Skocz do zawartości


Zdjęcie

Logi - Ścinanie komputera

Rozpoczęty przez timmy , 29 06 2010 18:22

  • Zamknięty Temat jest zamknięty
4 odpowiedzi w tym temacie

#1 timmy

timmy

    Zaawansowany użytkownik

  • 624 postów

Napisano 29 06 2010 - 18:22

witam. czy to mozliwe ze mialem semprona 3000+ wszystko fajnie chodzilo a teraz mam athlon x2 3600+ na 2.11ghz i gry sie bardziej scinaja ? zainstalowalem stery od AMD i nie pomoglo ;/ LOGI 





OTL logfile created on: 2010-06-29 18:30:42 - Run 1OTL by OldTimer - Version 3.2.7.0     Folder = E:\Programy do skanowania kompaWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free3,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 29,29 Gb Total Space | 2,87 Gb Free Space | 9,79% Space Free | Partition Type: NTFSDrive D: | 97,65 Gb Total Space | 10,66 Gb Free Space | 10,91% Space Free | Partition Type: NTFSDrive E: | 105,93 Gb Total Space | 25,48 Gb Free Space | 24,05% Space Free | Partition Type: NTFSDrive F: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDFG: Drive not present or media not loadedDrive H: | 74,52 Gb Total Space | 4,35 Gb Free Space | 5,84% Space Free | Partition Type: NTFSDrive I: | 7,81 Mb Total Space | 5,34 Mb Free Space | 68,29% Space Free | Partition Type: NTFS Computer Name: XPR8COMPCurrent User Name: ADMINLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-06-29 18:27:22 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\Programy do skanowania kompa\OTL.exePRC - [2010-06-23 14:56:14 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2010-06-18 12:04:50 | 001,368,064 | ---- | M] (Lsyr) -- E:\Program Files\Silkroad\Butterfly Wizard.exePRC - [2010-06-16 17:07:30 | 000,314,584 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exePRC - [2010-06-16 17:07:24 | 000,802,520 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exePRC - [2010-06-01 20:23:09 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exePRC - [2010-05-10 17:59:57 | 000,024,064 | ---- | M] () -- E:\ET\etmin.exePRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exePRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exePRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exePRC - [2010-01-11 14:10:22 | 000,660,992 | ---- | M] () -- E:\QQdaili_2.1\qqdaili.exePRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exePRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exePRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exePRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exePRC - [2009-07-21 13:50:58 | 001,478,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2008-11-12 16:10:46 | 000,846,336 | ---- | M] () -- E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\Pb\pbsetup.exePRC - [2008-04-13 14:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exePRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exePRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exePRC - [2004-07-27 17:01:36 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exePRC - [2003-12-22 17:36:14 | 000,581,632 | ---- | M] () -- C:\Program Files\VentriloMIX\Ventrilo 2.1.4.exe  ========== Modules (SafeList) ========== MOD - [2010-06-29 18:27:22 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\Programy do skanowania kompa\OTL.exeMOD - [2009-07-16 23:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx  ========== Win32 Services (SafeList) ========== SRV - [2010-06-16 17:07:30 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)SRV - [2009-03-20 15:56:57 | 000,357,182 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\reset.exe -- (.EsetTrialReset)SRV - [2007-11-30 13:18:51 | 000,026,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)  ========== Driver Services (SafeList) ========== DRV - [2010-06-16 17:07:38 | 001,132,760 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)DRV - [2010-06-01 11:35:28 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)DRV - [2010-05-27 19:37:06 | 004,830,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)DRV - [2010-05-23 15:51:19 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)DRV - [2010-03-30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)DRV - [2009-12-31 16:44:04 | 000,010,588 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mpfilt.sys -- (mpfilt)DRV - [2009-10-06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)DRV - [2009-10-06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)DRV - [2009-10-06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)DRV - [2009-10-06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)DRV - [2009-07-16 23:33:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3132r5.sys -- (Si3132r5)DRV - [2009-07-16 23:33:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3531.sys -- (Si3531)DRV - [2009-07-16 23:33:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5)DRV - [2009-07-16 23:33:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2009-07-16 23:33:00 | 000,125,952 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ulsata2.sys -- (ulsata2)DRV - [2009-07-16 23:33:00 | 000,084,320 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (Jraid)DRV - [2009-07-16 23:33:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3132.sys -- (Si3132)DRV - [2009-07-16 23:33:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3124.sys -- (Si3124)DRV - [2009-07-16 23:33:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)DRV - [2008-04-14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)DRV - [2008-04-13 22:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)DRV - [2007-07-04 16:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD)DRV - [2006-05-10 11:33:00 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)DRV - [2006-01-05 14:38:44 | 000,010,960 | ---- | M] (Bo Brantén) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\filedisk.sys -- (FileDisk)DRV - [2005-05-12 15:19:14 | 000,007,680 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)DRV - [2005-05-12 15:12:24 | 000,029,696 | R--- | M] (JMicron) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JAHCI.sys -- (JAHCI)DRV - [2005-05-03 17:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\agpkx.sys -- (uliagpkx)DRV - [2005-03-22 20:36:40 | 000,028,672 | ---- | M] (ULi Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULILAN51.SYS -- (ULI5261XP)DRV - [2004-12-01 10:49:18 | 000,051,840 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\m5289.sys -- (m5289)DRV - [2004-08-02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)DRV - [2004-02-24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)DRV - [2003-10-08 13:14:38 | 000,051,712 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RT2400.sys -- (RT2400)DRV - [2002-12-04 14:38:26 | 000,011,144 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) DSC Still Image Capture (CA100)DRV - [2002-10-21 11:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av)DRV - [2001-08-17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)DRV - [2001-08-17 20:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ==========  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blankIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search"FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="FF - prefs.js..browser.search.selectedEngine: "Google"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="  FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-06-01 20:23:39 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-28 22:34:06 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-25 14:41:59 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-05-30 15:04:57 | 000,000,000 | ---D | M] [2010-05-23 15:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Extensions[2010-06-28 22:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\zmrnu2ym.default\extensions[2010-06-01 20:13:28 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\zmrnu2ym.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}[2010-05-28 18:28:32 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\zmrnu2ym.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}[2010-06-24 14:28:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\zmrnu2ym.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}[2010-06-01 20:15:26 | 000,001,201 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\zmrnu2ym.default\searchplugins\winamp-search.xml[2010-06-28 22:21:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-06-13 03:24:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}[2009-08-31 14:39:32 | 000,636,408 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPBILLARD8.dll[2010-06-13 03:24:21 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll[2010-05-28 15:45:46 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2010-05-28 15:45:46 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-05-28 15:45:46 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-05-28 15:45:46 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-05-28 15:45:46 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-05-28 15:45:46 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-01-27 00:09:40 | 000,000,906 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: 127.0.0.1 serial.alcohol-soft.comO1 - Hosts: 127.0.0.1 www.alcohol-soft.comO1 - Hosts: 127.0.0.1 images.alcohol-soft.comO1 - Hosts: 127.0.0.1 trial.alcohol-soft.comO1 - Hosts: 127.0.0.1 alcohol-soft.comO2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)O4 - HKLM..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe (ALi Corporation)O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [cFosTASKTR] C:\WINDOWS\BOX_cFosTASK.exe ()O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig.lnk = C:\WINDOWS\system32\RaConfig.exe (Ralink Technology, Corp.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Vista Drive Icon.lnk = C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\gamelsp.dll (Copyright (C) GameCap)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\gamelsp.dll (Copyright (C) GameCap)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\gamelsp.dll (Copyright (C) GameCap)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\gamelsp.dll (Copyright (C) GameCap)O13 - gopher Prefix: missingO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)O24 - Desktop Components:0 (Bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2010-05-23 15:11:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2010-03-16 11:40:06 | 000,000,000 | ---D | M] - D:\AutoMapa_6.2.0_EU -- [ NTFS ]O32 - AutoRun File - [2009-07-28 05:01:18 | 000,000,052 | R--- | M] () - F:\Autorun.inf -- [ UDF ]O32 - AutoRun File - [2008-05-10 16:34:51 | 000,000,040 | ---- | M] () - H:\Autorun.inf -- [ NTFS ]O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Start.exe -- [2008-05-10 16:25:42 | 000,367,104 | ---- | M] ()O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO34 - HKLM BootExecute: (pgdfgsvc C 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-06-29 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2010-06-29 17:27:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\dxdiag[2010-06-29 17:13:40 | 000,020,968 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz133_x32.sys[2010-06-29 17:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID[2010-06-29 17:01:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood[2010-06-29 16:21:45 | 000,043,520 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AmdK8.sys[2010-06-28 22:33:24 | 001,132,760 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys[2010-06-28 22:33:23 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll[2010-06-28 22:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed[2010-06-28 22:22:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy[2010-06-28 12:20:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files[2010-06-28 09:40:49 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache[2010-06-27 16:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced PDF to IMAGE converter[2010-06-27 16:53:39 | 002,909,188 | ---- | C] (IntraPDF                                                    ) -- C:\Documents and Settings\ADMIN\Pulpit\intrapdf_pdf2jpeg_setup.exe[2010-06-27 16:42:37 | 000,000,000 | ---D | C] -- C:\omniformat[2010-06-25 20:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\Secret Service-The Very Best of[2010-06-25 18:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\The Twins -2005- Live In Sweden (CD)[2010-06-25 18:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\programy z pena[2010-06-25 14:54:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\teamspeak2[2010-06-24 20:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Moje dokumenty\BusinessCardsMX templates[2010-06-24 20:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\MOJOSOFT[2010-06-24 