Skocz do zawartości

poloj

Użytkownicy
  • Postów

    17
  • Dołączył

  • Ostatnia wizyta

Treść opublikowana przez poloj

  1. poloj

    Search.b1

    Dzięki Wielkie !. Problem ustąpił ! Pozdrawiam Gorąco !.
  2. poloj

    Search.b1

    Dzięki za expresową pomoc! Kroki 1 do 4 wykonane. OTL.Txt
  3. poloj

    Search.b1

    Witam! W przeglądarkach firefox oraz ie jako strona startowa pojawia się Search.b1 proszę o pomoc. Extras.Txt OTL.Txt gmer.txt
  4. czyli wystarczy wyczyścić foldery przywracania system ?
  5. Witam! Po pełnym skanowaniu Avastem 5 zostały cztery pliki. załączam printscreen czy to coś niebezpiecznego?
  6. OK! Dzięki jeszcze raz za Wszystko !!! Dla Mnie Jesteś Wielka !!! Pozdrawiam!!!!
  7. Na stronie pl klik sterowniki dobrane automatycznie ze strony nvidia
  8. po egzekucji: ========== PROCESSES ========== All processes killed ========== SERVICES/DRIVERS ========== Service nSvcIp stopped successfully! Service nSvcIp deleted successfully! Service nSvcLog stopped successfully! Service nSvcLog deleted successfully! Service ForcewareWebInterface stopped successfully! Service ForcewareWebInterface deleted successfully! Service StarWindServiceAE stopped successfully! Service StarWindServiceAE deleted successfully! ========== FILES ========== C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2 folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group folder moved successfully. C:\Program Files\NVIDIA Corporation\NetworkAccessManager folder moved successfully. OTL by OldTimer - Version 3.2.17.3 log created on 12072010_185247 Files\Folders moved on Reboot... Registry entries deleted on Reboot... A co do sterowników znalazłem takie coś: Windows XP 32-bit Zawartość pakietu •Ethernet Driver (v73.10) "WHQL" •Network Management Tools (v73.13) "Sedona" •WinXP IDE SataIDE Driver (v10.3.0.30) "WHQL" •WinXP IDE SataRAID Driver (v10.3.0.30) "WHQL" •WinXP RAIDTOOL Application (v10.3.0.30) •SMBus Driver (v4.69) "WHQL" •SMU Driver (v1.71) "WHQL" •Installer (v7.53) Czy mam to zainstalować, czy nie ma takiej potrzeby ?
  9. Aktualne logi: OTL logfile created on: 2010-12-07 16:48:31 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 1,39 Gb Free Space | 8,76% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,66 Gb Free Space | 16,58% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 6,71 Gb Free Space | 21,92% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,26 Gb Free Space | 22,47% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,67 Gb Free Space | 44,99% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,44 Gb Free Space | 23,01% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 7,18 Gb Free Space | 14,40% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010-12-07 16:47:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe PRC - [2010-12-04 09:14:51 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010-11-29 17:42:14 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2010-10-08 14:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2010-09-10 23:41:42 | 001,901,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2010-09-10 23:41:20 | 002,500,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-04-22 05:20:00 | 000,883,200 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe PRC - [2009-11-01 16:18:22 | 000,744,992 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PStrip.exe PRC - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 21:51:30 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-07-13 06:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe ========== Modules (SafeList) ========== MOD - [2010-12-07 16:47:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe MOD - [2010-09-10 23:41:40 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009-12-14 11:12:00 | 000,187,904 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2008-07-09 23:23:30 | 000,021,752 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PShook.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010-11-17 08:37:50 | 000,458,488 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc) SRV - [2010-11-11 14:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010-09-10 23:41:42 | 001,901,056 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0) SRV - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010-09-10 23:40:54 | 000,091,560 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2010-09-10 23:40:52 | 000,239,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2010-09-10 23:40:52 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2010-09-07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-07-02 11:08:32 | 000,384,752 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service) DRV - [2010-04-22 05:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2008-09-03 06:02:58 | 003,300,864 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-07-02 20:38:14 | 000,089,600 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-07-15 03:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip) DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-08-14 07:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-07-01 22:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-04-14 10:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2004-04-14 10:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2004-04-14 10:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2004-04-14 10:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2001-11-08 07:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PowerStrip] c:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan) O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-06-02 16:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-03-24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-12-07 16:47:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-07 07:55:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DAREK\Recent [2010-12-06 20:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Malwarebytes [2010-12-06 19:28:02 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-12-06 19:28:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-12-06 19:28:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-12-06 19:28:02 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-12-06 19:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-12-06 19:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sun [2010-12-06 17:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up [2010-12-06 17:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE [2010-12-05 11:17:02 | 000,000,000 | ---D | C] -- C:\Dziobas Rar Player [2010-12-05 10:57:37 | 005,697,971 | ---- | C] (Kamil Dzióbek ) -- C:\Documents and Settings\DAREK\Moje dokumenty\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe [2010-12-05 08:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-12-04 20:46:20 | 000,000,000 | ---D | C] -- C:\games [2010-12-04 18:13:17 | 000,000,000 | -H-D | C] -- C:\VritualRoot [2010-12-04 18:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2010-12-04 17:57:38 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-12-04 17:57:38 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-12-04 17:57:36 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-12-04 17:57:35 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-12-04 17:57:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-12-04 17:57:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-12-04 17:57:32 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-12-04 17:57:14 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-12-04 17:57:14 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010-12-04 14:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Comodo [2010-12-03 13:32:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-12-03 12:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-12-02 19:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-12-02 19:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-12-02 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Opera [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-12-01 17:18:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-01 17:18:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-01 17:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-12-01 05:33:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Pobieranie [2010-11-30 20:04:38 | 013,350,672 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-29 17:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-11-29 17:40:09 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010-11-29 17:40:09 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-11-29 17:40:09 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-11-29 17:40:09 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-11-29 17:40:09 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-11-29 17:40:09 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010-11-29 17:40:09 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-11-29 17:40:09 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-11-29 17:40:09 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010-11-29 17:40:09 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010-11-29 17:40:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-11-29 17:40:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Winamp [2010-11-28 12:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ABBYY [2010-11-28 12:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 10 [2010-11-28 00:31:28 | 000,048,640 | ---- | C] (Tracker Software Products Ltd.) -- C:\WINDOWS\System32\pxc40pma.dll [2010-11-28 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY PDF Transformer 3.0 [2010-11-28 00:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ABBYY [2010-11-27 22:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ABBYY [2010-11-27 21:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intelligent Converters [2010-11-27 08:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-11-23 17:15:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-11-21 14:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-21 12:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Legacy Charts [2010-11-21 11:48:24 | 000,000,000 | ---D | C] -- C:\Legacy [2010-11-21 11:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-21 10:39:57 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmapi32.ocx [2010-11-20 18:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-11-20 18:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Drive Inspector [2010-11-20 18:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AltrixSoft [2010-11-19 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\BEANZ [2010-11-19 15:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared [2010-11-19 14:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-11-19 14:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2 [2010-11-19 12:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-19 11:55:49 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010-11-19 11:55:49 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010-11-19 11:55:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010-11-19 11:55:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010-11-19 11:55:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010-11-19 11:55:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010-11-19 11:55:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010-11-19 11:55:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010-11-19 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft [2010-11-18 06:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2010-11-18 06:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-18 06:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-11-17 20:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adultpdf [2010-11-15 19:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\skypePM [2010-11-15 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-15 19:54:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-11-15 19:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Skype [2010-11-15 19:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-11-15 19:35:48 | 000,955,784 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-15 19:35:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Biblioteka calibre [2010-11-14 15:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\SavedGames [2010-11-14 15:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-11-14 15:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\lucidity [2010-11-14 11:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bob Came in Pieces [2010-11-14 07:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\RTF TO XML evaluation [2010-11-13 17:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Temp [2010-11-10 06:11:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-11-09 17:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Folderico [2010-11-09 14:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-08-23 18:51:22 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-12-07 16:47:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-07 15:33:21 | 000,002,232 | ---- | M] () -- C:\WINDOWS\System32\nvdb02.adghz [2010-12-07 