2010-08-26 15:48:13 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-527237240-1417001333-1005UA.job[2010-08-26 15:48:11 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-527237240-1417001333-1005Core.job[2010-08-25 10:15:34 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\Łukasz\.recently-used.xbel[2010-08-23 17:32:52 | 000,003,903 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu[2010-08-23 17:20:45 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2010-08-23 17:20:43 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2010-08-23 17:20:43 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin[2010-08-23 17:20:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk[2010-08-23 17:20:06 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin[2010-08-20 15:38:56 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Port Royale 2.lnk[2010-08-19 17:39:12 | 000,000,582 | ---- | C] () -- C:\WINDOWS\eReg.dat[2010-08-18 17:24:41 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ ProStreet.lnk[2010-08-17 10:59:43 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo[2010-08-16 13:02:15 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk[2010-08-15 20:30:37 | 000,000,447 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Tropico.lnk[2010-08-15 09:25:56 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll[2010-08-13 17:58:35 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Szybkie Czyszczenie Dysku.lnk[2010-08-10 17:54:23 | 000,122,884 | ---- | C] () -- C:\WINDOWS\UnGins.exe[2010-08-09 15:58:56 | 000,000,626 | -HS- | C] () -- C:\WINDOWS\KLIF.spi[2010-07-13 09:49:48 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat[2010-07-12 22:08:36 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\PnkBstrK.sys[2010-07-05 13:00:54 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL[2010-06-16 20:15:59 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-05-23 16:24:27 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2010-05-23 16:24:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini[2010-05-23 16:24:24 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2010-05-23 16:24:24 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2010-05-23 16:24:22 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2010-05-23 16:24:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2010-05-23 16:23:23 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8< End of report >