19:51:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\Wizytówki[2010-06-24 19:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\mojosoft[2010-06-24 16:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\SEGA Rally[2010-06-24 16:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Moje dokumenty\SEGA Rally[2010-06-24 16:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\InstallShield[2010-06-24 15:26:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ADMIN\IECompatCache[2010-06-23 07:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\do kompa filipka[2010-06-20 13:47:33 | 000,000,000 | ---D | C] -- C:\cabs[2010-06-20 10:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync[2010-06-19 09:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\programy do mp3[2010-06-18 19:08:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ADMIN\Pulpit\TAXI[2010-06-18 15:32:06 | 000,145,920 | ---- | C] (MyDigit.cn) -- C:\Documents and Settings\ADMIN\Pulpit\ChipGenius.exe[2010-06-18 11:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys[2010-06-17 16:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\foxconn[2010-06-16 17:51:57 | 000,380,928 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\RaConfig.exe[2010-06-16 17:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Help[2010-06-16 17:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Help[2010-06-14 12:01:29 | 000,000,000 | ---D | C] -- C:\Nowy folder[2010-06-14 08:20:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\tekken 3 for pc[2010-06-13 11:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Ventrilo[2010-06-13 11:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\VentriloMIX[2010-06-13 03:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\ALLPlayer[2010-06-13 03:37:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\XnView[2010-06-13 03:32:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun[2010-06-13 03:24:28 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll[2010-06-13 03:18:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll[2010-06-13 03:18:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll[2010-06-13 03:18:32 | 000,102,400 | ---- | C] (Copyright (C) GameCap) -- C:\WINDOWS\System32\gamelsp.dll[2010-06-13 01:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Garena[2010-06-12 19:44:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\CID Generator[2010-06-12 10:36:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF[2010-06-10 11:20:59 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll[2010-06-10 11:20:59 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll[2010-06-10 11:20:59 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll[2010-06-10 11:20:59 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll[2010-06-10 11:20:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll[2010-06-10 11:20:58 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll[2010-06-10 11:20:58 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll[2010-06-10 11:20:58 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll[2010-06-10 10:06:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss[2010-06-10 10:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google[2010-06-09 10:41:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ADMIN\Recent[2010-06-07 12:22:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\allegro[2010-06-05 14:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\Goombay Dance Band[2010-06-05 12:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\maszyny[2010-06-04 20:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\die flipers[2010-06-04 20:08:03 | 005,689,344 | ---- | C] (Gabest) -- C:\Documents and Settings\ADMIN\Pulpit\mplayerc.exe[2010-06-04 11:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\sXe Injected[2010-06-03 17:37:12 | 000,028,672 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\5289_Devi86.exe[2010-06-03 17:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\ULI5289[2010-06-03 17:37:04 | 000,051,840 | ---- | C] (ULi Electronics Inc.) -- C:\WINDOWS\System32\drivers\m5289.sys[2010-06-03 12:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\Clatronic CTV262DK,CTV8148KN,CTV8208BP[2010-06-03 07:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Temp[2010-06-02 13:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady[2010-06-02 13:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla[2010-06-02 13:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\ipla[2010-06-02 13:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\ipla[2010-06-02 13:35:16 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll[2010-06-02 13:35:16 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll[2010-06-01 20:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\RayV[2010-06-01 20:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Real[2010-06-01 20:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared[2010-06-01 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Real[2010-06-01 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real[2010-06-01 20:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real[2010-06-01 20:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Real[2010-06-01 20:21:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google[2010-06-01 20:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google[2010-06-01 20:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google[2010-06-01 20:12:30 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe[2010-06-01 20:12:30 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe[2010-06-01 20:12:30 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys[2010-06-01 20:12:30 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys[2010-06-01 20:12:29 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll[2010-06-01 20:12:29 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll[2010-06-01 20:12:29 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll[2010-06-01 20:12:29 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll[2010-06-01 20:12:29 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll[2010-06-01 20:12:29 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll[2010-06-01 20:12:29 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll[2010-06-01 20:12:29 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe[2010-06-01 20:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp[2010-06-01 20:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Winamp[2010-06-01 20:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\RayV[2010-06-01 20:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\Telewizja[2010-06-01 11:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite[2010-06-01 11:34:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\DAEMON Tools Lite[2010-06-01 11:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2010-05-31 22:21:04 | 000,000,000 | ---D | C] -- C:\Tanbee Video to AMV Converter OutPut[2010-05-31 22:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Tanbee[2010-05-31 22:16:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\MP4[2010-05-31 17:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Moje dokumenty\Downloads[2010-05-31 17:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters Inc[2010-05-31 17:07:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\GetRightToGo[2010-05-31 17:02:01 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys[2010-05-31 16:33:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax[2010-05-31 16:32:41 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll[2010-05-31 16:32:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax[2010-05-31 16:32:40 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSH263.DRV[2010-05-31 16:32:40 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax[2010-05-31 16:32:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax[2010-05-31 16:32:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\IYUV_32.DLL[2010-05-31 16:32:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax[2010-05-31 16:20:44 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys[2010-05-31 16:20:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dext533.ax[2010-05-31 16:20:14 | 000,515,803 | ---- | C] (Digital Camera) -- C:\WINDOWS\System32\drivers\Ca533av.sys[2010-05-31 16:20:14 | 000,131,072 | ---- | C] (Sunplus) -- C:\WINDOWS\System32\SP5X_32.DLL[2010-05-31 16:20:14 | 000,131,072 | ---- | C] (Sunplus) -- C:\WINDOWS\System\SP5X_32.DLL[2010-05-31 16:20:14 | 000,011,144 | ---- | C] (USB BULK) -- C:\WINDOWS\System32\drivers\Bulk533.sys[2010-05-31 16:20:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SETUP533[2010-05-31 16:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\MD 40820[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-06-29 18:24:02 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\HijackThis.lnk[2010-06-29 18:17:33 | 000,219,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr[2010-06-29 18:03:22 | 000,138,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys[2010-06-29 17:27:51 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1177238915-1801674531-500.job[2010-06-29 17:27:51 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1177238915-1801674531-500.job[2010-06-29 17:13:41 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk[2010-06-29 17:03:04 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-06-29 17:01:32 | 018,940,416 | ---- | M] () -- C:\XLiveRedist1.1.0324.msi[2010-06-29 16:28:32 | 000,502,646 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-06-29 16:28:32 | 000,442,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-06-29 16:28:32 | 000,089,504 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-06-29 16:28:32 | 000,071,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-06-29 16:28:32 | 000,004,238 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010-06-29 16:24:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-06-29 16:21:58 | 004,485,120 | ---- | M] () -- C:\Documents and Settings\ADMIN\ntuser.dat[2010-06-29 16:21:58 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\ADMIN\ntuser.ini[2010-06-29 16:21:57 | 010,154,214 | -H-- | M] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\IconCache.db[2010-06-29 16:21:42 | 000,000,222 | RHS- | M] () -- C:\boot.ini[2010-06-29 16:19:53 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-06-28 22:23:31 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol[2010-06-28 09:40:34 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk[2010-06-28 09:40:33 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk[2010-06-28 09:40:26 | 000,000,319 | ---- | M] () -- C:\WINDOWS\game.ini[2010-06-27 16:54:35 | 002,909,188 | ---- | M] (IntraPDF                                                    ) -- C:\Documents and Settings\ADMIN\Pulpit\intrapdf_pdf2jpeg_setup.exe[2010-06-27 16:47:34 | 000,000,071 | ---- | M] () -- C:\WINDOWS\iltwain.ini[2010-06-27 16:20:11 | 001,132,016 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\candy_seria_holiday_goy_txt_pralki_automatyczne_(www.instrukcja.pl).pdf[2010-06-27 16:20:11 | 001,132,016 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\(www.instrukcja.pl).pdf[2010-06-27 10:40:44 | 004,144,685 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Inst_FS_Holiday181E.pdf[2010-06-26 11:35:56 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Wolfenstein - Enemy Territory.lnk[2010-06-25 19:37:50 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\michael_cretu_-_samurai.htm[2010-06-25 18:53:29 | 115,773,602 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\The_Twins_-2005-_Live_In_Sweden__CD_.rar[2010-06-24 20:09:51 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\BusinessCardsMX3.lnk[2010-06-24 19:22:00 | 000,487,169 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\10021.bcw[2010-06-24 18:30:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Butterfly Wizard.lnk[2010-06-23 14:51:26 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\żěżě´úŔí  QQdaili 2.0.lnk[2010-06-22 23:21:12 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\sXe Injected.lnk[2010-06-22 21:29:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-06-20 11:08:40 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\$_hpcst$.hpc[2010-06-18 20:30:11 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER[2010-06-18 15:32:17 | 000,056,791 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Chips.wdb[2010-06-18 15:31:57 | 000,135,704 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\ChipGenius v3.0 (2010-03-18).rar[2010-06-18 11:53:24 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\EVEREST Ultimate Edition.lnk[2010-06-16 17:52:00 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig.lnk[2010-06-16 