15:33:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-12-07 15:32:30 | 000,045,668 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2010-12-07 15:32:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-07 07:55:06 | 008,388,608 | -H-- | M] () -- C:\Documents and Settings\DAREK\NTUSER.DAT [2010-12-07 07:55:06 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\DAREK\ntuser.ini [2010-12-07 07:55:01 | 010,678,768 | -H-- | M] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-12-06 19:55:50 | 000,053,802 | ---- | M] () -- C:\Documents and Settings\DAREK\Moje dokumenty\PLAN LEKCJI.xlsx [2010-12-06 19:27:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-12-06 19:27:40 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-12-06 19:27:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-12-06 19:27:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-12-06 19:27:40 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-12-06 19:00:03 | 000,205,540 | ---- | M] () -- C:\Documents and Settings\DAREK\Moje dokumenty\JavaRa.zip [2010-12-05 11:17:04 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Dziobas Rar Player.lnk [2010-12-05 10:58:41 | 005,697,971 | ---- | M] (Kamil Dzióbek ) -- C:\Documents and Settings\DAREK\Moje dokumenty\setupDziobasRarPlayer0.009.52(dobreprogramy.pl).exe [2010-12-04 18:07:18 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Firewall.lnk [2010-12-04 17:57:39 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-12-04 17:57:33 | 000,002,658 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-12-04 15:23:05 | 000,082,400 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2010-12-03 12:19:25 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-03 11:40:04 | 000,000,195 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-03 11:19:41 | 000,069,912 | ---- | M] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-12-03 11:19:09 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-02 19:22:06 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-01 18:30:07 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 05:32:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-11-30 20:05:47 | 013,350,672 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-29 17:40:26 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-28 01:13:34 | 000,001,174 | ---- | M] () -- C:\WINDOWS\APDFPRP.INI [2010-11-27 09:35:21 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-26 12:16:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-11-23 17:15:57 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2010-11-23 17:15:57 | 000,000,413 | RHS- | M] () -- C:\boot.ini [2010-11-23 17:15:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010-11-21 14:48:50 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | M] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:29 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-20 07:10:17 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 14:53:38 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-18 06:34:59 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:35:48 | 000,955,784 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-14 11:41:35 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:38 | 000,102,129 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-10 18:31:34 | 001,115,526 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-11-10 18:31:34 | 000,500,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-10 18:31:34 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-10 18:31:34 | 000,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-10 18:31:34 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-09 17:02:26 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-08 20:58:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman 3 - Hoodlum Havoc.lnk [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-12-06 19:55:50 | 000,053,802 | ---- | C] () -- C:\Documents and Settings\DAREK\Moje dokumenty\PLAN LEKCJI.xlsx [2010-12-06 19:00:03 | 000,205,540 | ---- | C] () -- C:\Documents and Settings\DAREK\Moje dokumenty\JavaRa.zip [2010-12-06 18:19:21 | 000,002,232 | ---- | C] () -- C:\WINDOWS\System32\nvdb02.adghz [2010-12-05 11:17:04 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Dziobas Rar Player.lnk [2010-12-04 18:07:18 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Firewall.lnk [2010-12-04 17:57:39 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-12-04 14:47:11 | 000,082,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2010-12-04 14:24:44 | 000,123,340 | ---- | C] () -- C:\Documents and Settings\DAREK\SystemLook.txt [2010-12-03 12:19:25 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-02 19:22:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-02 17:58:02 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-01 18:30:07 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 07:26:56 | 010,678,768 | -H-- | C] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-12-01 05:33:03 | 000,069,912 | ---- | C] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-12-01 05:32:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-11-29 17:40:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-27 09:34:44 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-21 14:48:50 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | C] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:05 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 10:09:31 | 000,001,174 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI [2010-11-18 06:34:59 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:54:39 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-14 11:41:35 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:32 | 000,102,129 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-09 17:02:26 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-06 18:02:39 | 000,160,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-06 17:53:07 | 000,384,752 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_HDAL_i386.sys [2010-09-17 19:40:35 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-09-17 19:40:33 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-09-17 19:40:33 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-09-17 19:40:33 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-08-01 08:19:56 | 000,000,270 | ---- | C] () -- C:\WINDOWS\game.ini [2010-07-06 19:10:21 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPLK.INI [2010-06-19 15:59:35 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2010-06-14 06:04:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\DAREK\Dane aplikacji\AVSMediaPlayer.m3u [2010-06-14 05:58:49 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-12 08:16:51 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-04 17:30:04 | 000,034,308 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mazuki.dll [2010-06-03 05:07:16 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-06-02 20:28:45 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-06-02 17:54:02 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-06-02 17:50:10 | 000,000,208 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2010-06-02 17:21:55 | 001,115,526 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-06-02 17:21:55 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-06-02 17:21:25 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2010-06-02 17:05:24 | 000,000,276 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2010-06-02 17:05:23 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2010-06-02 17:04:51 | 000,014,144 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-06-02 17:04:35 | 000,013,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-06-02 17:04:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-06-02 17:04:15 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-06-02 16:52:52 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2010-06-02 16:52:51 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2010-06-02 16:43:49 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\DAREK\Dane aplikacji\desktop.ini [2010-06-02 16:39:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2010-06-02 16:36:36 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2010-06-02 16:36:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2010-06-02 16:35:44 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2010-06-02 16:35:41 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-10-26 18:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-26 18:29:36 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2001-10-26 18:29:36 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2001-10-26 18:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-26 18:29:26 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2001-10-26 18:29:26 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2001-10-26 18:28:44 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2001-10-26 18:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-26 18:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-26 17:21:06 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2001-10-26 17:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-26 17:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-26 17:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-26 17:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-26 16:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-26 16:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-26 16:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-26 16:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-26 16:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-26 16:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-26 16:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-08-17 22:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-08-17 22:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-08-17 22:31:54 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2001-08-17 22:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-08-17 22:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-08-17 22:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-08-17 22:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-08-17 22:31:38 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2001-08-17 22:31:38 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2001-08-17 22:31:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2001-08-17 22:31:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2001-08-17 22:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-08-17 20:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-07-22 04:43:48 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2001-07-22 03:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-07-21 23:16:20 | 000,000,507 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-21 23:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll ========== LOP Check ========== [2010-07-14 20:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-11-20 18:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-12-03 14:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-06-18 18:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-09 14:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-06-29 05:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CrystalIdea Software [2010-06-03 07:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-14 12:04:59 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-06-20 06:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor [2010-10-06 16:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-11-18 06:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-14 15:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-07-19 20:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MinigolfAdventures [2010-07-19 09:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Syncrosoft [2010-07-08 06:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-08-15 14:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TreeCardGames [2010-06-13 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-06-13 18:09:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-11-22 18:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-08 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ashampoo [2010-10-27 07:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\BESTplayer [2010-11-19 15:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-06-03 07:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\DAEMON Tools Lite [2010-11-27 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-08-19 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Friday's games [2010-09-02 05:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Gaijin Ent [2010-11-21 13:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-10-05 17:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Groove Games [2010-11-18 06:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-10-12 07:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Katalog CDDVD [2010-11-21 11:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-12-03 12:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-11-21 11:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-01 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ProtectDISC [2010-11-18 06:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-12-02 19:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-08-15 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TreeCardGames [2010-06-13 18:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TuneUp Software [2010-12-07 16:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:38091CBB < End of report > OTL Extras logfile created on: 2010-12-07 16:48:31 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 1,39 Gb Free Space | 8,76% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,66 Gb Free Space | 16,58% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 6,71 Gb Free Space | 21,92% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,26 Gb Free Space | 22,47% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,67 Gb Free Space | 44,99% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,44 Gb Free Space | 23,01% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 7,18 Gb Free Space | 14,40% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server -- (Apache Software Foundation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "I:\calofdutywar\CoDWaWmp.exe" = I:\calofdutywar\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\calofdutywar\CoDWaW.exe" = I:\calofdutywar\CoDWaW.