przez QBAQ20 16 Maj 2010, 11:48
przez wojtas 16 Maj 2010, 11:54
przez QBAQ20 16 Maj 2010, 12:15
User : QBAQ (Administratorzy) # QBAQ-1514A32D52
Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 11:54:07 | 2010-05-20
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) XP 2800+
Microsoft Windows XP Professional (5.1.2600 32-bit) # Dodatek Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1356 [VPS 100516-0] 4.8.1356 [ (!) Disabled | Updated ]
FW : ZoneAlarm Pro Firewall[ Enabled ]5.5.094.000
A:\ -> Stacja dyskietek 3,5 cala
C:\ -> Lokalny dysk stały # 14,65 Go (2,22 Go free) # NTFS
D:\ -> Lokalny dysk stały # 59,87 Go (23,75 Go free) # NTFS
E:\ -> Dysk CD-ROM
F:\ -> Dysk CD-ROM
G:\ -> Dysk CD-ROM
H:\ -> Dysk wymienny # 1,89 Go (179,81 Mo free) [KARTA] # FAT
###################### | Listing of the present files C:\ |
[2009-11-24 18:10|--a------|0] - C:\AUTOEXEC.BAT
[2010-05-20 11:53|-r-hs----|55] - C:\autorun.inf
[2009-11-24 23:14|---hs----|211] - C:\boot.ini
[2002-12-31 14:00|-rahs----|4952] - C:\Bootfont.bin
[2009-11-24 18:10|--a------|0] - C:\CONFIG.SYS
[2010-03-27 23:04|--a------|1182] - C:\crashAddress.txt
[2009-11-25 10:53|--a------|80] - C:\FilterLog.log
[?|?|?] - C:\hiberfil.sys
[2009-11-24 18:10|-rahs----|0] - C:\IO.SYS
[2009-12-06 13:38|-r-hs----|115688] - C:\k8jc.exe
[2009-11-24 18:10|-rahs----|0] - C:\MSDOS.SYS
[2002-12-31 14:00|-rahs----|47564] - C:\NTDETECT.COM
[2009-11-25 09:20|-rahs----|251152] - C:\ntldr
[2010-05-19 09:46|-r-hs----|112640] - C:\p9rs.exe
[?|?|?] - C:\pagefile.sys
[2010-05-20 11:54|--a------|1647] - C:\UsbFix.txt
###################### | Listing of the present folders C:\ |
[2010-04-09 10:20|d--------|0] - C:\Documents and Settings
[2009-11-24 19:05|dr-h-----|0] - C:\MSOCache
[2010-05-01 11:22|d--------|0] - C:\NVIDIA
[2010-05-20 10:21|dr-------|0] - C:\Program Files
[2009-12-25 19:03|d--hs----|0] - C:\RECYCLER
[2009-11-25 09:31|d--hs----|0] - C:\System Volume Information
[2010-05-20 11:54|d--------|0] - C:\UsbFix
[2010-05-19 09:44|d--------|0] - C:\WINDOWS
###################### | Listing of the present files D:\ |
[2010-05-20 11:53|-r-hs----|55] - D:\autorun.inf
[2009-12-06 13:38|-r-hs----|115688] - D:\k8jc.exe
[2010-05-19 09:46|-r-hs----|112640] - D:\p9rs.exe
[?|?|?] - D:\pagefile.sys
[2010-03-08 18:01|--ahs----|73728] - D:\Thumbs.db
###################### | Listing of the present folders D:\ |
[2009-10-25 16:34|d--------|0] - D:\532b54e12d9d7c57ced9fa9d
[2010-05-09 15:11|dr-------|0] - D:\Filmy
[2010-05-02 20:43|dr-------|0] - D:\GRY
[2010-04-27 00:25|d--------|0] - D:\Koncert o5.o2.2o10r
[2010-01-25 14:24|d--------|0] - D:\koncert WO—P
[2010-04-21 18:18|dr-------|0] - D:\MUZYKA
[2010-05-19 14:13|dr-------|0] - D:\Pobrane z J-Downloader
[2010-01-04 18:57|dr-------|0] - D:\Pobrane z Torrent˘w
[2010-05-20 11:52|dr-------|0] - D:\Pobranie z Mozilla Firefox
[2010-04-30 11:03|d--------|0] - D:\PROGRAMY
[2010-01-28 02:41|dr-------|0] - D:\QBAQ
[2009-11-25 09:06|d--hs----|0] - D:\RECYCLER
[2010-04-09 10:18|d--------|0] - D:\STRONKA
[2009-11-25 09:09|d--hs----|0] - D:\System Volume Information
[2010-05-06 18:41|dr-------|0] - D:\tapety
[2010-04-29 22:00|dr-------|0] - D:\W A ˝ N E
[2010-05-19 12:58|d---s----|0] - D:\Zdj©cia
###################### | Listing of the present files H:\ |
[2010-05-09 19:51|--a------|3174] - H:\Hey beautiful.amr
[2010-05-06 15:58|--a------|1421234] - H:\Stary Hymn Cracovii- Juliusza Leo.mp3
[2010-05-10 13:22|--a------|3244617] - H:\Halina Kunicka- Orkiestry Dete.mp3
[2009-12-06 13:38|-r-hs----|115688] - H:\k8jc.exe
[2010-05-20 11:53|-r-hs----|55] - H:\autorun.inf
###################### | Listing of the present folders H:\ |
[2009-07-18 13:58|d-a------|0] - H:\6. Motywy
[2009-08-03 14:03|d-a------|0] - H:\9. Inne
[2010-04-13 10:10|d-a------|0] - H:\Zdj©cia
[2009-07-18 13:58|d-a------|0] - H:\5. Tapety
[2008-01-01 11:44|d-a------|0] - H:\1. Muzyka
[2008-01-01 11:38|d-a------|0] - H:\2. Zdj©cia
[2008-01-01 11:38|d-a------|0] - H:\3. Wideo
[2009-12-28 21:09|d-a------|0] - H:\4. Pliki Wideo
[2010-02-04 01:36|d--------|0] - H:\7. Gry & Aplikacje
[2009-09-25 15:42|d-a------|0] - H:\8. D«wi©ki SMS
[2009-12-28 20:53|dr-hs----|0] - H:\KLIZAVI
[2010-05-03 01:26|dr-hs----|0] - H:\RECYCLER
################## | ! End of report # UsbFix V6.113 ! |OTL logfile created on: 2010-05-20 12:04:36 - Run 4
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Pobranie z Mozilla Firefox
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 549,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 2,22 Gb Free Space | 15,17% Space Free | Partition Type: NTFS
Drive D: | 59,87 Gb Total Space | 23,75 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1,89 Gb Total Space | 0,18 Gb Free Space | 9,28% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: QBAQ-1514A32D52
Current User Name: QBAQ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010-05-20 11:28:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Pobranie z Mozilla Firefox\OTL.exe
PRC - [2010-04-01 01:52:28 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\PROGRAMY\STEROWNIKI NVIDIA\NTUNE\nTuneService.exe
PRC - [2009-11-06 14:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\PROGRAMY\STEROWNIKI NVIDIA\NTUNE\nTuneCmd.exe
PRC - [2009-09-15 12:56:48 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-09-15 12:56:43 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-06-04 23:56:22 | 000,869,888 | ---- | M] () -- D:\PROGRAMY\AllPlayer\ALLPlayer\ALLPlayer\ALLUpdate.exe
PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-07-11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2007-05-10 13:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2007-04-21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2007-02-13 17:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