Extras

OTL Extras logfile created on: 10-09-06 14:33:58 - Run 1OTL by OldTimer - Version 3.2.11.0     Folder = D:\InstalkiWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 26,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File freePaging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 20,51 Gb Total Space | 7,13 Gb Free Space | 34,77% Space Free | Partition Type: NTFSDrive D: | 59,57 Gb Total Space | 9,56 Gb Free Space | 16,04% Space Free | Partition Type: NTFSDrive E: | 97,65 Gb Total Space | 8,01 Gb Free Space | 8,20% Space Free | Partition Type: NTFSDrive F: | 55,15 Gb Total Space | 18,26 Gb Free Space | 33,12% Space Free | Partition Type: NTFSG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: XXXCurrent User Name: ŁukaszLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Extra Registry (SafeList) ==========  ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = Opera.HTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)http [open] -- Reg Error: Key error.https [open] -- Reg Error: Key error.InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l File not foundpiffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft)Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 0"DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)"E:\Gry\MedalOfHonorAlied\UnrealEngine3\Binaries\MOHA.exe" = E:\Gry\MedalOfHonorAlied\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne -- (Electronic Arts Inc.)"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)"D:\Tlen.pl\tlen.exe" = D:\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl -- (o2.pl Sp. z o.o.)"D:\Instalki\AudioConverter_Setup.exe" = D:\Instalki\AudioConverter_Setup.exe:*:Enabled:Audio Converter -- ()"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)"E:\Gry\Transformens\Zainstalowana\Binaries\TWFC.exe" = E:\Gry\Transformens\Zainstalowana\Binaries\TWFC.exe:*:Enabled:Transformers(TM) - War for Cybertron(TM) -- ()  ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant"{6BCBF099-BC3F-4832-BC0D-0AD07D4A5FE9}" = ESET Smart Security"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61"{818FB39B-1A57-4F1B-A54D-391C33D6C586}" = Tropico"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL)"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update"{90140000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 14"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software"{A2422674-F3A7-46F2-8966-EC6B1FBD6EB3}" = Settlers IV - Złota Edycja"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers"{C716522C-3731-4667-8579-40B098294500}" = Toolbox"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport"{EE99722C-E19C-4FDE-863D-F48DEF622C68}" = OpenOffice.ux.pl 3.1"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer"{F6F90406-4726-4559-B6F7-3A96529CDD45}" = F2100"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)"7-Zip" = 7-Zip 4.65"Ad Muncher" = Ad Muncher v4.8 Build 31318"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"Advanced SystemCare 3_is1" = Advanced SystemCare 3"ALLPlayer_is1" = ALLPlayer V3.X"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010"Ashampoo UnInstaller Platinum 2_is1" = Ashampoo UnInstaller Platinum 2.81"CCleaner" = CCleaner"Defraggler" = Defraggler"DVD2one V2" = DVD2one V2.1.3"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30"Everything" = Everything 1.2.1.371"FL Studio 9" = FL Studio 9"foobar2000" = foobar2000 v1.1"Foxit Reader" = Foxit Reader"Fraps" = Fraps"Game Booster_is1" = Game Booster"GOM Player" = GOM Player"Hardcore" = Hardcore"HijackThis" = HijackThis 2.0.2"HP Imaging Device Functions" = HP Imaging Device Functions 8.0"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0"HPExtendedCapabilities" = HP Customer Parti[beeep]tion Program 8.0"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers(TM) - War for Cybertron(TM)"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2"JDownloader" = JDownloader"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)"Mafia_is1" = Mafia"MagicDisc 2.7.106" = MagicDisc 2.7.106"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)"Native Instruments Traktor DJ Mixer v1.0" = Native Instruments Traktor DJ Mixer v1.0"NVIDIA Drivers" = NVIDIA Drivers"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager"Odkurzacz 12.3_is1" = Odkurzacz 12.3"Office14.PROPLUS" = Microsoft Office Professional Plus 