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\SOF\sof3.exe" = I:\SOF\sof3.exe:*:Disabled:sof3 -- File not found "I:\calof 4\iw3mp.exe" = I:\calof 4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- File not found "I:\juarezz\CoJBiBGame_x86.exe" = I:\juarezz\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood -- File not found "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found "I:\The Ball\Binaries\Win32\TheBall.exe" = I:\The Ball\Binaries\Win32\TheBall.exe:*:Disabled:TheBall -- File not found "I:\Call of Duty - Black Ops\BlackOps.exe" = I:\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0 "{00DE25CD-A571-71AA-DD1E-44624D3F3839}" = Catalyst Control Center Localization Russian "{0100A905-A8DD-501B-F188-5EE0949F452E}" = CCC Help Polish "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{057886CB-E3EF-2817-81E0-22C4A42CE498}" = Catalyst Control Center Localization German "{08E30958-B916-F50F-7D1B-2BC7FFCBE3CD}" = Catalyst Control Center Localization Thai "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{14EED1BC-FFF0-B332-5EF3-AE2ECA7DBAB2}" = CCC Help Korean "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1B2CAF41-06B0-C482-CFA3-5FEF0CE3EFB7}" = Catalyst Control Center Localization Korean "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 23 "{27004F1F-150E-10EA-6D9A-477A4D517AE6}" = ccc-core-preinstall "{271E0D08-7010-7924-8483-AFE61B5F932D}" = Catalyst Control Center Localization Chinese Standard "{27A1D594-FEE9-DA8F-DCA6-E25CE1F2CFC7}" = Catalyst Control Center Localization Turkish "{2DD4470C-9070-7D7C-340B-C523CB830213}" = Catalyst Control Center Localization Dutch "{32A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java SE Development Kit 6 Update 22 "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36C6D94F-3E89-A1E2-50B4-EC111EBD8F0E}" = Catalyst Control Center Localization Spanish "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3A46DFF0-5ED9-7933-6934-C25D7C58C149}" = ccc-core-static "{3AD95EBD-0199-F426-3EC8-37356E9F221E}" = CCC Help Turkish "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{4093993B-DCBD-269F-3F25-B19D39F03227}" = Catalyst Control Center Localization Hungarian "{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5 "{41BADB07-B491-E330-3727-7ECF24F3973C}" = CCC Help German "{424D35F1-F86D-9A7C-970A-A3EC69B41EEC}" = Catalyst Control Center Localization Portuguese "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C3CD1BF-3A55-3B11-738C-AEBCC136B99D}" = Catalyst Control Center Localization Italian "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{58F0911C-A70A-5450-AF61-ABA73BC839AF}" = CCC Help Dutch "{5D27AF04-435A-ADA1-A995-DAA23023CD9C}" = CCC Help Swedish "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{61DA7F1D-26B2-06E9-0B0E-D7EC9CA89FF7}" = Catalyst Control Center Graphics Light "{6412075D-F600-6E0C-47B9-E46B2FCD2281}" = CCC Help English "{64823E85-64E8-FD8E-9323-10C9DA3DCBF1}" = Catalyst Control Center Localization French "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6A620E3F-B44C-DC93-6DF3-3C36022FAEC5}" = CCC Help Russian "{70A77127-A231-3515-A98E-3BEDD1EE379B}" = CCC Help Danish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7C672A89-14D2-4A8F-03E5-42D60DEEEA28}" = Catalyst Control Center Localization Greek "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D37906-6BB5-CEA3-3A9E-282BD3D4821A}" = CCC Help Greek "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{87D0CA2B-8F5C-04FD-8B31-45D72B813939}" = Catalyst Control Center Localization Chinese Traditional "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{8CE2C5D1-EAAA-4A12-A25C-4FC5D8D3D2E0}_is1" = Tysiąc Słów 1.1 "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{907453D4-2730-940D-42E7-FB9B22D4AA4F}" = CCC Help Norwegian "{9BAC5D76-82E7-4091-8D54-EEDC32BEBF2A}" = Catalyst Control Center Graphics Full Existing "{9CE57598-9A41-AFCE-AA0C-954D2B11A389}" = Catalyst Control Center Graphics Full New "{9E163B34-C00F-ACEE-EC7C-F8287FA63430}" = CCC Help Finnish "{9F650127-C7C9-A280-23FB-05763FC33871}" = Catalyst Control Center Localization Finnish "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A439BDA6-3E0E-C98B-4E86-620D8215E7BB}" = CCC Help Japanese "{AB9C21BC-3097-438A-9923-EB1F4D90376D}" = Catalyst Control Center Localization Czech "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B63ECF13-D418-E6F0-D5DB-85E0CF6700F4}" = CCC Help French "{B88FDD47-6CF4-FBE9-3864-70CF7E71C3BC}" = Catalyst Control Center Localization Danish "{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C098DAEC-29EF-4A59-B18E-0E950169CA3C}" = Western Australian Time Zone Update "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1506CB6-E0BF-5ED7-EC5C-F70F3E56CDE6}" = CCC Help Chinese Traditional "{C40B0FDC-2503-DEBC-0C1C-4F7200B28347}" = Catalyst Control Center Localization Norwegian "{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF24D929-D3BB-7109-FC9E-447D75FBC0EC}" = Catalyst Control Center Localization Swedish "{D16C2485-137D-8321-EC76-6774711F1A30}" = Catalyst Control Center Core Implementation "{D2773F0B-9751-BA4C-387F-5BD115A260AE}" = Catalyst Control Center Localization Polish "{D371E383-D570-A815-B74B-D2622E43651C}" = Catalyst Control Center Localization Japanese "{D4318DDE-2E5E-6771-C11C-A1667B133993}" = CCC Help Hungarian "{DE017133-018C-61CF-2387-02E15E2ED191}" = CCC Help Portuguese "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E77C5F51-DC43-6D63-27FB-1915944E4302}" = CCC Help Spanish "{ED7E511E-40AF-4A94-6522-7C7B910F6EAF}" = Catalyst Control Center Graphics Previews Common "{EEADF889-D975-0591-9AA0-89EB6E640B8D}" = CCC Help Czech "{F08A5341-216B-00BF-659F-ED88DF844B04}" = CCC Help Chinese Standard "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F58D330D-3D1D-37FE-7591-35EB77EF87D3}" = Skins "{F638C8C3-DFA5-E695-BE3A-971D5D9B5672}" = ccc-utility "{F76A2E6B-4C7F-3FFC-05A7-5368105B20AC}" = CCC Help Italian "{F7B013D0-EF94-B8C5-E95F-63CDD1C4D333}" = CCC Help Thai "{F94644BE-0EF2-481F-9373-79259B942EA8}" = calibre "{FA300000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 3.0 "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP "{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US) "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Ahnenblatt_is1" = Ahnenblatt 2.62 "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4 "Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60 "Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7.01 "ATI Display Driver" = ATI Display Driver "avast5" = avast! Free Antivirus "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.52 "Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Folderico" = Folderico 3.7.2 "Hard Drive Inspector" = Hard Drive Inspector Professional 3.86 build # 389 "ie8" = Windows Internet Explorer 8 "ipla" = ipla 2.2.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "PowerStrip 3 (remove only)" = PowerStrip 3 (remove only) "rayatitray" = Ray Adams ATI Tray Tools "Rayman 2" = Rayman 2 "Rayman 3 - Hoodlum Havoc" = Rayman 3 - Hoodlum Havoc "RealAlt_is1" = Real Alternative 2.0.2 "SubEdit-Player_is1" = SubEdit-Player "Sudoku Up_is1" = Sudoku Up 2010 v4.0 "Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO!" = Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO! "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Tweak UI 2.10" = Tweak UI "Uninstall Tool_is1" = Uninstall Tool "uTorrent" = µTorrent "VueScan" = VueScan "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Advanced PDF Password Recovery" = Advanced PDF Password Recovery "Winamp Detect" = Detektor Winampa ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-07-14 15:38:37 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd golf.wrp.exe, wersja 1.0.0.9, moduł powodujący błąd golf.wrp.exe, wersja 1.0.0.9, adres błędu 0x000786d7. Error - 2010-07-14 15:39:49 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd golf.exe, wersja 1.0.0.9, moduł powodujący błąd golf.exe, wersja 1.0.0.9, adres błędu 0x000786d7. Error - 2010-07-14 15:40:29 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd golf.exe, wersja 1.0.0.9, moduł powodujący błąd golf.exe, wersja 1.0.0.9, adres błędu 0x000786d7. Error - 2010-07-20 15:01:54 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd codwaw.exe, wersja 1.0.0.1, moduł powodujący błąd d3d9.dll, wersja 5.3.2600.5512, adres błędu 0x00039239. Error - 2010-07-21 05:02:28 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd codwaw.exe, wersja 1.0.0.1, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x3c63e834. Error - 2010-07-21 05:39:55 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd codwaw.exe, wersja 1.0.0.1, moduł powodujący błąd d3d9.dll, wersja 5.3.2600.5512, adres błędu 0x00039239. Error - 2010-07-21 10:39:05 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd , wersja 0.0.0.0, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x0042affc. Error - 2010-07-23 10:27:46 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.200.2, moduł powodujący błąd java.dll, wersja 6.0.200.2, adres błędu 0x00005875. Error - 2010-07-29 14:40:03 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd sof3.exe, wersja 0.0.0.0, moduł powodujący błąd cloakntengine.dll, wersja 0.0.0.0, adres błędu 0x0012ad38. Error - 2010-08-05 13:27:53 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd javaw.exe, wersja 6.0.200.2, moduł powodujący błąd java.dll, wersja 6.0.200.2, adres błędu 0x00005875. [ OSession Events ] Error - 2010-11-14 02:50:53 | Computer Name = DAREK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010-12-06 00:55:53 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 Error - 2010-12-06 11:30:00 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%2 Error - 2010-12-06 11:30:00 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 Error - 2010-12-06 13:19:28 | Computer Name = DAREK | Source = Service Control Manager | ID = 7024 Description = Usługa Forceware Web Interface zakończyła działanie; wystąpił specyficzny dla niej błąd 1 (0x1). Error - 2010-12-06 13:19:28 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Java Quick Starter z powodu następującego błędu: %%2 Error - 2010-12-06 13:19:28 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 Error - 2010-12-07 00:55:54 | Computer Name = DAREK | Source = Service Control Manager | ID = 7024 Description = Usługa Forceware Web Interface zakończyła działanie; wystąpił specyficzny dla niej błąd 1 (0x1). Error - 2010-12-07 00:55:54 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 Error - 2010-12-07 10:33:29 | Computer Name = DAREK | Source = Service Control Manager | ID = 7024 Description = Usługa Forceware Web Interface zakończyła działanie; wystąpił specyficzny dla niej błąd 1 (0x1). Error - 2010-12-07 10:33:29 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 < End of report >
  10. Log: Udało mi się odinstalować NVIDIA ForceWare Network Access Manager przy pomocy Windows Install Clean Up
  11. oto raport: SystemLook 04.09.10 by jpshortstuff Log created at 14:24 on 04/12/2010 by DAREK Administrator - Elevation successful ========== filefind ========== Searching for "ISScript*" No files found. ========== dir ========== C:\Program Files\NVIDIA Corporation - Parameters: "(none)" ---Files--- None found. ---Folders--- NetworkAccessManager d------ [16:06 02/06/2010] C:\Program Files\Common Files\InstallShield - Parameters: "(none)" ---Files--- None found. ---Folders--- Driver d------ [13:34 09/11/2010] UpdateService d------ [19:02 19/07/2010] -= EOF =-
  12. Instrukcje 1-3 zrobione. Przy deinstalacji wyświetla się komunikat: 1:The Installscript engine on this machine is older than the version required to run this setup . If available, please install the latest version of ISScript.msi, or contact your support personnel for further assistance.
  13. Problem z podmianą strony usunięty. Były okienka Spybota i Zaznaczyłem nie dopuszczaj zmian. Nie Mogę usunąć NVIDIA ForceWare Network Access Manager.(nie wiem dlaczego) Dziękuję Serdecznie ZA POMOC i Proszę jeszcze o porady jak to dalej uporządkować. Pozdrawiam Gorąco!!!!