17:07:38 | 001,132,760 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys[2010-06-16 17:07:34 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll[2010-06-16 15:25:05 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Ventrilo 2.1.4.lnk[2010-06-16 15:07:10 | 000,009,240 | ---- | M] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2010-06-16 15:06:18 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2010-06-16 09:33:51 | 001,042,991 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\datasheet.pdf[2010-06-16 09:28:22 | 000,050,693 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\BC_BC327.pdf[2010-06-16 09:17:35 | 001,674,737 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Skytronic TV2120,2140.pdf[2010-06-14 19:18:32 | 000,731,258 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\daewoo_ch.cp-330.pdf[2010-06-14 13:07:43 | 000,181,838 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\zgloszenie.pdf[2010-06-14 11:58:18 | 115,276,626 | ---- | M] () -- C:\maszyny.rar[2010-06-13 12:58:56 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\silkroad.lnk[2010-06-13 03:50:16 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\ALLPlayer V4.4.lnk[2010-06-13 03:24:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll[2010-06-13 03:24:20 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe[2010-06-13 03:24:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe[2010-06-13 03:24:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe[2010-06-13 03:24:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl[2010-06-13 02:52:22 | 000,000,260 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\gammacfg.ini[2010-06-13 01:57:57 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\GarenaM4ST3R.lnk[2010-06-10 16:06:15 | 000,000,620 | ---- | M] () -- C:\WINDOWS\win.ini[2010-06-10 16:06:15 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2010-06-08 21:57:19 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Auslogics BoostSpeed.lnk[2010-06-05 13:40:51 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Nero_Express_9.lnk[2010-06-04 16:18:41 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Counter Strike 1.6 Non Steam.lnk[2010-06-04 10:34:33 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\sxeinjectedsetup.9.0_www.przeklej.pl.exe.sha[2010-06-03 17:36:45 | 000,004,161 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini[2010-06-03 17:17:27 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk[2010-06-02 13:36:03 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk[2010-06-02 13:35:16 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll[2010-06-02 13:35:16 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll[2010-06-02 10:56:58 | 001,587,266 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\TA8659AN.pdf[2010-06-02 04:55:30 | 000,527,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll[2010-06-02 04:55:30 | 000,239,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll[2010-06-02 04:55:30 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll[2010-06-01 20:27:26 | 000,001,118 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PL-IPTV.lnk[2010-06-01 20:23:39 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\RealPlayer SP.lnk[2010-06-01 20:23:35 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll[2010-06-01 20:23:32 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll[2010-06-01 20:23:32 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll[2010-06-01 20:23:10 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll[2010-06-01 20:23:09 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll[2010-06-01 20:23:09 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll[2010-06-01 20:13:34 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk[2010-06-01 11:35:30 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk[2010-06-01 11:35:28 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys[2010-05-31 22:19:42 | 000,001,043 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Tanbee Video to AMV Converter.lnk[2010-05-31 16:20:19 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MD 40820.lnk[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-06-29 18:24:02 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\HijackThis.lnk[2010-06-29 17:13:41 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk[2010-06-29 17:00:24 | 018,940,416 | ---- | C] () -- C:\XLiveRedist1.1.0324.msi[2010-06-28 22:23:31 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol[2010-06-28 09:40:33 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk[2010-06-28 09:40:33 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk[2010-06-28 09:40:26 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini[2010-06-27 16:47:34 | 000,000,071 | ---- | C] () -- C:\WINDOWS\iltwain.ini[2010-06-27 16:43:58 | 001,132,016 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\(www.instrukcja.pl).pdf[2010-06-27 16:20:08 | 001,132,016 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\candy_seria_holiday_goy_txt_pralki_automatyczne_(www.instrukcja.pl).pdf[2010-06-27 10:40:33 | 004,144,685 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Inst_FS_Holiday181E.pdf[2010-06-26 11:35:56 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Wolfenstein - Enemy Territory.lnk[2010-06-25 19:37:49 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\michael_cretu_-_samurai.htm[2010-06-25 18:56:21 | 000,001,304 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\E.B.M. Old School.url[2010-06-25 18:38:22 | 115,773,602 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\The_Twins_-2005-_Live_In_Sweden__CD_.rar[2010-06-24 20:09:51 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\BusinessCardsMX3.lnk[2010-06-24 19:21:59 | 000,487,169 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\10021.bcw[2010-06-24 18:30:38 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Butterfly Wizard.lnk[2010-06-20 11:08:40 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\$_hpcst$.hpc[2010-06-18 15:32:08 | 000,056,791 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Chips.wdb[2010-06-18 15:31:56 | 000,135,704 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\ChipGenius v3.0 (2010-03-18).rar[2010-06-18 11:53:24 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\EVEREST Ultimate Edition.lnk[2010-06-16 17:52:00 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig.lnk[2010-06-16 17:51:57 | 000,010,227 | ---- | C] () -- C:\WINDOWS\System32\RaConfig.hlp[2010-06-16 15:25:05 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Ventrilo 2.1.4.lnk[2010-06-16 09:33:48 | 001,042,991 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\datasheet.pdf[2010-06-16 09:28:21 | 000,050,693 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\BC_BC327.pdf[2010-06-16 09:17:27 | 001,674,737 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Skytronic TV2120,2140.pdf[2010-06-14 19:18:30 | 000,731,258 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\daewoo_ch.cp-330.pdf[2010-06-14 11:54:07 | 115,276,626 | ---- | C] () -- C:\maszyny.rar[2010-06-13 12:58:56 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\silkroad.lnk[2010-06-13 03:50:16 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\ALLPlayer V4.4.lnk[2010-06-13 03:19:30 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls[2010-06-13 03:19:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls[2010-06-13 03:19:29 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls[2010-06-13 03:19:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls[2010-06-13 03:19:29 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls[2010-06-13 03:19:29 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls[2010-06-13 03:19:29 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls[2010-06-13 03:19:29 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls[2010-06-13 03:19:29 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls[2010-06-13 03:19:27 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls[2010-06-13 03:19:27 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls[2010-06-13 03:19:27 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls[2010-06-13 03:19:27 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls[2010-06-13 03:19:27 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls[2010-06-13 03:19:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls[2010-06-13 03:19:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls[2010-06-13 03:19:27 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls[2010-06-13 03:18:25 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\żěżě´úŔí  QQdaili 2.0.lnk[2010-06-13 01:57:57 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\GarenaM4ST3R.lnk[2010-06-12 14:56:22 | 000,181,838 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\zgloszenie.pdf[2010-06-08 21:57:19 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Auslogics BoostSpeed.lnk[2010-06-06 12:53:20 | 000,000,260 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\gammacfg.ini[2010-06-05 13:40:50 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Nero_Express_9.lnk[2010-06-05 10:26:22 | 000,191,488 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\GammaAdjuster.exe[2010-06-04 11:05:23 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\sXe Injected.lnk[2010-06-04 11:03:44 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Counter Strike 1.6 Non Steam.lnk[2010-06-04 10:34:33 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\sxeinjectedsetup.9.0_www.przeklej.pl.exe.sha[2010-06-03 17:37:04 | 000,007,948 | ---- | C] () -- C:\WINDOWS\System32\drivers\m5289.cat[2010-06-03 17:17:35 | 000,000,110 | ---- | C] () -- C:\Documents and Settings\ADMIN\Moje dokumenty\ax_files.xml[2010-06-03 16:59:09 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk[2010-06-02 13:36:03 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk[2010-06-02 10:56:56 | 001,587,266 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\TA8659AN.pdf[2010-06-01 20:23:41 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1177238915-1801674531-500.job[2010-06-01 20:23:41 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1177238915-1801674531-500.job[2010-06-01 20:23:39 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\RealPlayer SP.lnk[2010-06-01 20:13:34 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk[2010-06-01 20:10:02 | 000,001,118 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PL-IPTV.lnk[2010-06-01 11:35:30 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk[2010-06-01 11:35:27 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2010-05-31 22:19:42 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Tanbee Video to AMV Converter.lnk[2010-05-31 16:20:19 | 000,000,509 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MD 40820.lnk[2010-05-31 16:20:14 | 000,014,606 | ---- | C] () -- C:\WINDOWS\USB_CAM.ini[2010-05-31 16:20:14 | 000,001,833 | ---- | C] () -- C:\WINDOWS\ca533a.ini[2010-05-31 16:20:14 | 000,001,078 | ---- | C] () -- C:\WINDOWS\System32\WASTE.ICO[2010-05-31 16:20:14 | 000,000,163 | ---- | C] () -- C:\WINDOWS\Setup533.ini[2010-05-31 16:20:14 | 000,000,147 | ---- | C] () -- C:\WINDOWS\Setup2k.ini[2010-05-29 16:38:47 | 000,010,588 | ---- | C] () -- C:\WINDOWS\System32\drivers\mpfilt.sys[2010-05-29 08:27:38 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll[2010-05-28 16:11:45 | 000,138,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys[2010-05-23 18:07:43 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys[2010-05-23 18:07:43 | 000,052,214 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys[2010-05-23 15:51:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\install.dll[2010-05-23 15:51:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll[2010-05-23 15:51:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\SmartInstallCfg2.dll[2010-05-23 15:25:47 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll[2010-05-23 15:24:56 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2010-05-23 15:24:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2010-05-23 15:13:07 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2010-05-23 15:13:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini[2010-05-23 15:13:04 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2010-05-23 15:13:04 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2010-05-23 15:13:03 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2010-05-23 15:13:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2010-05-23 15:13:00 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2007-09-12 23:54:48 | 000,141,180 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS[2004-09-16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS< End of report >