2010"PoiZone" = PoiZone"Port Royale 2" = Port Royale 2"RealAlt_is1" = <a href="http://www.download.net.pl/107/Real-Alternative/">Real Alternative</a> 1.9.0"Sawer" = Sawer"Tlen.pl" = Tlen.pl"Toxic Biohazard" = Toxic Biohazard"TuneUp Utilities" = TuneUp Utilities"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions"Winamp" = Winamp"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter"Windows Media Format Runtime" = Windows Media Format Runtime"WinGimp-2.0_is1" = GIMP 2.6.10"WinRAR archiver" = Archiwizator WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"F1 SandG 2009" = F1 SandG 2009"Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 10-09-05 15:13:30 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-05 16:40:29 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-05 16:40:29 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-05 17:07:30 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-05 17:07:30 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-06 07:05:23 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-06 07:05:23 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-06 07:05:24 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-06 07:05:24 | Computer Name = XXX | Source = Userenv | ID = 1041Description = System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error - 10-09-06 07:05:29 | Computer Name = XXX | Source = PerfNet | ID = 2004Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną  zwrócone. Zwrócony kod stanu to dane DWORD 0. [ System Events ]Error - 10-09-03 08:54:35 | Computer Name = XXX | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi TuneUpUtilitiesDrv z powodu następującego błędu:   %%3 Error - 10-09-03 15:57:48 | Computer Name = XXX | Source = Service Control Manager | ID = 7034Description = Usługa Office Software Protection Platform niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 10-09-03 15:57:52 | Computer Name = XXX | Source = Service Control Manager | ID = 7034Description = Usługa TuneUp Utilities Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 10-09-04 04:18:41 | Computer Name = XXX | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi TuneUpUtilitiesDrv z powodu następującego błędu:   %%3 Error - 10-09-04 15:49:40 | Computer Name = XXX | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi TuneUpUtilitiesDrv z powodu następującego błędu:   %%3 Error - 10-09-04 17:25:27 | Computer Name = XXX | Source = Windows Update Agent | ID = 20Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80246007: Aktualizacja zabezpieczeń dla programu .NET Framework 2.0 z dodatkiem SP2 i 3.5 z dodatkiem SP1 w systemach Windows Server 2003 i Windows XP x86 (KB983583). Error - 10-09-05 06:27:19 | Computer Name = XXX | Source = Dhcp | ID = 1002Description = Adres IP połączenia 192.168.1.101 dla karty sieciowej o adresie 001D7D943F87 został  zabroniony przez serwer DHCP 192.168.1.100 (Serwer DHCP wysłał komunikat DHCPNACK). Error - 10-09-05 06:27:48 | Computer Name = XXX | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi TuneUpUtilitiesDrv z powodu następującego błędu:   %%3 Error - 10-09-05 07:50:37 | Computer Name = XXX | Source = Service Control Manager | ID = 7034Description = Usługa TuneUp Utilities Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 10-09-06 07:05:39 | Computer Name = XXX | Source = Service Control Manager | ID = 7000Description = Nie można uruchomić usługi TuneUpUtilitiesDrv z powodu następującego błędu:   %%3 [ TuneUp Events ]Error - 10-05-28 19:25:43 | Computer Name = XXX | Source = TuneUp Program Statistics | ID = 131840Description =  Error - 10-05-29 04:20:00 | Computer Name = XXX | Source = TuneUp Program Statistics | ID = 131840Description =  Error - 10-05-29 06:38:25 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-05-29 08:30:36 | Computer Name = XXX | Source = TuneUp Program Statistics | ID = 131840Description =  Error - 10-05-30 03:58:57 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-05-30 06:34:34 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-06-02 12:25:37 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-06-03 04:17:14 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-06-03 10:32:44 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =  Error - 10-06-03 12:04:27 | Computer Name = XXX | Source = TuneUp.UtilitiesSvc | ID = 300Description =   < End of report >