  14. i nowy zestaw logów OTL logfile created on: 2010-12-03 11:46:18 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 2,44 Gb Free Space | 15,41% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,88 Gb Free Space | 17,38% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 5,87 Gb Free Space | 19,19% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,33 Gb Free Space | 22,60% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,73 Gb Free Space | 45,11% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,50 Gb Free Space | 23,13% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 6,77 Gb Free Space | 13,59% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010-12-03 11:25:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe PRC - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010-11-29 17:42:14 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2010-11-17 20:57:22 | 003,182,328 | ---- | M] (Altrixsoft) -- C:\Program Files\Hard Drive Inspector\HDInspector.exe PRC - [2010-11-17 08:37:50 | 000,458,488 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe PRC - [2010-08-29 11:24:04 | 000,328,568 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2010-07-12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2010-04-22 05:20:00 | 000,883,200 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe PRC - [2009-11-24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-11-01 16:18:22 | 000,744,992 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PStrip.exe PRC - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-06-02 12:01:10 | 003,251,800 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-07-13 06:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe ========== Modules (SafeList) ========== MOD - [2010-12-03 11:25:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009-12-14 11:12:00 | 000,187,904 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll MOD - [2009-07-11 23:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2008-07-09 23:23:30 | 000,021,752 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PShook.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010-11-17 08:37:50 | 000,458,488 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Running] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc) SRV - [2010-11-11 14:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2009-11-24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0) SRV - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-12-03 11:35:30 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Temp\ASFWHide -- (ASFWHide) DRV - [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010-07-02 11:08:32 | 000,384,752 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service) DRV - [2010-04-22 05:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-24 23:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-24 23:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-24 23:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-24 23:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-24 23:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-24 23:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-09-03 06:02:58 | 003,300,864 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-07-02 20:38:14 | 000,089,600 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-07-15 03:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip) DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-08-14 07:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-07-01 22:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-04-14 10:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2004-04-14 10:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2004-04-14 10:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2004-04-14 10:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2001-11-08 07:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O4 - HKLM..\Run: [Ashampoo FireWall] C:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [bonus.SSR.FR10] C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [GProton] C:\Documents and Settings\All Users\GProton.exe File not found O4 - HKLM..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe (Altrixsoft) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PowerStrip] c:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan) O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ABBYY Screenshot Reader Bonus] File not found O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [sRSHDAudioLab] C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe File not found O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-06-02 16:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-03-24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-12-03 11:25:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-03 11:16:23 | 000,000,000 | ---D | C] -- C:\_OTL [2010-12-03 07:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-12-03 06:59:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DAREK\Recent [2010-12-03 06:48:15 | 098,217,771 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\DAREK\Pulpit\OTLPEStd.exe [2010-12-02 19:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-12-02 19:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-12-02 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Opera [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-12-01 17:18:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-01 17:18:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-01 17:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-12-01 05:33:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Pobieranie [2010-11-30 20:04:38 | 013,350,672 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-29 17:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-11-29 17:40:09 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010-11-29 17:40:09 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-11-29 17:40:09 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-11-29 17:40:09 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-11-29 17:40:09 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-11-29 17:40:09 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010-11-29 17:40:09 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-11-29 17:40:09 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-11-29 17:40:09 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010-11-29 17:40:09 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010-11-29 17:40:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-11-29 17:40:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Winamp [2010-11-28 12:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ABBYY [2010-11-28 12:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 10 [2010-11-28 00:31:28 | 000,048,640 | ---- | C] (Tracker Software Products Ltd.) -- C:\WINDOWS\System32\pxc40pma.dll [2010-11-28 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY PDF Transformer 3.0 [2010-11-28 00:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ABBYY [2010-11-27 22:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ABBYY [2010-11-27 21:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intelligent Converters [2010-11-27 08:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-11-23 17:15:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-11-21 14:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-21 12:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Legacy Charts [2010-11-21 11:48:24 | 000,000,000 | ---D | C] -- C:\Legacy [2010-11-21 11:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-21 10:39:57 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmapi32.ocx [2010-11-20 18:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-11-20 18:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Drive Inspector [2010-11-20 18:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AltrixSoft [2010-11-19 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\BEANZ [2010-11-19 15:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared [2010-11-19 14:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-11-19 14:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2 [2010-11-19 14:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\My eBooks [2010-11-19 12:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-19 11:55:49 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010-11-19 11:55:49 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010-11-19 11:55:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010-11-19 11:55:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010-11-19 11:55:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010-11-19 11:55:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010-11-19 11:55:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010-11-19 11:55:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010-11-19 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft [2010-11-18 06:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2010-11-18 06:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-18 06:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-11-17 20:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adultpdf [2010-11-15 19:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\skypePM [2010-11-15 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-15 19:54:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-11-15 19:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Skype [2010-11-15 19:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-11-15 19:35:48 | 000,955,784 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-15 19:35:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Biblioteka calibre [2010-11-14 15:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\SavedGames [2010-11-14 15:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-11-14 15:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\lucidity [2010-11-14 11:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bob Came in Pieces [2010-11-14 07:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\RTF TO XML evaluation [2010-11-13 17:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Temp [2010-11-10 06:11:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-11-09 17:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Folderico [2010-11-09 14:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-11-06 19:56:40 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\WINDOWS\System32\DfSdkBt.exe [2010-11-06 17:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2010-08-23 18:51:22 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys ========== Files - Modified Within 30 Days ========== [2010-12-03 11:40:04 | 000,000,195 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-03 11:34:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-03 11:34:45 | 000,045,668 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2010-12-03 11:25:32 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-03 11:19:09 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-03 07:05:07 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-03 06:48:18 | 098,217,771 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\DAREK\Pulpit\OTLPEStd.exe [2010-12-03 06:47:22 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\y4sye8py.exe [2010-12-02 19:22:06 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-02 18:56:01 | 003,352,913 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\100%_working_crack.rar [2010-12-02 17:33:00 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\HiJackThis.msi [2010-12-01 18:30:07 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 05:32:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-11-30 20:05:47 | 013,350,672 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-29 17:40:26 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-28 01:13:34 | 000,001,174 | ---- | M] () -- C:\WINDOWS\APDFPRP.INI [2010-11-27 09:35:21 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-26 12:27:04 | 000,114,623 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\pzdr3huc.rar [2010-11-26 12:16:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-11-23 17:15:57 | 000,000,413 | RHS- | M] () -- C:\boot.ini [2010-11-21 14:48:50 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | M] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:29 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-20 07:10:17 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 14:53:38 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-18 06:34:59 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:35:48 | 000,955,784 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-14 15:27:28 | 000,000,463 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Lucidity.lnk [2010-11-14 11:41:35 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:38 | 000,102,129 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-10 18:31:34 | 000,500,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-10 18:31:34 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-10 18:31:34 | 000,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-10 18:31:34 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-09 17:02:26 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-08 20:58:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman 3 - Hoodlum Havoc.lnk ========== Files Created - No Company Name ========== [2010-12-03 07:05:06 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-03 06:47:22 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\y4sye8py.exe [2010-12-02 19:22:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-02 18:56:01 | 003,352,913 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\100%_working_crack.rar [2010-12-02 17:58:02 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-02 17:32:56 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\HiJackThis.msi [2010-12-01 18:30:07 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 05:32:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-11-29 17:40:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-27 09:34:44 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-26 12:27:03 | 000,114,623 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\pzdr3huc.rar [2010-11-21 14:48:50 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | C] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:05 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 10:09:31 | 000,001,174 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI [2010-11-18 06:34:59 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:54:39 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-14 15:27:28 | 000,000,463 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Lucidity.lnk [2010-11-14 11:41:35 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:32 | 000,102,129 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-09 17:02:26 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-06 18:02:39 | 000,160,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-06 17:53:07 | 000,384,752 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_HDAL_i386.sys [2010-09-17 19:40:35 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-09-17 19:40:33 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-09-17 19:40:33 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-08-01 08:19:56 | 000,000,270 | ---- | C] () -- C:\WINDOWS\game.ini [2010-07-06 19:10:21 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPLK.INI [2010-06-19 15:59:35 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2010-06-14 06:04:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\DAREK\Dane aplikacji\AVSMediaPlayer.m3u [2010-06-14 05:58:49 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-12 08:16:51 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-04 17:30:04 | 000,034,308 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mazuki.dll [2010-06-03 05:07:16 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-06-02 20:28:45 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-06-02 17:54:02 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-06-02 17:50:10 | 000,000,208 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2010-06-02 17:21:55 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-06-02 17:05:24 | 000,000,276 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2010-06-02 17:05:23 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2010-06-02 17:04:51 | 000,014,144 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-06-02 17:04:35 | 000,013,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-06-02 17:04:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-06-02 17:04:15 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll ========== LOP Check ========== [2010-07-14 20:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-11-20 18:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-06-18 18:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-09 14:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-06-29 05:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CrystalIdea Software [2010-06-03 07:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-14 12:04:59 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-06-20 06:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor [2010-10-06 16:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-11-18 06:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-14 15:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-07-19 20:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MinigolfAdventures [2010-07-19 09:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Syncrosoft [2010-07-08 06:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-08-15 14:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TreeCardGames [2010-06-13 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-06-13 18:09:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-11-22 18:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-08 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ashampoo [2010-10-27 07:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\BESTplayer [2010-11-19 15:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-06-03 07:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\DAEMON Tools Lite [2010-11-27 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-08-19 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Friday's games [2010-09-02 05:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Gaijin Ent [2010-11-21 13:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-10-05 17:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Groove Games [2010-11-18 06:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-10-12 07:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Katalog CDDVD [2010-11-21 11:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-12-03 07:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-11-21 11:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-01 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ProtectDISC [2010-11-18 06:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-12-02 19:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-08-15 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TreeCardGames [2010-06-13 18:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TuneUp Software [2010-12-03 11:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:38091CBB < End of report > OTL Extras logfile created on: 2010-12-03 11:46:18 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 2,44 Gb Free Space | 15,41% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,88 Gb Free Space | 17,38% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 5,87 Gb Free Space | 19,19% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,33 Gb Free Space | 22,60% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,73 Gb Free Space | 45,11% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,50 Gb Free Space | 23,13% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 6,77 Gb Free Space | 13,59% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server -- (Apache Software Foundation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "I:\calofdutywar\CoDWaWmp.exe" = I:\calofdutywar\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\calofdutywar\CoDWaW.exe" = I:\calofdutywar\CoDWaW.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\SOF\sof3.exe" = I:\SOF\sof3.exe:*:Disabled:sof3 -- File not found "I:\calof 4\iw3mp.exe" = I:\calof 4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- File not found "I:\juarezz\CoJBiBGame_x86.exe" = I:\juarezz\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood -- File not found "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found "I:\The Ball\Binaries\Win32\TheBall.exe" = I:\The Ball\Binaries\Win32\TheBall.exe:*:Disabled:TheBall -- File not found "I:\Call of Duty - Black Ops\BlackOps.exe" = I:\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00DE25CD-A571-71AA-DD1E-44624D3F3839}" = Catalyst Control Center Localization Russian "{0100A905-A8DD-501B-F188-5EE0949F452E}" = CCC Help Polish "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{057886CB-E3EF-2817-81E0-22C4A42CE498}" = Catalyst Control Center Localization German "{08E30958-B916-F50F-7D1B-2BC7FFCBE3CD}" = Catalyst Control Center Localization Thai "{14EED1BC-FFF0-B332-5EF3-AE2ECA7DBAB2}" = CCC Help Korean "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1B2CAF41-06B0-C482-CFA3-5FEF0CE3EFB7}" = Catalyst Control Center Localization Korean "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{27004F1F-150E-10EA-6D9A-477A4D517AE6}" = ccc-core-preinstall "{271E0D08-7010-7924-8483-AFE61B5F932D}" = Catalyst Control Center Localization Chinese Standard "{27A1D594-FEE9-DA8F-DCA6-E25CE1F2CFC7}" = Catalyst Control Center Localization Turkish "{2DD4470C-9070-7D7C-340B-C523CB830213}" = Catalyst Control Center Localization Dutch "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1 "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36C6D94F-3E89-A1E2-50B4-EC111EBD8F0E}" = Catalyst Control Center Localization Spanish "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3A46DFF0-5ED9-7933-6934-C25D7C58C149}" = ccc-core-static "{3AD95EBD-0199-F426-3EC8-37356E9F221E}" = CCC Help Turkish "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{4093993B-DCBD-269F-3F25-B19D39F03227}" = Catalyst Control Center Localization Hungarian "{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5 "{41BADB07-B491-E330-3727-7ECF24F3973C}" = CCC Help German "{424D35F1-F86D-9A7C-970A-A3EC69B41EEC}" = Catalyst Control Center Localization Portuguese "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C3CD1BF-3A55-3B11-738C-AEBCC136B99D}" = Catalyst Control Center Localization Italian "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{58F0911C-A70A-5450-AF61-ABA73BC839AF}" = CCC Help Dutch "{5D27AF04-435A-ADA1-A995-DAA23023CD9C}" = CCC Help Swedish "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{61DA7F1D-26B2-06E9-0B0E-D7EC9CA89FF7}" = Catalyst Control Center Graphics Light "{6412075D-F600-6E0C-47B9-E46B2FCD2281}" = CCC Help English "{64823E85-64E8-FD8E-9323-10C9DA3DCBF1}" = Catalyst Control Center Localization French "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6A620E3F-B44C-DC93-6DF3-3C36022FAEC5}" = CCC Help Russian "{70A77127-A231-3515-A98E-3BEDD1EE379B}" = CCC Help Danish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7C672A89-14D2-4A8F-03E5-42D60DEEEA28}" = Catalyst Control Center Localization Greek "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D37906-6BB5-CEA3-3A9E-282BD3D4821A}" = CCC Help Greek "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{87D0CA2B-8F5C-04FD-8B31-45D72B813939}" = Catalyst Control Center Localization Chinese Traditional "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{8CE2C5D1-EAAA-4A12-A25C-4FC5D8D3D2E0}_is1" = Tysiąc Słów 1.1 "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{907453D4-2730-940D-42E7-FB9B22D4AA4F}" = CCC Help Norwegian "{9BAC5D76-82E7-4091-8D54-EEDC32BEBF2A}" = Catalyst Control Center Graphics Full Existing "{9CE57598-9A41-AFCE-AA0C-954D2B11A389}" = Catalyst Control Center Graphics Full New "{9E163B34-C00F-ACEE-EC7C-F8287FA63430}" = CCC Help Finnish "{9F650127-C7C9-A280-23FB-05763FC33871}" = Catalyst Control Center Localization Finnish "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A439BDA6-3E0E-C98B-4E86-620D8215E7BB}" = CCC Help Japanese "{AB9C21BC-3097-438A-9923-EB1F4D90376D}" = Catalyst Control Center Localization Czech "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B63ECF13-D418-E6F0-D5DB-85E0CF6700F4}" = CCC Help French "{B88FDD47-6CF4-FBE9-3864-70CF7E71C3BC}" = Catalyst Control Center Localization Danish "{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C098DAEC-29EF-4A59-B18E-0E950169CA3C}" = Western Australian Time Zone Update "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1506CB6-E0BF-5ED7-EC5C-F70F3E56CDE6}" = CCC Help Chinese Traditional "{C40B0FDC-2503-DEBC-0C1C-4F7200B28347}" = Catalyst Control Center Localization Norwegian "{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF24D929-D3BB-7109-FC9E-447D75FBC0EC}" = Catalyst Control Center Localization Swedish "{D16C2485-137D-8321-EC76-6774711F1A30}" = Catalyst Control Center Core Implementation "{D2773F0B-9751-BA4C-387F-5BD115A260AE}" = Catalyst Control Center Localization Polish "{D371E383-D570-A815-B74B-D2622E43651C}" = Catalyst Control Center Localization Japanese "{D4318DDE-2E5E-6771-C11C-A1667B133993}" = CCC Help Hungarian "{DE017133-018C-61CF-2387-02E15E2ED191}" = CCC Help Portuguese "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E77C5F51-DC43-6D63-27FB-1915944E4302}" = CCC Help Spanish "{ED7E511E-40AF-4A94-6522-7C7B910F6EAF}" = Catalyst Control Center Graphics Previews Common "{EEADF889-D975-0591-9AA0-89EB6E640B8D}" = CCC Help Czech "{F08A5341-216B-00BF-659F-ED88DF844B04}" = CCC Help Chinese Standard "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F58D330D-3D1D-37FE-7591-35EB77EF87D3}" = Skins "{F638C8C3-DFA5-E695-BE3A-971D5D9B5672}" = ccc-utility "{F76A2E6B-4C7F-3FFC-05A7-5368105B20AC}" = CCC Help Italian "{F7B013D0-EF94-B8C5-E95F-63CDD1C4D333}" = CCC Help Thai "{F94644BE-0EF2-481F-9373-79259B942EA8}" = calibre "{FA300000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 3.0 "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US) "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Ahnenblatt_is1" = Ahnenblatt 2.62 "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4 "Ashampoo FireWall_is1" = Ashampoo FireWall FREE 1.20 "Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60 "Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7.01 "ATI Display Driver" = ATI Display Driver "avast!" = avast! Antivirus "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.51 "Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Folderico" = Folderico 3.7.2 "Hard Drive Inspector" = Hard Drive Inspector Professional 3.86 build # 389 "ie8" = Windows Internet Explorer 8 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "ipla" = ipla 2.2.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Lucidity_is1" = Lucidity "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "PowerStrip 3 (remove only)" = PowerStrip 3 (remove only) "rayatitray" = Ray Adams ATI Tray Tools "Rayman 2" = Rayman 2 "Rayman 3 - Hoodlum Havoc" = Rayman 3 - Hoodlum Havoc "RealAlt_is1" = Real Alternative 2.0.2 "SubEdit-Player_is1" = SubEdit-Player "Sudoku Up_is1" = Sudoku Up 2010 v4.0 "Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO!" = Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO! "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Tweak UI 2.10" = Tweak UI "Uninstall Tool_is1" = Uninstall Tool "uTorrent" = µTorrent "VueScan" = VueScan "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Advanced PDF Password Recovery" = Advanced PDF Password Recovery "Winamp Detect" = Detektor Winampa ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 2010-11-27 19:58:47 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\background_gradientCATJ35T3 failed, 00000005. Error - 2010-11-27 19:59:06 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\background_gradientCAE6J993 failed, 00000005. Error - 2010-11-27 20:00:03 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\ErrorPageTemplateCAUEGJVQ failed, 00000005. Error - 2010-11-27 20:00:44 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\ErrorPageTemplate[4] failed, 00000005. Error - 2010-11-27 20:06:13 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\info_48[2] failed, 00000005. Error - 2010-11-27 20:06:37 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\dnserrordiagoff_webOC[5] failed, 00000005. Error - 2010-11-27 20:08:22 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\ErrorPageTemplateCATJPN7S failed, 00000005. Error - 2010-11-27 20:08:38 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\background_gradientCARV6M8M failed, 00000005. Error - 2010-11-27 20:09:01 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\dnserrordiagoff_webOCCAO9J7NU failed, 00000005. Error - 2010-12-02 17:08:47 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\Lfmac10n4.dll failed, 00000005. [ Application Events ] Error - 2010-06-28 11:48:51 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 11:49:43 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:24:55 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:26:37 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:27:45 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x0001af3a. Error - 2010-06-28 12:30:31 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:31:27 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:51:07 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:52:14 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:52:30 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. [ OSession Events ] Error - 2010-11-14 02:50:53 | Computer Name = DAREK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010-12-03 06:26:04 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:05 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa licencjonowania programu ABBYY PDF Transformer 3.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa Forceware Web Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa MBAMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare user log service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa ForceWare IP service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa HDD Information Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:26:07 | Computer Name = DAREK | Source = Service Control Manager | ID = 7034 Description = Usługa Usługa bramy warstwy aplikacji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-12-03 06:35:13 | Computer Name = DAREK | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi StarWind AE Service z powodu następującego błędu: %%2 < End of report >
  15. dokładnie ta strona to qooqlle log po usuwaniu All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton deleted successfully. C:\Documents and Settings\All Users\GProton.exe moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\searchplugins folder moved successfully. C:\WINDOWS\system32\Lfmac10n4.dll moved successfully. C:\WINDOWS\tasks\ILTACGS.job moved successfully. C:\WINDOWS\system32\crash moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Thumbnail Import\Database folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Thumbnail Import folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Sample\Photos folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Sample\Database folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Sample\Cfg folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\Sample folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\SmartMatching folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\Research folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\Photos folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\Database folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\Cfg folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox\Backup folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage\poxmox folder moved successfully. C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\MyHeritage\Research folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\MyHeritage folder moved successfully. C:\Documents and Settings\DAREK\Dane aplikacji\PriceGong\Data folder moved successfully. C:\Documents and Settings\DAREK\Dane aplikacji\PriceGong folder moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Conduit\Toolbar\Facebook folder moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Conduit\Toolbar folder moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Conduit folder moved successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-1078081533-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry value HKEY_USERS\S-1-5-21-1078081533-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus deleted successfully. Registry value HKEY_USERS\S-1-5-21-1078081533-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SRSHDAudioLab deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: DAREK ->Flash cache emptied: 3796 bytes User: Default User User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: DAREK ->Temp folder emptied: 17625641 bytes ->Temporary Internet Files folder emptied: 77587712 bytes ->Java cache emptied: 3331632 bytes ->Opera cache emptied: 4338360 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 82513 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1210453 bytes %systemroot%\System32 .tmp files removed: 5308452 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 98304 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 105,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12032010_112603 Files\Folders moved on Reboot... C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\page__p__324[1].htm moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\6M8MQJWJ\onet_pl[1].htm moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\6M8MQJWJ\page__gopid__16915[1].txt moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\2139-mozilla-i-ie-zaatakowane-przez-qooqlle[1].txt moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\index[3].php moved successfully. C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. C:\WINDOWS\temp\JETC15C.tmp moved successfully. C:\WINDOWS\temp\JETC40B.tmp moved successfully. C:\WINDOWS\temp\Perflib_Perfdata_7fc.dat moved successfully. Registry entries deleted on Reboot...