OTL Extras logfile created on: 2010-06-29 18:30:42 - Run 1OTL by OldTimer - Version 3.2.7.0     Folder = E:\Programy do skanowania kompaWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free3,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 29,29 Gb Total Space | 2,87 Gb Free Space | 9,79% Space Free | Partition Type: NTFSDrive D: | 97,65 Gb Total Space | 10,66 Gb Free Space | 10,91% Space Free | Partition Type: NTFSDrive E: | 105,93 Gb Total Space | 25,48 Gb Free Space | 24,05% Space Free | Partition Type: NTFSDrive F: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDFG: Drive not present or media not loadedDrive H: | 74,52 Gb Total Space | 4,35 Gb Free Space | 5,84% Space Free | Partition Type: NTFSDrive I: | 7,81 Mb Total Space | 5,34 Mb Free Space | 68,29% Space Free | Partition Type: NTFS Computer Name: XPR8COMPCurrent User Name: ADMINLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Extra Registry (SafeList) ==========  ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*htmlfile [edit] -- Reg Error: Key error.piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusOverride" = 0"FirewallOverride" = 0"AntiVirusDisableNotify" = 1"FirewallDisableNotify" = 1"UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 0"DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)"D:\sbcl marka\SBCL v1.1b.exe" = D:\sbcl marka\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b -- ()"D:\CYFRA\sbcl pawła\SBCL v1.1b.exe" = D:\CYFRA\sbcl pawła\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b -- ()"E:\Program Files\Runes of Magic\Client.exe" = E:\Program Files\Runes of Magic\Client.exe:*:Enabled:Runes of Magic -- File not found"E:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = E:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- ()"E:\Program Files\The All-Seeing Eye\eye.exe" = E:\Program Files\The All-Seeing Eye\eye.exe:*:Enabled:Yahoo! All-Seeing Eye -- (Yahoo! Inc.)"D:\CYFRA\sbcl marka\SBCL v1.1b.exe" = D:\CYFRA\sbcl marka\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b -- ()"C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)"C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV -- (RayV)"C:\Program Files\RayV\RayV\RayV.dll" = C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV -- (RayV)"E:\Program Files\Silkroad\sro_client.exe" = E:\Program Files\Silkroad\sro_client.exe:*:Enabled:sro_client -- ()"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)"E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)  -- ()  ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0928B2C5-0B16-C2FB-7BAE-A25901414687}" = ATI Catalyst Install Manager"{0DD0650C-5113-4FEE-BDDA-AC0B76FD0BD1}" = ULi AGP Driver "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration"{143BE018-D8F8-4014-8CB6-AF63F5799D21}" = ULi LAN Driver"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{25C63E16-5CB9-16E5-A931-8963E5DE8421}" = Catalyst Control Center HydraVision Full"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20"{2C288961-5ABA-3D23-490F-902F9F11D440}" = Catalyst Control Center Graphics Light"{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}" = Microsoft Games for Windows - LIVE Redistributable"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{383D3D87-A730-4334-ABD9-4DBC652FDD67}" = SEGA Rally"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch"{432968D5-88FE-44B9-9168-B2806A9668E9}" = ULi M5289 SATA  Driver"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4F73512F-90DF-4BF2-FCF9-0E5C83996136}" = ccc-core-preinstall"{50C8A402-EA97-4EBE-8BAD-C7A19310BA46}" = MD 40820"{56D1E9E5-204A-E468-DAC1-644C9CB2DC65}" = Catalyst Control Center Core Implementation"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed"{7600B3FE-F267-D350-3BA1-9E6874B8E536}" = ccc-utility"{81D8048B-5900-526C-4443-8290C5D76759}" = CCC Help English"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{9198A23F-C33C-4907-9715-96DE7D4AF27D}" = RT2400 Wireless LAN Card"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{AC50CB60-7D5A-5953-6A38-496E08B9433C}" = Catalyst Control Center Graphics Full Existing"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver"{C56C4023-6B2E-7F8A-C72F-655089BFEA81}" = Catalyst Control Center Graphics Previews Common"{C75C6783-CD7D-AF45-43B4-2885A3948318}" = Catalyst Control Center Graphics Full New"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{E08612D5-B4F9-6E99-0598-03888ABAEF98}" = ccc-core-static"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0"{FAE13EBB-C140-415A-8491-3520F649B005}" = MP3 Player Product Tools 4.22"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem  (10/05/2009 4.2)"46D650DC11A19D8E1347F194E1244412C0FAFCF1" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor  (04/28/2006 1.3.1.0)"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem  (06/01/2009 7.01.0.4)"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"Adobe Shockwave Player" = Adobe Shockwave Player 11.5"Advanced PDF to IMAGE converter_is1" = Advanced PDF to IMAGE converter 1.9.9.34"ALLPlayer_is1" = ALLPlayer V4.X"BusinessCardsMX3_is1" = BusinessCardsMX 3.99"cFosSpeed" = cFosSpeed v5.13"Counter-Strike 1.6 V40.1" = Counter-Strike 1.6 V40.1"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02"Foxit Reader" = Foxit Reader"Gadu-Gadu" = Gadu-Gadu 7.7"Gadu-Gadu 10" = Gadu-Gadu 10"Garena" = Garena 2010"HijackThis" = HijackThis 2.0.2"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)"ipla" = ipla 2.1.4"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.5"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)"Nokia PC Suite" = Nokia PC Suite"RayV" = RayV"RealPlayer 12.0" = RealPlayer"RESIDENT EVIL 5_is1" = RESIDENT EVIL 5 v1.0"sXe Injected" = sXe Injected"Tanbee Video to AMV Converter" = Tanbee Video to AMV Converter 3.8.90"Vista Drive Icon" = Vista Drive Icon 1.4"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7"Winamp" = Winamp"Windows Media Format Runtime" = Windows Media Format 11 runtime"WinRAR archiver" = WinRAR archiver"WMFDist11" = Windows Media Format 11 runtime"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7"XnView_is1" = XnView 1.92"żěżě´úŔí_is1" = QQdaili_2.1 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 2006-01-26 19:38:39 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3012Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy   proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru   wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter  to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2006-01-26 19:38:39 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3011Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2010-06-29 10:20:28 | Computer Name = XPR8COMP | Source = WmiAdapter | ID = 4099Description = Otwarcie usługi nie powiodło się. Error - 2010-06-29 10:21:52 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3012Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy   proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru   wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter  to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-29 10:21:52 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3012Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy   proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru   wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter  to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-29 10:21:52 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3011Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). Error - 2010-06-29 10:24:37 | Computer Name = XPR8COMP | Source = WmiAdapter | ID = 4099Description = Otwarcie usługi nie powiodło się. Error - 2010-06-29 10:28:29 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3012Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy   proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru   wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter  to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-29 10:28:29 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3012Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy   proces Performance dostawcę licznika rozszerzeń. Wartość BaseIndex z rejestru   wydajności to pierwszy wpis DWORD w sekcji danych (Data, wartość LastCounter  to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-29 10:28:29 | Computer Name = XPR8COMP | Source = LoadPerf | ID = 3011Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data). [ System Events ]Error - 2010-06-25 15:50:17 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:22 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:27 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:32 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:37 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:42 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:47 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-25 15:50:52 | Computer Name = XPR8COMP | Source = Disk | ID = 262155Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D. Error - 2010-06-29 11:07:19 | Computer Name = XPR8COMP | Source = sr | ID = 1Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC000007F' podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume5'. W rezultacie zostało zatrzymane monitorowanie woluminu. Error - 2010-06-29 12:17:53 | Computer Name = XPR8COMP | Source = sr | ID = 1Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC000007F' podczas przetwarzania pliku 'desktop.ini' w woluminie 'HarddiskVolume5'. W rezultacie zostało zatrzymane monitorowanie woluminu.  < End of report >