GMER

GMER 1.0.15.15281 - http://www.gmer.netRootkit quick scan 2010-09-06 15:14:25Windows 5.1.2600 Dodatek Service Pack 3Running: gmer.exe; Driver: C:\DOCUME~1\UKASZ~1\USTAWI~1\Temp\pgtdipow.sys---- System - GMER 1.0.15 ----SSDT            spsv.sys                     ZwEnumerateKey [0xB7ECDDA4]SSDT            spsv.sys                     ZwEnumerateValueKey [0xB7ECE132]---- Devices - GMER 1.0.15 ----Device          \FileSystem\Ntfs \Ntfs       8A55B1F8AttachedDevice  \FileSystem\Ntfs \Ntfs       eamon.sys (Amon monitor/ESET)AttachedDevice  \Driver\Tcpip \Device\Ip     epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)AttachedDevice  \Driver\Tcpip \Device\Tcp    epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)AttachedDevice  \Driver\Tcpip \Device\Udp    epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)AttachedDevice  \Driver\Tcpip \Device\RawIp  epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)---- EOF - GMER 1.0.15 ----




Silent Runners 


"Silent Runners.vbs", revision 61, http://www.silentrunners.org/Operating System: Windows XP SP3Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}"Advanced SystemCare 3" = ""D:\Advanced SystemCare 3\AWC.exe" /startup" ["IObit"]"EVEREST AutoStart" = "D:\EVEREST Ultimate Edition\everest.exe" ["Lavalys, Inc."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]"Alcmtr" = "ALCMTR.EXE" ["Realtek Semiconductor Corp."]"Ad Muncher" = ""D:\AdMuncher\AdMunch.exe" /bt" ["Murray Hurps Corp Pty Ltd"]"egui" = ""D:\Eset\Zainstalowane\egui.exe" /hide /waitservice" ["ESET"]"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}\(Default) = "Aktualizacja wersji programu Internet Explorer"                                       \StubPath  = "C:\WINDOWS\system32\ieudinit.exe" [MS]>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"                                       \StubPath  = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"  -> {HKLM...CLSID} = "7-Zip Shell Extension"                   \InProcServer32\(Default) = "D:\7-Zip\7-zip.dll" ["Igor Pavlov"]"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "ESET Smart Security - Context Menu Shell Extension"  -> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"                   \InProcServer32\(Default) = "D:\Eset\Zainstalowane\shellExt.dll" ["ESET"]"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"  -> {HKLM...CLSID} = "TuneUp Theme Extension"                   \InProcServer32\(Default) = "C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software"]"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"  -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"                   \InProcServer32\(Default) = "D:\TubeUpUtilities2010\SDShelEx-win32.dll" ["TuneUp Software"]"{4838CD50-7E5D-4811-9B17-C47A85539F28}" = "TuneUp Disk Space Explorer Shell Extension"  -> {HKLM...CLSID} = "TuneUp Disk Space Explorer Shell Extension"                   \InProcServer32\(Default) = "D:\TubeUpUtilities2010\DseShExt-x86.dll" ["TuneUp Software"]"{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}" = "Revo Uninstaller Pro Extension"  -> {HKLM...CLSID} = "RUShellExt Class"                   \InProcServer32\(Default) = "D:\Revo Uninstaller\Revo Uninstaller Pro\RUExt.dll" ["VS Revo Group"]"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"  -> {HKLM...CLSID} = "Desktop Explorer"                   \InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"  -> {HKLM...CLSID} = (no title provided)                   \InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"  -> {HKLM...CLSID} = "nView Desktop Context Menu"                   \InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"  -> {HKLM...CLSID} = "DesktopContext Class"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"  -> {HKLM...CLSID} = "NVIDIA CPL Extension"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"  -> {HKLM...CLSID} = (no title provided)                   \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office14\msohevi.dll" [MS]"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"  -> {HKLM...CLSID} = "Microsoft Office Metadata Handler"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll" [MS]"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"  -> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll" [MS]"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Outlook Desktop Icon Handler"  -> {HKLM...CLSID} = "Microsoft Outlook"                   \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL" [MS]"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"  -> {HKLM...CLSID} = "Outlook File Icon Extension"                   \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL" [MS]HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\<<!>> text/xml\CLSID = "{807573E5-5146-11D5-A672-00B0D022E945}"  -> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL" [MS]HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\<<!>> ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}"  -> {HKLM...CLSID} = "HxProtocol Class"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll" [MS]HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"  -> {HKLM...CLSID} = "7-Zip Shell Extension"                   \InProcServer32\(Default) = "D:\7-Zip\7-zip.dll" ["Igor Pavlov"]ESET Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"  -> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"                   \InProcServer32\(Default) = "D:\Eset\Zainstalowane\shellExt.dll" ["ESET"]MagicISO\(Default) = "{DB85C504-C730-49DD-BEC1-7B39C6103B7A}"  -> {HKLM...CLSID} = "MShellExtMenu Class"                   \InProcServer32\(Default) = "D:\MagicISO\misosh.dll" ["MagicISO, Inc."]TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"  -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"                   \InProcServer32\(Default) = "D:\TubeUpUtilities2010\SDShelEx-win32.dll" ["TuneUp Software"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "D:\Win Rar\rarext.dll" ["Alexander Roshal"]


Użytkownik Katarina edytował ten post 09 09 2010 - 13:39

  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 06 09 2010 - 15:11

W logach nie widać żadnej infekcji.
.

  • 0

#3 lukaszcba1989

lukaszcba1989

    Nowy

  • 4 postów

Napisano 06 09 2010 - 15:14

Ewentualnie mógłbyś powiedzieć co mogę usunąć, co jest zbędne ?
  • 0

#4 Saletra

Saletra

    Zaawansowany użytkownik

  • 937 postów

Napisano 06 09 2010 - 15:29

Skonkretyzuj. Wirusów nie ma, a zbędne programy to chyba te, których nie używasz.

#5 lukaszcba1989

lukaszcba1989

    Nowy

  • 4 postów

Napisano 06 09 2010 - 16:04

Chodzi mi o zbędne wpisy, które mógłbym usunąć jeśli takowe są. Przemku :plus:
  • 0

#6 Saletra

Saletra

    Zaawansowany użytkownik

  • 937 postów

Napisano 06 09 2010 - 16:08

Na pewno są, ale to nie ma wpływu na wydajność komputera ani stabilność. Panuje tylko taki mit.
Jeśli koniecznie chcesz to użyj jv16powertools, bardzo dobry program.

#7 lukaszcba1989

lukaszcba1989

    Nowy

  • 4 postów

Napisano 06 09 2010 - 16:25

wiem wiem uzywam :plus: oprócz niego jeszcze tune up utilities 2010 i advanced system care pro. oki dzieki za pomoc :plus:

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·