  16. Proszę o pomoc jak się pozbyć problemu z podmianą strony startowej w Operze? OTL logfile created on: 2010-12-03 07:21:47 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 1,74 Gb Free Space | 11,02% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,88 Gb Free Space | 17,38% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 4,51 Gb Free Space | 14,73% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,33 Gb Free Space | 22,60% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,73 Gb Free Space | 45,11% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,50 Gb Free Space | 23,13% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 6,77 Gb Free Space | 13,59% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010-12-03 07:20:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe PRC - [2010-12-03 06:48:18 | 098,217,771 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\DAREK\Pulpit\OTLPEStd.exe PRC - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010-11-29 17:42:14 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2010-11-17 20:57:22 | 003,182,328 | ---- | M] (Altrixsoft) -- C:\Program Files\Hard Drive Inspector\HDInspector.exe PRC - [2010-11-17 08:37:50 | 000,458,488 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe PRC - [2010-08-29 11:24:04 | 000,328,568 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2010-07-12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2010-04-22 05:20:00 | 000,883,200 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe PRC - [2010-03-17 11:05:00 | 002,347,520 | ---- | M] (LIGHTNING UK!) -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Temp\7zS5B.tmp\ImgBurn.exe PRC - [2009-11-24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-11-01 16:18:22 | 000,744,992 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PStrip.exe PRC - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-06-02 12:01:10 | 003,251,800 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-12-18 14:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006-07-13 06:12:26 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe ========== Modules (SafeList) ========== MOD - [2010-12-03 07:20:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009-12-14 11:12:00 | 000,187,904 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll MOD - [2009-07-11 23:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2008-07-09 23:23:30 | 000,021,752 | ---- | M] (EnTech Taiwan) -- C:\Program Files\PowerStrip\PShook.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-11-29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010-11-17 08:37:50 | 000,458,488 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Running] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc) SRV - [2010-11-11 14:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2009-11-24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-05-14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0) SRV - [2006-07-13 15:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006-07-13 15:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006-04-03 17:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-12-03 07:00:56 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Temp\ASFWHide -- (ASFWHide) DRV - [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010-07-02 11:08:32 | 000,384,752 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service) DRV - [2010-04-22 05:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009-11-24 23:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-24 23:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-24 23:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-24 23:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-24 23:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-24 23:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-09-03 06:02:58 | 003,300,864 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008-07-02 20:38:14 | 000,089,600 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-07-15 03:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip) DRV - [2007-01-16 02:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2006-08-14 07:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006-07-11 14:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-07-11 14:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-07-01 22:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-03-17 10:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-04-14 10:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2004-04-14 10:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2004-04-14 10:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2004-04-14 10:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2001-11-08 07:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O3 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [Ashampoo FireWall] C:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe () O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [bonus.SSR.FR10] C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [GProton] C:\Documents and Settings\All Users\GProton.exe () O4 - HKLM..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe (Altrixsoft) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PowerStrip] c:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan) O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [ABBYY Screenshot Reader Bonus] File not found O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams) O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [sRSHDAudioLab] C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe File not found O4 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Ashampoo\Ashampoo FireWall FREE\spi.dll () O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-06-02 16:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-03-24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-12-03 07:20:19 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-03 07:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-12-03 06:59:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\DAREK\Recent [2010-12-03 06:48:15 | 098,217,771 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\DAREK\Pulpit\OTLPEStd.exe [2010-12-02 19:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-12-02 19:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ApplicationHistory [2010-12-02 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Opera [2010-12-01 21:05:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-12-01 17:18:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-01 17:18:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-01 17:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-12-01 16:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-12-01 05:33:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Pobieranie [2010-11-30 20:04:38 | 013,350,672 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-30 05:55:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\searchplugins [2010-11-29 17:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010-11-29 17:40:09 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll [2010-11-29 17:40:09 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll [2010-11-29 17:40:09 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll [2010-11-29 17:40:09 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll [2010-11-29 17:40:09 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll [2010-11-29 17:40:09 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll [2010-11-29 17:40:09 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll [2010-11-29 17:40:09 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe [2010-11-29 17:40:09 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe [2010-11-29 17:40:09 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe [2010-11-29 17:40:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [2010-11-29 17:40:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010-11-29 17:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Winamp [2010-11-28 12:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ABBYY [2010-11-28 12:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 10 [2010-11-28 00:31:28 | 000,048,640 | ---- | C] (Tracker Software Products Ltd.) -- C:\WINDOWS\System32\pxc40pma.dll [2010-11-28 00:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY PDF Transformer 3.0 [2010-11-28 00:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ABBYY [2010-11-27 22:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\ABBYY [2010-11-27 21:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intelligent Converters [2010-11-27 08:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-11-23 17:15:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-11-21 14:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ahnenblatt [2010-11-21 14:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-21 12:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-11-21 11:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\Legacy Charts [2010-11-21 11:48:24 | 000,000,000 | ---D | C] -- C:\Legacy [2010-11-21 11:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-21 10:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\MyHeritage [2010-11-21 10:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MyHeritage [2010-11-21 10:39:57 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msmapi32.ocx [2010-11-20 18:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-11-20 18:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Drive Inspector [2010-11-20 18:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AltrixSoft [2010-11-19 19:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\BEANZ [2010-11-19 15:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared [2010-11-19 14:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-11-19 14:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2 [2010-11-19 14:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\My eBooks [2010-11-19 12:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-19 11:55:49 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010-11-19 11:55:49 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010-11-19 11:55:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010-11-19 11:55:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010-11-19 11:55:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010-11-19 11:55:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010-11-19 11:55:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010-11-19 11:55:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010-11-19 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft [2010-11-18 06:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2010-11-18 06:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-11-18 06:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-18 06:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ipla [2010-11-17 20:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adultpdf [2010-11-15 19:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\skypePM [2010-11-15 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010-11-15 19:54:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010-11-15 19:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\Skype [2010-11-15 19:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype [2010-11-15 19:35:48 | 000,955,784 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-15 19:35:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Biblioteka calibre [2010-11-14 15:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Moje dokumenty\SavedGames [2010-11-14 15:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-11-14 15:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Pulpit\lucidity [2010-11-14 11:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bob Came in Pieces [2010-11-14 07:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\RTF TO XML evaluation [2010-11-13 17:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Dane aplikacji\PriceGong [2010-11-13 17:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Conduit [2010-11-13 17:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\Temp [2010-11-10 06:11:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-11-09 17:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Folderico [2010-11-09 14:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-11-06 19:56:40 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\WINDOWS\System32\DfSdkBt.exe [2010-11-06 17:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2010-08-23 18:51:22 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-12-03 07:20:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DAREK\Pulpit\OTL.exe [2010-12-03 07:05:07 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-03 07:01:01 | 000,000,312 | -HS- | M] () -- C:\WINDOWS\tasks\ILTACGS.job [2010-12-03 07:00:48 | 000,045,668 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2010-12-03 07:00:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-03 06:48:18 | 098,217,771 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\DAREK\Pulpit\OTLPEStd.exe [2010-12-03 06:47:22 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\y4sye8py.exe [2010-12-03 06:43:35 | 000,000,195 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-02 19:22:06 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-02 18:56:01 | 003,352,913 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\100%_working_crack.rar [2010-12-02 17:33:00 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\HiJackThis.msi [2010-12-01 18:30:07 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 05:32:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010-11-30 20:05:47 | 013,350,672 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\DAREK\Pulpit\Opera_1063_int_Setup.exe [2010-11-29 20:37:28 | 007,793,152 | RHS- | M] () -- C:\Documents and Settings\All Users\GProton.exe [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-29 17:40:26 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-28 01:13:34 | 000,001,174 | ---- | M] () -- C:\WINDOWS\APDFPRP.INI [2010-11-28 00:54:59 | 000,103,424 | RHS- | M] () -- C:\WINDOWS\System32\Lfmac10n4.dll [2010-11-27 09:35:21 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-26 12:27:04 | 000,114,623 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\pzdr3huc.rar [2010-11-26 12:16:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-11-23 17:15:57 | 000,000,413 | RHS- | M] () -- C:\boot.ini [2010-11-21 14:48:50 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | M] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:29 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-20 07:10:17 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 14:53:38 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-19 13:54:33 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2010-11-18 