"Silent Runners.vbs", revision 61, http://www.silentrunners.org/Operating System: Windows XP SP3Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}"Gadu-Gadu 10" = ""C:\Program Files\Gadu-Gadu 10\gg.exe"" ["GG Network S.A."]"ALLUpdate" = ""C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"" [empty string]"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]"PC Suite Tray" = ""C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray" ["Nokia"]"AlcoholAutomount" = ""C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount" ["Alcohol Soft Development Team"]"DAEMON Tools Lite" = ""C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun" ["DT Soft Ltd"]"H/PC Connection Agent" = ""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"DrvIcon" = "C:\Program Files\Vista Drive Icon\DrvIcon.exe" ["artArmin"]"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]"StartCCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun" ["Advanced Micro Devices, Inc."]"ATICustomerCare" = ""C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"" ["Advanced Micro Devices, Inc."]"egui" = ""C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice" ["ESET"]"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot" ["RealNetworks, Inc."]"ALi5289" = "C:\Program Files\ULI5289\ALi5289.exe" ["ALi Corporation"]"SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."]"cFosTASKTR" = "C:\WINDOWS\BOX_cFosTASK.exe" [null data]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)  -> {HKLM...CLSID} = "RealPlayer Download and Record Plugin for Internet Explorer"                   \InProcServer32\(Default) = "C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll" ["RealPlayer"]{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"                   \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"  -> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"                   \InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\(Default) = "IEPluginBHO"  -> {HKLM...CLSID} = "IEPluginBHO Class"                   \InProcServer32\(Default) = "C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll" ["GG Network S.A."]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"                   \InProcServer32\(Default) = "deskpan.dll" [file not found]"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"  -> {HKLM...CLSID} = "History Band"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\SHDOCVW.DLL" [MS]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "Nokia Phone Browser"  -> {HKLM...CLSID} = "Nokia Phone Browser"                   \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"  -> {HKLM...CLSID} = "SimpleShlExt Class"                   \InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll" ["Advanced Micro Devices, Inc."]"{872A9397-E0D6-4e28-B64D-52B8D0A7EA35}" = "Display CPL Extension"  -> {HKLM...CLSID} = "DisplayCplExt Class"                   \InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll" ["Advanced Micro Devices, Inc."]"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "ESET Smart Security - Context Menu Shell Extension"  -> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"                   \InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"  -> {HKLM...CLSID} = "RealOne Player Context Menu Class"                   \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]"{49BF5420-FA7F-11cf-8011-00A0C90A8F78}" = "Mobile Device"  -> {HKLM...CLSID} = "Urządzenie przenośne"                   \InProcServer32\(Default) = "C:\PROGRA~1\Microsoft ActiveSync\Wcesview.dll" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"  -> {HKLM...CLSID} = "WPDShServiceObj Class"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\<<!>> "AppInit_DLLs" = "*`*hb****h" (unwritable string) [file not found]HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\<<!>> "BootExecute" = "autocheck autochk *"|"pgdfgsvc C 1" ["Sysinternals - www.sysinternals.com"]HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ESET Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"  -> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"                   \InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Nokia\(Default) = "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}"  -> {HKLM...CLSID} = "Nokia Phone Browser"                   \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ACE\(Default) = "{5E2121EE-0300-11D4-8D3B-444553540000}"  -> {HKLM...CLSID} = "SimpleShlExt Class"                   \InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll" ["Advanced Micro Devices, Inc."]HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ESET Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"  -> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"                   \InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]Group Policies {GPedit.msc branch and setting}:-----------------------------------------------Note: detected settings may not have any effect.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\"NoChangingWallPaper" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Control Panel|Display|Prevent changing wallpaper}HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoSMMyPictures" = (REG_DWORD) dword:0x00000001{User Configuration|Administrative Templates|Start Menu and Taskbar|Remove My Pictures icon from Start Menu}"NoSMConfigurePrograms" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoSMHelp" = (REG_DWORD) dword:0x00000001{User Configuration|Administrative Templates|Start Menu and Taskbar|Remove Help menu from Start Menu}"NoRecentDocsMenu" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoSMBalloonTip" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoSaveSettings" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Desktop|Don't save settings at exit}"NoRecentDocsHistory" = (REG_DWORD) dword:0x00000001{unrecognized setting}"CDRAutoRun" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoLowDiskSpaceChecks" = (REG_DWORD) dword:0x00000001{unrecognized setting}"MemCheckBoxInRunDlg" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoClose" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Start Menu and Taskbar|Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands}"NoAutoTrayNotify" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoResolveTrack" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoResolveSearch" = (REG_DWORD) dword:0x00000001{unrecognized setting}"LinkResolveIgnoreLinkInfo" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoStartBanner" = (REG_BINARY) hex:01 00 00 00{Remove "Click here to begin" from Start button}"NoWelcomeScreen" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoRecentDocsNetHood" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoDesktopCleanupWizard" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoSharedDocuments" = (REG_DWORD) dword:0x00000001{User Configuration|Administrative Templates|Windows Components|Windows Explorer|Remove Shared Documents from My Computer}"NoThemesTab" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoRemoteRecursiveEvents" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoStrCmpLogical" = (REG_DWORD) dword:0x00000001{unrecognized setting}"NoClose" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"NoDispAppearancePage" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoColorChoice" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoDispBackgroundPage" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Control Panel|Display|Hide Desktop tab}"NoDispCPL" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Control Panel|Display|Remove Display in Control Panel}"NoDispSettingsPage" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|Control Panel|Display|Hide Settings tab}"NoDispScrSavPage" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoVisualStyleChoice" = (REG_DWORD) dword:0x00000000{unrecognized setting}"NoSizeChoice" = (REG_DWORD) dword:0x00000000{unrecognized setting}HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\"NoUpdateCheck" = (REG_DWORD) dword:0x00000001{unrecognized setting}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\"NoInternetOpenWith" = (REG_DWORD) dword:0x00000001{unrecognized setting}"DisableStatusMessages" = (REG_DWORD) dword:0x00000001{unrecognized setting}"VerboseStatus" = (REG_DWORD) dword:0x00000000{unrecognized setting}"RunStartupScriptSync" = (REG_DWORD) dword:0x00000000{unrecognized setting}"SynchronousMachineGroupPolicy" = (REG_DWORD) dword:0x00000000{unrecognized