06:34:59 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:35:48 | 000,955,784 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\DAREK\Pulpit\SkypeSetup.exe [2010-11-14 15:27:28 | 000,000,463 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Lucidity.lnk [2010-11-14 11:41:35 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:38 | 000,102,129 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-10 18:31:34 | 000,500,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-10 18:31:34 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-10 18:31:34 | 000,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-10 18:31:34 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-09 17:02:26 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-08 20:58:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman 3 - Hoodlum Havoc.lnk [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-12-03 07:05:06 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-12-03 06:47:22 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\y4sye8py.exe [2010-12-02 19:22:06 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\DAREK\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-02 18:56:01 | 003,352,913 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\100%_working_crack.rar [2010-12-02 17:58:02 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\poloj.url [2010-12-02 17:32:56 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\HiJackThis.msi [2010-12-01 18:30:07 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job [2010-12-01 18:29:42 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job [2010-12-01 17:18:52 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-01 16:56:01 | 000,000,949 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Spybot - Search & Destroy.lnk [2010-12-01 05:32:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-11-29 20:37:30 | 007,793,152 | RHS- | C] () -- C:\Documents and Settings\All Users\GProton.exe [2010-11-29 17:40:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-11-29 16:56:29 | 000,952,832 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\SPYRO 2.doc [2010-11-29 16:56:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\spyro.doc [2010-11-28 00:54:59 | 000,103,424 | RHS- | C] () -- C:\WINDOWS\System32\Lfmac10n4.dll [2010-11-28 00:54:59 | 000,000,312 | -HS- | C] () -- C:\WINDOWS\tasks\ILTACGS.job [2010-11-27 09:34:44 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\ePSXe.lnk [2010-11-26 19:44:32 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\NapiProjekt.lnk [2010-11-26 12:27:03 | 000,114,623 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\pzdr3huc.rar [2010-11-21 14:48:50 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Ahnenblatt.lnk [2010-11-21 13:53:46 | 000,005,627 | ---- | C] () -- C:\Documents and Settings\DAREK\mik.ged [2010-11-20 18:57:05 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hard Drive Inspector.lnk [2010-11-20 13:49:05 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Rayman2.lnk [2010-11-19 14:56:32 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\calibre - E-book management.lnk [2010-11-19 10:09:31 | 000,001,174 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI [2010-11-18 06:34:59 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-15 20:05:54 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\DAREK\untitled.pickle [2010-11-15 19:56:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-15 19:54:39 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2010-11-14 15:27:28 | 000,000,463 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Lucidity.lnk [2010-11-14 11:41:35 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Bob Came in Pieces.lnk [2010-11-14 10:48:32 | 000,102,129 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\52632476.jpg [2010-11-09 17:02:26 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\DAREK\Pulpit\Folderico.lnk [2010-11-09 14:52:06 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-11-06 18:02:39 | 000,160,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-11-06 17:53:07 | 000,384,752 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_HDAL_i386.sys [2010-09-17 19:40:35 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-09-17 19:40:33 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-09-17 19:40:33 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-08-01 08:19:56 | 000,000,270 | ---- | C] () -- C:\WINDOWS\game.ini [2010-07-06 19:10:21 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPLK.INI [2010-06-19 15:59:35 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2010-06-14 06:04:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\DAREK\Dane aplikacji\AVSMediaPlayer.m3u [2010-06-14 05:58:49 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-12 08:16:51 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-04 17:30:04 | 000,034,308 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mazuki.dll [2010-06-03 05:07:16 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-06-02 20:28:45 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010-06-02 17:54:02 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-06-02 17:50:10 | 000,000,208 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2010-06-02 17:21:55 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-06-02 17:05:24 | 000,000,276 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2010-06-02 17:05:23 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2010-06-02 17:04:51 | 000,014,144 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2010-06-02 17:04:35 | 000,013,896 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010-06-02 17:04:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2010-06-02 17:04:15 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2001-10-26 18:29:32 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2001-10-26 18:28:12 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2001-10-26 18:28:12 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2001-10-26 18:27:04 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2001-10-26 18:27:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll ========== LOP Check ========== [2010-07-14 20:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2010-11-20 18:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AltrixSoft [2010-06-18 18:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2010-11-09 14:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Buena Vista Games [2010-06-29 05:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CrystalIdea Software [2010-06-03 07:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-14 12:04:59 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-06-20 06:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy CD-DA Extractor [2010-10-06 16:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-11-18 06:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-14 15:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LucasArts [2010-07-19 20:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MinigolfAdventures [2010-11-21 10:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MyHeritage [2010-07-19 09:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Syncrosoft [2010-07-08 06:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-08-15 14:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TreeCardGames [2010-06-13 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-06-13 18:09:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-11-22 18:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ahnenblatt [2010-11-08 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Ashampoo [2010-10-27 07:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\BESTplayer [2010-11-19 15:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\calibre [2010-06-03 07:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\DAEMON Tools Lite [2010-11-27 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\fltk.org [2010-08-19 16:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Friday's games [2010-09-02 05:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Gaijin Ent [2010-11-21 13:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\GenJ3 [2010-10-05 17:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Groove Games [2010-11-18 06:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ipla [2010-10-12 07:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Katalog CDDVD [2010-11-21 11:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Millennia [2010-12-03 07:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Opera [2010-11-21 11:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\pl-soft [2010-11-13 17:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\PriceGong [2010-11-01 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\ProtectDISC [2010-11-18 06:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\RDRM [2010-12-02 19:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\Stonetrip [2010-08-15 14:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TreeCardGames [2010-06-13 18:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\TuneUp Software [2010-12-03 07:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DAREK\Dane aplikacji\uTorrent [2010-12-03 07:01:01 | 000,000,312 | -HS- | M] () -- C:\WINDOWS\Tasks\ILTACGS.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:38091CBB < End of report > oraz OTL Extras logfile created on: 2010-12-03 07:21:47 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\DAREK\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15,83 Gb Total Space | 1,74 Gb Free Space | 11,02% Space Free | Partition Type: NTFS Drive D: | 47,84 Gb Total Space | 0,54 Gb Free Space | 1,12% Space Free | Partition Type: NTFS Drive E: | 28,09 Gb Total Space | 4,88 Gb Free Space | 17,38% Space Free | Partition Type: NTFS Drive F: | 30,60 Gb Total Space | 4,51 Gb Free Space | 14,73% Space Free | Partition Type: NTFS Drive G: | 282,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 50,19 Gb Total Space | 7,98 Gb Free Space | 15,91% Space Free | Partition Type: NTFS Drive I: | 50,11 Gb Total Space | 11,33 Gb Free Space | 22,60% Space Free | Partition Type: NTFS Drive J: | 50,39 Gb Total Space | 22,73 Gb Free Space | 45,11% Space Free | Partition Type: NTFS Drive K: | 49,72 Gb Total Space | 11,50 Gb Free Space | 23,13% Space Free | Partition Type: NTFS Drive L: | 49,83 Gb Total Space | 6,77 Gb Free Space | 13,59% Space Free | Partition Type: NTFS Computer Name: DAREK | User Name: DAREK | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server -- (Apache Software Foundation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "I:\calofdutywar\CoDWaWmp.exe" = I:\calofdutywar\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\calofdutywar\CoDWaW.exe" = I:\calofdutywar\CoDWaW.exe:*:Enabled:Call of Duty® - World at War -- File not found "I:\SOF\sof3.exe" = I:\SOF\sof3.exe:*:Disabled:sof3 -- File not found "I:\calof 4\iw3mp.exe" = I:\calof 4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- File not found "I:\juarezz\CoJBiBGame_x86.exe" = I:\juarezz\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood -- File not found "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- File not found "I:\The Ball\Binaries\Win32\TheBall.exe" = I:\The Ball\Binaries\Win32\TheBall.exe:*:Disabled:TheBall -- File not found "I:\Call of Duty - Black Ops\BlackOps.exe" = I:\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00DE25CD-A571-71AA-DD1E-44624D3F3839}" = Catalyst Control Center Localization Russian "{0100A905-A8DD-501B-F188-5EE0949F452E}" = CCC Help Polish "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{057886CB-E3EF-2817-81E0-22C4A42CE498}" = Catalyst Control Center Localization German "{08E30958-B916-F50F-7D1B-2BC7FFCBE3CD}" = Catalyst Control Center Localization Thai "{14EED1BC-FFF0-B332-5EF3-AE2ECA7DBAB2}" = CCC Help Korean "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1B2CAF41-06B0-C482-CFA3-5FEF0CE3EFB7}" = Catalyst Control Center Localization Korean "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{27004F1F-150E-10EA-6D9A-477A4D517AE6}" = ccc-core-preinstall "{271E0D08-7010-7924-8483-AFE61B5F932D}" = Catalyst Control Center Localization Chinese Standard "{27A1D594-FEE9-DA8F-DCA6-E25CE1F2CFC7}" = Catalyst Control Center Localization Turkish "{2DD4470C-9070-7D7C-340B-C523CB830213}" = Catalyst Control Center Localization Dutch "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1 "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36C6D94F-3E89-A1E2-50B4-EC111EBD8F0E}" = Catalyst Control Center Localization Spanish "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3A46DFF0-5ED9-7933-6934-C25D7C58C149}" = ccc-core-static "{3AD95EBD-0199-F426-3EC8-37356E9F221E}" = CCC Help Turkish "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{4093993B-DCBD-269F-3F25-B19D39F03227}" = Catalyst Control Center Localization Hungarian "{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5 "{41BADB07-B491-E330-3727-7ECF24F3973C}" = CCC Help German "{424D35F1-F86D-9A7C-970A-A3EC69B41EEC}" = Catalyst Control Center Localization Portuguese "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C3CD1BF-3A55-3B11-738C-AEBCC136B99D}" = Catalyst Control Center Localization Italian "{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP "{58F0911C-A70A-5450-AF61-ABA73BC839AF}" = CCC Help Dutch "{5D27AF04-435A-ADA1-A995-DAA23023CD9C}" = CCC Help Swedish "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{61DA7F1D-26B2-06E9-0B0E-D7EC9CA89FF7}" = Catalyst Control Center Graphics Light "{6412075D-F600-6E0C-47B9-E46B2FCD2281}" = CCC Help English "{64823E85-64E8-FD8E-9323-10C9DA3DCBF1}" = Catalyst Control Center Localization French "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{6A620E3F-B44C-DC93-6DF3-3C36022FAEC5}" = CCC Help Russian "{70A77127-A231-3515-A98E-3BEDD1EE379B}" = CCC Help Danish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7C672A89-14D2-4A8F-03E5-42D60DEEEA28}" = Catalyst Control Center Localization Greek "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D37906-6BB5-CEA3-3A9E-282BD3D4821A}" = CCC Help Greek "{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63 "{87D0CA2B-8F5C-04FD-8B31-45D72B813939}" = Catalyst Control Center Localization Chinese Traditional "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{8CE2C5D1-EAAA-4A12-A25C-4FC5D8D3D2E0}_is1" = Tysiąc Słów 1.1 "{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{907453D4-2730-940D-42E7-FB9B22D4AA4F}" = CCC Help Norwegian "{9BAC5D76-82E7-4091-8D54-EEDC32BEBF2A}" = Catalyst Control Center Graphics Full Existing "{9CE57598-9A41-AFCE-AA0C-954D2B11A389}" = Catalyst Control Center Graphics Full New "{9E163B34-C00F-ACEE-EC7C-F8287FA63430}" = CCC Help Finnish "{9F650127-C7C9-A280-23FB-05763FC33871}" = Catalyst Control Center Localization Finnish "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A439BDA6-3E0E-C98B-4E86-620D8215E7BB}" = CCC Help Japanese "{AB9C21BC-3097-438A-9923-EB1F4D90376D}" = Catalyst Control Center Localization Czech "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B63ECF13-D418-E6F0-D5DB-85E0CF6700F4}" = CCC Help French "{B88FDD47-6CF4-FBE9-3864-70CF7E71C3BC}" = Catalyst Control Center Localization Danish "{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C098DAEC-29EF-4A59-B18E-0E950169CA3C}" = Western Australian Time Zone Update "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1506CB6-E0BF-5ED7-EC5C-F70F3E56CDE6}" = CCC Help Chinese Traditional "{C40B0FDC-2503-DEBC-0C1C-4F7200B28347}" = Catalyst Control Center Localization Norwegian "{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF24D929-D3BB-7109-FC9E-447D75FBC0EC}" = Catalyst Control Center Localization Swedish "{D16C2485-137D-8321-EC76-6774711F1A30}" = Catalyst Control Center Core Implementation "{D2773F0B-9751-BA4C-387F-5BD115A260AE}" = Catalyst Control Center Localization Polish "{D371E383-D570-A815-B74B-D2622E43651C}" = Catalyst Control Center Localization Japanese "{D4318DDE-2E5E-6771-C11C-A1667B133993}" = CCC Help Hungarian "{DE017133-018C-61CF-2387-02E15E2ED191}" = CCC Help Portuguese "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E77C5F51-DC43-6D63-27FB-1915944E4302}" = CCC Help Spanish "{ED7E511E-40AF-4A94-6522-7C7B910F6EAF}" = Catalyst Control Center Graphics Previews Common "{EEADF889-D975-0591-9AA0-89EB6E640B8D}" = CCC Help Czech "{F08A5341-216B-00BF-659F-ED88DF844B04}" = CCC Help Chinese Standard "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F58D330D-3D1D-37FE-7591-35EB77EF87D3}" = Skins "{F638C8C3-DFA5-E695-BE3A-971D5D9B5672}" = ccc-utility "{F76A2E6B-4C7F-3FFC-05A7-5368105B20AC}" = CCC Help Italian "{F7B013D0-EF94-B8C5-E95F-63CDD1C4D333}" = CCC Help Thai "{F94644BE-0EF2-481F-9373-79259B942EA8}" = calibre "{FA300000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 3.0 "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Rozszerzenie HighMAT do Kreatora zapisywania dysku CD w systemie Microsoft Windows XP "{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US) "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Ahnenblatt_is1" = Ahnenblatt 2.62 "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4 "Ashampoo FireWall_is1" = Ashampoo FireWall FREE 1.20 "Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60 "Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7.01 "ATI Display Driver" = ATI Display Driver "avast!" = avast! Antivirus "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.51 "Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Folderico" = Folderico 3.7.2 "Hard Drive Inspector" = Hard Drive Inspector Professional 3.86 build # 389 "ie8" = Windows Internet Explorer 8 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "ipla" = ipla 2.2.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full) "Lucidity_is1" = Lucidity "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "PowerStrip 3 (remove only)" = PowerStrip 3 (remove only) "rayatitray" = Ray Adams ATI Tray Tools "Rayman 2" = Rayman 2 "Rayman 3 - Hoodlum Havoc" = Rayman 3 - Hoodlum Havoc "RealAlt_is1" = Real Alternative 2.0.2 "SubEdit-Player_is1" = SubEdit-Player "Sudoku Up_is1" = Sudoku Up 2010 v4.0 "Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO!" = Szkoła podstawowa klasa 4 - DZIEŃ DOBRY HISTORIO! "Szkoła podstawowa klasa 4 - Tajemnice przyrody" = Szkoła podstawowa klasa 4 - Tajemnice przyrody "Tweak UI 2.10" = Tweak UI "Uninstall Tool_is1" = Uninstall Tool "uTorrent" = µTorrent "VueScan" = VueScan "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1078081533-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Advanced PDF Password Recovery" = Advanced PDF Password Recovery "Winamp Detect" = Detektor Winampa ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 2010-11-27 19:58:47 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\background_gradientCATJ35T3 failed, 00000005. Error - 2010-11-27 19:59:06 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\background_gradientCAE6J993 failed, 00000005. Error - 2010-11-27 20:00:03 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\ErrorPageTemplateCAUEGJVQ failed, 00000005. Error - 2010-11-27 20:00:44 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\ErrorPageTemplate[4] failed, 00000005. Error - 2010-11-27 20:06:13 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2JM2O4HK\info_48[2] failed, 00000005. Error - 2010-11-27 20:06:37 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\dnserrordiagoff_webOC[5] failed, 00000005. Error - 2010-11-27 20:08:22 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\ErrorPageTemplateCATJPN7S failed, 00000005. Error - 2010-11-27 20:08:38 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\background_gradientCARV6M8M failed, 00000005. Error - 2010-11-27 20:09:01 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\541PHS67\dnserrordiagoff_webOCCAO9J7NU failed, 00000005. Error - 2010-12-02 17:08:47 | Computer Name = DAREK | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\Lfmac10n4.dll failed, 00000005. [ Application Events ] Error - 2010-06-28 11:48:51 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 11:49:43 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:24:55 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:26:37 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:27:45 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x0001af3a. Error - 2010-06-28 12:30:31 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:31:27 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:51:07 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:52:14 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. Error - 2010-06-28 12:52:30 | Computer Name = DAREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd prince of persia.exe, wersja 1.0.0.0, moduł powodujący błąd prince of persia.exe, wersja 1.0.0.0, adres błędu 0x00008cd2. [ OSession Events ] Error - 2010-11-14 02:50:53 | Computer Name = DAREK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2010-12-03 02:12:34 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:36 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:39 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:41 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:44 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:46 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:48 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:51 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:53 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. Error - 2010-12-03 02:12:55 | Computer Name = DAREK | Source = Cdrom | ID = 262151 Description = W urządzeniu \Device\CdRom0 wystąpił zły blok. < End of report > I log z gmera GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-12-03 10:39:14 Windows 5.1.2600 Dodatek Service Pack 3 Running: y4sye8py.exe; Driver: C:\DOCUME~1\DAREK\USTAWI~1\Temp\uxtdapow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xAD2BF6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xAD2BF574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xAD2BFA52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xAD2BF14C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xAD2BF64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xAD2BF08C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xAD2BF0F0] SSDT \??\C:\DOCUME~1\DAREK\USTAWI~1\Temp\ASFWHide ZwQuerySystemInformation [0xBA22A486] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xAD2BF76E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xAD2BF72E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xAD2BF8AE] SSDT \??\C:\DOCUME~1\DAREK\USTAWI~1\Temp\ASFWHide ZwTerminateProcess [0xBA22A6DA] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB9984000, 0x1A4140, 0xE8000020] init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xAD66AA00] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Analog Devices\Core\smax4pnp.exe[636] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D37B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Program Files\Analog Devices\SoundMAX\Smax4.exe[644] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10007B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[652] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10007B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe[672] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 02447B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text C:\program files\powerstrip\pstrip.exe[700] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10007B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text ... .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 405D54F5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 406A9ACD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4069D12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 406ADB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 40614656 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 407A5027 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 407A4F59 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 407A4FC4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 407A4E2A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 407A4E8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 407A508A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 407A4EEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] ole32.dll!CoCreateInstance 774EF1AC 5 Bytes JMP 406ADB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1556] ole32.dll!OleLoadFromStream 7751981B 5 Bytes JMP 407A538F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Documents and Settings\DAREK\Pulpit\y4sye8py.exe[2384] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10007B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 405D54F5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 406A9ACD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4069D12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 406ADB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 40614656 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 407A5027 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 407A4F59 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 407A4FC4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 407A4E2A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 407A4E8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 407A508A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 407A4EEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] ole32.dll!CoCreateInstance 774EF1AC 5 Bytes JMP 406ADB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2672] ole32.dll!OleLoadFromStream 7751981B 5 Bytes JMP 407A538F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 405D54F5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 406ADB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 407A5027 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 407A4F59 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 407A4FC4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 407A4E2A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 407A4E8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 407A508A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[2752] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 407A4EEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 405D54F5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 406A9ACD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4069D12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 406ADB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 40614656 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 407A5027 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 407A4F59 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 407A4FC4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 407A4E2A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 407A4E8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 407A508A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 407A4EEE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] ole32.dll!CoCreateInstance 774EF1AC 5 Bytes JMP 406ADB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3196] ole32.dll!OleLoadFromStream 7751981B 5 Bytes JMP 407A538F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Skype\Plugin Manager\skypePM.exe[3464] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 10007B50 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[1324] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002 IAT C:\WINDOWS\system32\services.exe[1324] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000 IAT C:\Program Files\Internet Explorer\iexplore.exe[1556] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation) IAT C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[2016] @ C:\WINDOWS\system32\WS2_32.dll [ADVAPI32.dll!RegOpenKeyExA] [00414EE0] C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (avast! Web Scanner/ALWIL Software) IAT C:\Program Files\Internet Explorer\iexplore.exe[2672] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[3196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x51 0xB1 0x9D 0x2F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6C 0x3C 0x7E 0xEC ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x00 0xCA 0xF4 0x58 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB1 0x6E 0x94 0xF0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x2B 0xCD 0xC9 0x6E ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x51 0xB1 0x9D 0x2F ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6C 0x3C 0x7E 0xEC ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x00 0xCA 0xF4 0x58 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB1 0x6E 0x94 0xF0 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x2B 0xCD 0xC9 0x6E ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241}@jabjengoaahephflgfgk 0x62 0x61 0x6E 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241}@jabjengoaahephflgfck 0x62 0x61 0x67 0x6C ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241}@iabaaieilddldfbbho 0x6B 0x61 0x6F 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241}@haniiojcieaagapn 0x70 0x61 0x6D 0x69 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{60788244-6324-0DAD-BE76-79B7CB423241}@jamipnhobbcicdgkmphb 0x64 0x62 0x6E 0x6B ... ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\ordered_list[1].png 342 bytes File C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\index[2].htm 154868 bytes File C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\index[2].php 175138 bytes File C:\Documents and Settings\DAREK\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A6PT7H4T\index[3].htm 791 bytes ---- EOF - GMER 1.0.15 ---- pozdrawiam i czekam na porady
×
×
  • Dodaj nową pozycję...