setting}"SynchronousUserGroupPolicy" = (REG_DWORD) dword:0x00000000{unrecognized setting}Active Desktop and Wallpaper:-----------------------------Active Desktop may be disabled at this entry:HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellStateDisplayed if Active Desktop enabled and wallpaper not set by Group Policy:HKCU\Software\Microsoft\Internet Explorer\Desktop\General\"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Displayed if Active Desktop disabled and wallpaper not set by Group Policy:HKCU\Control Panel\Desktop\"Wallpaper" = "C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Windows Portable Device AutoPlay Handlers-----------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\AlcoholAutoPlayV2.BurnDisc\"Provider" = "Alcohol 120%""InvokeProgID" = "AlcoholAutoPlayV2""InvokeVerb" = "BurnDisc"HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\BurnDisc\command\(Default) = ""C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]AlcoholAutoPlayV2.ReadDisc\"Provider" = "Alcohol 120%""InvokeProgID" = "AlcoholAutoPlayV2""InvokeVerb" = "ReadDisc"HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\ReadDisc\command\(Default) = ""C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]MPCPlayCDAudioOnArrival\"Provider" = "Media Player Classic""InvokeProgID" = "MediaPlayerClassic.Autorun""InvokeVerb" = "PlayCDAudio"HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = ""C:\Program Files\<a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a>\Media Player Classic\mplayerc.exe" %1 /cd" ["mpc-hc@Sourceforge"]MPCPlayDVDMovieOnArrival\"Provider" = "Media Player Classic""InvokeProgID" = "MediaPlayerClassic.Autorun""InvokeVerb" = "PlayDVDMovie"HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = ""C:\Program Files\<a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a>\Media Player Classic\mplayerc.exe" %1 /dvd" ["mpc-hc@Sourceforge"]MPCPlayMusicFilesOnArrival\"Provider" = "Media Player Classic""InvokeProgID" = "MediaPlayerClassic.Autorun""InvokeVerb" = "PlayMusicFiles"HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = ""C:\Program Files\<a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a>\Media Player Classic\mplayerc.exe" %1" ["mpc-hc@Sourceforge"]MPCPlayVideoFilesOnArrival\"Provider" = "Media Player Classic""InvokeProgID" = "MediaPlayerClassic.Autorun""InvokeVerb" = "PlayVideoFiles"HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = ""C:\Program Files\<a href="http://www.download.net.pl/105/K-Lite-Codec-Pack/">K-Lite Codec Pack</a>\Media Player Classic\mplayerc.exe" %1" ["mpc-hc@Sourceforge"]MSPlayCDAudioOnArrival\"Provider" = "ALLPlayer""InvokeProgID" = "AllPlayerFile""InvokeVerb" = "play"HKCU\Software\Classes\AllPlayerFile\shell\play\command\(Default) = ""C:\Program Files\ALLPlayer\ALLPlayer.exe" "%1"" ["ALLPlayer"]MSWPDShellNamespaceHandler\"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501""CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}""InitCmdLine" = " "  -> {HKLM...CLSID} = "WPDShextAutoplay"                   \LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]RPCDBurningOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.CDBurn.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]RPDeviceOnArrival\"Provider" = "RealPlayer""ProgID" = "RealPlayer.HWEventHandler"HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = "{67E76F1D-BDE2-4052-913C-2752366192D2}"  -> {HKLM...CLSID} = "RealNetworks Scheduler"                   \LocalServer32\(Default) = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -autoplay" ["RealNetworks, Inc."]RPDVDBurningOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.DVDBurn.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burndvd "%1"" ["RealNetworks, Inc."]RPPlayCDAudioOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.AudioCD.6""InvokeVerb" = "play"HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe"  /play %1 " ["RealNetworks, Inc."]RPPlayDVDMovieOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.DVD.6""InvokeVerb" = "play"HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe"  /dvd %1 " ["RealNetworks, Inc."]RPPlayMediaOnArrival\"Provider" = "RealPlayer""InvokeProgID" = "RealPlayer.AutoPlay.6""InvokeVerb" = "open"HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]WinampMTPHandler\"Provider" = "Winamp""ProgID" = "Shell.HWEventHandlerShellExecute""InitCmdLine" = "C:\Program Files\Winamp\winamp.exe"HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"  -> {HKLM...CLSID} = "ShellExecute HW Event Handler"                   \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]WinampPlayMediaOnArrival\"Provider" = "Winamp""InvokeProgID" = "Winamp.File""InvokeVerb" = "Play"HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\command\(Default) = ""C:\Program Files\Winamp\winamp.exe" "%1"" ["Nullsoft, Inc."]HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\DropTarget\CLSID = "{46986115-84D6-459c-8F95-52DD653E532E}"  -> {HKLM...CLSID} = (no title provided)                   \LocalServer32\(Default) = ""C:\Program Files\Winamp\winamp.exe"" ["Nullsoft, Inc."]DESKTOP.INI DLL launch in local fixed drive directories:--------------------------------------------------------C:\WINDOWS\Offline Web Pages\DESKTOP.INI[.ShellClassInfo]CLSID={F5175861-2688-11d0-9C5E-00AA00A45957}  -> {HKLM...CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\webcheck.dll" [MS]Startup items in "ADMIN" & "All Users" startup folders:-------------------------------------------------------C:\Documents and Settings\All Users\Menu Start\Programy\Autostart"RaConfig" -> shortcut to: "C:\WINDOWS\system32\RaConfig.exe" ["Ralink Technology, Corp."]"Vista Drive Icon" -> shortcut to: "C:\Program Files\Vista Drive Icon\DrvIcon.exe" ["artArmin"]Enabled Scheduled Tasks:------------------------"RealUpgradeLogonTaskS-1-5-21-343818398-1177238915-1801674531-500" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]"RealUpgradeScheduledTaskS-1-5-21-343818398-1177238915-1801674531-500" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]Transport Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:C:\WINDOWS\system32\gamelsp.dll ["Copyright (C) GameCap"], 01 - 03, 09%SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 10 - 17%SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08Toolbars, Explorer Bars, Extensions:------------------------------------Extensions (Tools menu items, main toolbar menu buttons)HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\"ButtonText" = "Create Mobile Favorite""CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}"  -> {HKLM...CLSID} = "Create Mobile Favorite"                   \InProcServer32\(Default) = "C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll" [MS]{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\"MenuText" = "Utwórz Ulubione dla urządzenia przenośnego...""CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}"  -> {HKLM...CLSID} = "Create Mobile Favorite"                   \InProcServer32\(Default) = "C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll" [MS]{E2E2DD38-D088-4134-82B7-F2BA38496583}\"MenuText" = "@xpsp3res.dll,-20001""Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]Miscellaneous IE Hijack Points------------------------------HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\<<H>> "DesktopItemNavigationFailure" = "res://shdoclc.dll/navcancl.htm" [MS]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]cFosSpeed System Service, cFosSpeedS, ""C:\Program Files\cFosSpeed\spd.exe" -service" ["cFos Software GmbH"]ESET Service, ekrn, ""C:\Program Files\ESET\ESET Smart Security\ekrn.exe"" ["ESET"]Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]PnkBstrA, PnkBstrA, "C:\WINDOWS\system32\PnkBstrA.exe" [null data]PnkBstrB, PnkBstrB, "C:\WINDOWS\system32\PnkBstrB.exe" [null data]ServiceLayer, ServiceLayer, ""C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"" ["Nokia"]StarWind AE Service, StarWindServiceAE, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe" ["StarWind Software"]Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]}---------- (launch time: 2010-06-29 18:32:31)<<!>>: Suspicious data at a malware launch point.<<H>>: Suspicious data at a browser hijack point.+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds,  launch it from a command prompt or a shortcut with the -all parameter.+ The search for DESKTOP.INI DLL launch points on all local fixed drives  took 35 seconds.---------- (total run time: 103 seconds)


Użytkownik Katarina edytował ten post 19 07 2010 - 22:20

  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 29 06 2010 - 19:10

O32 - AutoRun File - [2008-05-10 16:34:51 | 000,000,040 | ---- | M] () - H:\Autorun.inf -- [ NTFS ]

W logach nie widać żadnej infekcji.
Jest co prawda plik "autorun.inf", ale to raczej nie jest plik infekcji, bo nie ma żadnego atrybutu ochronnego, a zwłaszcza atrybutu "H".
Tak więc uznaję, że jest czysto.
.

  • 0

#3 Danys18

Danys18

    Początkujący

  • 108 postów

Napisano 05 07 2010 - 13:34

Nie widziałem potrzeby zakładania nowego tematu. Dziś rano włączyłem menadżer zadań (włączona była tylko safari z forum), a tam 100% miałem użycie procka, później pulpit (migały ikony), tak jakby ktoś cały czas go odświeżał (miałem juz tak, otworzyłem byle jaki folder i przestało, a teraz nie, dopiero po resecie było wszystko ok). Proszę o sprawdzenie logów.

OTL
OTL logfile created on: 2010-07-05 13:05:33 - Run 2OTL by OldTimer - Version 3.2.7.0     Folder = D:\Daniel\otlWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 447,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 29,00% Memory free1,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File freePaging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 9,77 Gb Total Space | 0,30 Gb Free Space | 3,07% Space Free | Partition Type: NTFSDrive D: | 17,73 Gb Total Space | 7,12 Gb Free Space | 40,16% Space Free | Partition Type: NTFSDrive E: | 9,77 Gb Total Space | 9,49 Gb Free Space | 97,18% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: MAGDA-2DF307AE9Current User Name: MadziaLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-06-28 14:09:43 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Daniel\otl\OTL.exePRC - [2010-04-28 13:45:50 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exePRC - [2008-12-20 14:52:55 | 001,451,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exePRC - [2008-10-24 20:51:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exePRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2006-03-28 15:48:54 | 000,622,592 | R--- | M] () -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exePRC - [2005-09-03 15:18:30 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exePRC - [2003-10-30 14:10:20 | 000,667,648 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exePRC - [2003-10-30 14:09:36 | 000,249,856 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe  ========== Modules (SafeList) ========== MOD - [2010-06-28 14:09:43 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Daniel\otl\OTL.exeMOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx  ========== Win32 Services (SafeList) ========== SRV - [2008-10-24 20:56:30 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)SRV - [2008-10-24 20:51:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)  ========== Driver Services (SafeList) ========== DRV - [2010-06-28 12:00:50 | 000,223,440 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)DRV - [2010-05-21 16:21:10 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)DRV - [2008-10-24 20:53:28 | 000,034,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)DRV - [2008-10-24 20:46:24 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)DRV - [2008-10-24 20:45:32 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)DRV - [2008-04-14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)DRV - [2004-10-15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)DRV - [2003-10-29 21:36:36 | 000,011,264 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)DRV - [2003-10-29 20:54:58 | 000,427,776 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)DRV - [2003-07-18 03:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)DRV - [2002-07-10 17:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ram.net.pl/IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0   O1 HOSTS File: ([2010-04-12 21:16:11 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: 127.0.0.1 mpa.one.microsoft.comO2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not foundO3 - HKLM\..\Toolbar: (SYSTRAN Web Translator 5.0 ) - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll (SYSTRAN)O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe ()O4 - HKLM..\Run: [Cmaudio]  File not foundO4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)O4 - HKLM..\Run: [NWEReboot]  File not foundO4 - HKLM..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)O4 - HKCU..\Run: [fsm]  File not foundO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll ()O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2010-04-10 10:34:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-05 09:39:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Madzia\Recent[2010-07-02 22:23:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun[2010-06-30 13:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Apple Computer[2010-06-30 13:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Dane aplikacji\Apple Computer[2010-06-30 13:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Safari[2010-06-30 13:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer[2010-06-30 13:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple[2010-06-30 13:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\Apple[2010-06-30 13:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update[2010-06-30 13:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple[2010-06-28 12:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Dane aplikacji\TrueCrypt[2010-06-28 12:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TrueCrypt[2010-06-28 12:00:50 | 000,223,440 | ---- | C] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys[2010-06-28 12:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt[2010-06-24 15:06:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData[2010-06-18 13:45:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Madzia\Moje dokumenty\Downloads[2010-06-15 14:50:35 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll[2010-06-15 14:50:35 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui[2010-06-14 20:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-07-05 13:01:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job[2010-07-05 12:54:20 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2010-07-05 12:54:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-07-05 12:53:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-07-05 12:51:18 | 006,385,836 | -H-- | M] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\IconCache.db[2010-07-05 12:27:36 | 000,034,248 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat[2010-07-05 12:14:34 | 000,204,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2010-07-05 10:04:28 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Madzia\NTUSER.DAT[2010-07-05 10:04:28 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Madzia\ntuser.ini[2010-07-04 20:51:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-07-04 20:44:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-07-04 20:11:56 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\Madzia\default.pls[2010-07-02 22:16:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll[2010-07-02 22:11:56 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini[2010-07-01 21:48:14 | 000,397,356 | ---- | M] () -- C:\Documents and Settings\Madzia\Moje dokumenty\katalog2010.zip.download[2010-06-30 13:28:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2010-06-28 12:00:50 | 000,223,440 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys[2010-06-27 22:02:54 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\Madzia\Moje dokumenty\spider.sav[2010-06-27 11:16:05 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Patch.bak[2010-06-25 21:30:58 | 000,043,080 | ---- | M] () -- C:\Documents and Settings\Madzia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2010-06-23 18:28:03 | 000,000,594 | ---- | M] () -- C:\WINDOWS\win.ini[2010-06-22 23:42:33 | 000,145,589 | ---- | M] () -- C:\Documents and Settings\Madzia\Pulpit\wydrukowac.pdf[2010-06-07 12:37:36 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-07-04 20:11:25 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Madzia\Moje dokumenty\Track01.cda[2010-07-01 21:48:07 | 000,397,356 | ---- | C] () -- C:\Documents and Settings\Madzia\Moje dokumenty\katalog2010.zip.download[2010-06-30 13:30:53 | 000,034,248 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat[2010-06-30 13:28:03 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2010-06-27 22:02:54 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\Madzia\Moje dokumenty\spider.sav[2010-06-27 11:16:05 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Patch.bak[2010-06-22 23:42:32 | 000,145,589 | ---- | C] () -- C:\Documents and Settings\Madzia\Pulpit\wydrukowac.pdf[2010-06-07 12:37:35 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk[2010-05-21 16:21:09 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2010-05-18 16:55:31 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI[2010-05-15 17:07:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2010-05-01 11:26:40 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI[2010-04-15 18:34:34 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI[2010-04-15 18:34:34 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI[2010-04-15 18:32:03 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll[2010-04-15 18:30:06 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini[2010-04-12 21:19:18 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll[2010-04-12 20:41:29 | 000,102,622 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini[2010-04-11 18:24:51 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2010-04-10 10:45:35 | 000,127,681 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini[2010-04-10 10:44:04 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI[2010-04-10 10:44:04 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI[2010-04-10 10:44:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini[2010-04-10 10:44:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll[2010-04-10 10:43:56 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll[2010-04-10 10:43:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL[2010-04-10 10:42:40 | 000,002,562 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2010-04-10 10:42:39 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2008-10-24 20:53:28 | 000,034,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI[2002-03-04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll< End of report >

Extras
OTL Extras logfile created on: 2010-06-28 14:28:16 - Run 1OTL by OldTimer - Version 3.2.7.0     Folder = D:\DanielWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 447,00 Mb Total Physical Memory | 160,00 Mb Available Physical Memory | 36,00% Memory free1,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File freePaging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 9,77 Gb Total Space | 0,40 Gb Free Space | 4,12% Space Free | Partition Type: NTFSDrive D: | 17,73 Gb Total Space | 10,19 Gb Free Space | 57,49% Space Free | Partition Type: NTFSDrive E: | 9,77 Gb Total Space | 9,47 Gb Free Space | 96,99% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: MAGDA-2DF307AE9Current User Name: MadziaLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Extra Registry (SafeList) ==========  ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*htmlfile [edit] -- Reg Error: Key error.http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)scrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DoNotAllowExceptions" = 0"DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)"C:\Program Files\Free Download Manager\fdmwi.exe" = C:\Program Files\Free Download Manager\fdmwi.exe:*:Enabled:fdmwi -- ()"C:\Program Files\Free Download Manager\fdm.exe" = C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager -- (FreeDownloadManager.ORG)"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- File not found"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)  ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium"{70312451-0D00-4A84-B9B1-0D59B5180A4F}" = Opera 10.53"{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8CC5833C-418A-40BB-9B16-D8F26B606BF5}" = ESET NOD32 Antivirus"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003"{901C0415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime"{90260415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components"{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite"{E0B38894-0E4D-4AE1-B17E-CFBC3692E86A}" = SYSTRAN Web Translator 5.0"Adobe Acrobat 5.0" = Adobe Acrobat 5.0"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)"CCleaner" = CCleaner"C-Media Audio" = C-Media 3D Audio"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20"Extra Page 2.1_is1" = Extra Page 2.1"Ford Racing 2" = Ford Racing 2"FormatFactory" = FormatFactory 2.30"Free Download Manager_is1" = Free Download Manager 3.0"Gadu-Gadu 10" = Gadu-Gadu 10"HD Tune_is1" = HD Tune 2.55"RealAlt_is1" = <a href="http://www.download.net.pl/107/Real-Alternative/">Real Alternative</a> 2.0.2"SiS 661FX_760_741_M661FX_M760_M741" = SiS 661FX_760_741_M661FX_M760_M741"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver"Software Informer_is1" = Software Informer 1.0 BETA"Tibia_is1" = Tibia"TMIPC" = Tibia MULTI-ip changer"TrueCrypt" = TrueCrypt"uTorrent" = µTorrent"VLC media player" = VLC media player 1.0.3"WinRAR archiver" = Archiwizator WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ]Error - 2010-06-10 14:11:33 | Computer Name = MAGDA-2DF307AE9 | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca gg.exe, wersja 10.0.0.10784, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-06-11 04:56:05 | Computer Name = MAGDA-2DF307AE9 | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca opera.exe, wersja 10.53.3374.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-06-11 04:56:08 | Computer Name = MAGDA-2DF307AE9 | Source = Application Hang | ID = 1002Description = Aplikacja zawieszająca opera.exe, wersja 10.53.3374.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-06-12 11:15:06 | Computer Name = MAGDA-2DF307AE9 | Source = MsiInstaller | ID = 11706Description = Produkt: Microsoft Office Professional Edition 2003 -- Błąd 1706. Instalator nie może odnaleźć wymaganych plików. Sprawdź połączenie z siecią lub stację dysków CD-ROM. Inne potencjalne rozwiązania tego problemu można znaleźć w C:\Program Files\Microsoft Office\OFFICE11\1045\SETUP.CHM. Error - 2010-06-13 17:14:16 | Computer Name = MAGDA-2DF307AE9 | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł powodujący błąd browseui.dll, wersja 6.0.2900.5969, adres błędu 0x00004005. Error - 2010-06-13 17:14:29 | Computer Name = MAGDA-2DF307AE9 | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd drwtsn32.exe, wersja 5.1.2600.0, moduł powodujący błąd dbghelp.dll, wersja 5.1.2600.5512, adres błędu 0x0001295d. Error - 2010-06-20 15:11:03 | Computer Name = MAGDA-2DF307AE9 | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0198d7c4. Error - 2010-06-21 03:55:42 | Computer Name = MAGDA-2DF307AE9 | Source = MsiInstaller | ID = 11719Description = Produkt: Microsoft Office Professional Edition 2003 -- Błąd 1719. Nie można uzyskać dostępu do usługi Instalatora Windows. Może się to zdarzyć, jeśli system Windows działa w trybie awaryjnym lub jeśli Instalator Windows nie jest poprawnie zainstalowany. Skontaktuj się z personelem pomocy technicznej. Error - 2010-06-21 03:55:42 | Computer Name = MAGDA-2DF307AE9 | Source = MsiInstaller | ID = 1024Description = Produkt: Microsoft Office Professional Edition 2003 - nie można zainstalować aktualizacji 'Security Update for PowerPoint 2003 (KB982157): POWERPNT'. Kod błędu 1603. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error - 2010-06-22 08:38:09 | Computer Name = MAGDA-2DF307AE9 | Source = Application Error | ID = 1000Description = Aplikacja powodująca błąd gta-vc.exe, wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0198d7c4. [ System Events ]Error - 2010-06-25 18:18:33 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%121.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP). Error - 2010-06-26 06:09:14 | Computer Name = MAGDA-2DF307AE9 | Source = W32Time | ID = 39452689Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2010-06-26 06:09:14 | Computer Name = MAGDA-2DF307AE9 | Source = W32Time | ID = 39452701Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.   Przez 14 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego czasu.  Error - 2010-06-26 06:09:14 | Computer Name = MAGDA-2DF307AE9 | Source = W32Time | ID = 39452689Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2010-06-26 06:09:14 | Computer Name = MAGDA-2DF307AE9 | Source = W32Time | ID = 39452701Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.   Przez 15 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego czasu.  Error - 2010-06-26 09:42:27 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%1223.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP). Error - 2010-06-26 11:26:30 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%1223.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP). Error - 2010-06-26 12:09:57 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%121.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP). Error - 2010-06-27 05:04:16 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%121.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP). Error - 2010-06-28 03:49:49 | Computer Name = MAGDA-2DF307AE9 | Source = Dhcp | ID = 1001Description = Komputerowi nie został przypisany adres z sieci (przez serwer  DHCP) dla karty sieciowej o adresie 00304F756286. Wystąpił następujący  błąd:   %%121.  Komputer będzie dalej próbował sam uzyskać adres  z serwera adresów sieciowych (DHCP).  < End of report >

Użytkownik Katarina edytował ten post 19 07 2010 - 22:21

  • 0

#4 djkamil09061991

djkamil09061991

    Nowy

  • 1 postów

Napisano 05 07 2010 - 17:36

wklej w OTL i naciśnij wykonaj skypt:
:OTL
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Cmaudio]  File not found
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKCU..\Run: [fsm]  File not found
[2010-07-05 13:01:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-06-30 13:28:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

:Files
C:\Program Files\Ask.com

:Commands
[emptytemp]
[start explorer]
[Reboot]

Użytkownik djkamil09061991 edytował ten post 05 07 2010 - 17:37

  • 0

#5 Danys18

Danys18

    Początkujący

  • 108 postów

Napisano 08 07 2010 - 14:20

ok dzięki pozdrawiam.

  • 0
Wróć do Bezpieczeństwo (wirusy i trojany)


Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych

  1. Forum Komputerowe Tweaks.pl
  2. Oprogramowanie
  3. Bezpieczeństwo (wirusy i trojany)
  4. Polityka prywatności
  5. Szukaj
  6. Regulamin Forum ·