PRC - [2006-04-21 18:03:34 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005-04-19 19:06:16 | 000,935,688 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2005-04-19 19:05:26 | 001,210,112 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2005-04-06 17:03:28 | 000,110,592 | ---- | M] () -- D:\PROGRAMY\Sterownik do Bluetootha\BTNtService.exe
PRC - [2004-12-20 18:12:36 | 000,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010-05-20 11:28:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Pobranie z Mozilla Firefox\OTL.exe
MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009-11-06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\PROGRAMY\STEROWNIKI NVIDIA\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009-09-15 12:56:43 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-09-15 12:56:28 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-09-15 12:54:13 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2005-04-19 19:05:26 | 001,210,112 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2005-04-06 17:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- D:\PROGRAMY\Sterownik do Bluetootha\BTNtService.exe -- (BlueSoleil Hid Service)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-12-02 21:02:26 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-09-15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009-09-15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 12:54:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 12:54:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-09-15 12:53:24 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-04-23 12:15:06 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-03-13 15:44:42 | 010,423,936 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007-01-04 14:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2007-01-04 14:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)
DRV - [2005-05-31 16:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005-05-31 10:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005-04-30 15:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005-04-30 15:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005-04-30 15:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005-04-19 19:05:14 | 000,279,880 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005-04-13 12:34:02 | 000,414,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005-04-13 12:32:42 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005-03-25 18:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004-12-16 17:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004-10-19 14:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl=pl&source=iglk"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-04 06:46:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-02 20:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-03-28 17:57:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-04-22 09:01:01 | 000,000,000 | ---D | M]
[2009-11-25 10:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Extensions
[2010-05-20 11:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions
[2010-03-07 21:11:51 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009-12-03 15:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions\DTToolbar@toolbarnet.com
[2009-12-03 15:25:15 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\searchplugins\daemon-search.xml
[2010-05-20 11:44:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-03-31 10:57:14 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-02-19 17:13:05 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-19 17:13:05 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-19 17:13:05 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-19 17:13:05 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-19 17:13:05 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-19 17:13:05 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2002-12-31 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKCU\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\PROGRAMY\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] D:\PROGRAMY\quick time\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [ALLUpdate] D:\PROGRAMY\AllPlayer\ALLPlayer\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Temp\herss.exe ()
O4 - HKCU..\Run: [dso32] C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Temp\dsoqq.exe ()
O4 - HKCU..\Run: [Steam] D:\GRY\CS\Steam.exe File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\BlueSoleil.lnk = D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Link to &MidpX - D:\GRY\Emu JAVA\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (%WINDIR%\system32\drivers\btwdins.exe) - C:\WINDOWS\System32\drivers\btwdins.exe File not found
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-6330451624-1477560941-457882538-9807\nissan.exe) - C:\RECYCLER\S-1-5-21-6330451624-1477560941-457882538-9807\nissan.exe File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-24 18:10:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-05-20 12:04:27 | 000,000,055 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-20 12:04:27 | 000,000,055 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-20 12:04:28 | 000,000,055 | RHS- | M] () - H:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{23288d4b-f3c8-11de-9711-4d6564696130}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{23288d4b-f3c8-11de-9711-4d6564696130}\Shell\open\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{444a2805-d91a-11de-8b11-806d6172696f}\Shell\AutoRun\command - "" = C:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2805-d91a-11de-8b11-806d6172696f}\Shell\open\Command - "" = C:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2806-d91a-11de-8b11-806d6172696f}\Shell\AutoRun\command - "" = D:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2806-d91a-11de-8b11-806d6172696f}\Shell\open\Command - "" = D:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{5e062353-e979-11de-96e5-4d6564696130}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{5e062353-e979-11de-96e5-4d6564696130}\Shell\open\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\AutoRun\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\explore\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\open\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:18198c99) - C:\WINDOWS\System32\aswBoot.exe (ALWIL Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-05-20 11:53:24 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010-05-20 10:22:26 | 000,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-05-20 10:22:25 | 000,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-05-20 10:22:24 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-05-20 10:22:22 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-05-20 10:22:22 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010-05-20 10:22:22 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-05-20 10:22:22 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-05-20 10:22:22 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-05-20 10:21:56 | 001,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-05-20 10:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-05-09 15:14:25 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010-05-09 15:14:25 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010-05-09 15:14:25 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010-05-09 15:14:25 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010-05-09 15:14:20 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010-05-09 15:14:19 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010-05-09 15:14:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010-05-09 15:14:18 | 000,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010-05-09 15:14:18 | 000,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010-05-09 15:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-05-02 20:37:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\GameDesire
[2010-05-02 20:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\GanymedeNet
[2010-05-02 20:09:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010-05-02 19:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Gadu-Gadu 10
[2010-05-02 19:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10
[2010-05-01 11:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\nvidia icons
[2010-05-01 11:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010-05-01 11:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\SystemRequirementsLab
[2010-04-29 22:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\images
[2010-04-26 11:53:33 | 004,358,144 | ---- | C] (GSC Game World) -- C:\WINDOWS\uncsetup.exe
[2009-11-25 10:36:05 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009-11-25 10:36:05 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009-11-25 10:36:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009-11-25 10:36:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-05-20 12:04:52 | 000,000,055 | RHS- | M] () -- C:\autorun.inf
[2010-05-20 11:47:14 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-20 11:16:40 | 000,178,399 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-05-20 11:14:01 | 000,000,891 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-05-20 11:13:09 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-20 11:13:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-20 11:12:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-20 11:12:45 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-20 11:10:31 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\NTUSER.DAT
[2010-05-20 11:10:31 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.ini
[2010-05-20 11:10:20 | 006,915,624 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-05-20 11:01:04 | 000,001,016 | RHS- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.pol
[2010-05-20 10:23:55 | 000,044,544 | ---- | M] () -- C:\WINDOWS\System32\ftp.exe
[2010-05-20 10:22:26 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\avast! Antivirus.lnk
[2010-05-20 10:22:22 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-05-19 12:57:26 | 000,023,552 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\photothumb.db
[2010-05-19 10:18:55 | 000,068,608 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-19 10:17:20 | 000,029,696 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\photothumb.db
[2010-05-19 09:46:24 | 000,112,640 | RHS- | M] () -- C:\p9rs.exe
[2010-05-19 09:44:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-05-18 13:12:26 | 000,000,997 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-17 19:58:30 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\wypowiedzenie.doc
[2010-05-17 19:57:41 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Magda umowa....doc
[2010-05-17 13:50:31 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-16 23:22:09 | 001,948,012 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Obraz 032.jpg
[2010-05-16 19:39:16 | 005,086,213 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Infolinia.rar
[2010-05-15 08:05:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-09 22:55:45 | 001,634,304 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Wakacjone
[2010-05-09 19:51:02 | 000,003,174 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Hey beautiful.amr
[2010-05-09 18:09:55 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-09 15:35:30 | 000,055,440 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-08 17:05:41 | 000,012,400 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\RAMA.JPG
[2010-05-08 16:52:45 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\TŁO.JPG
[2010-05-07 14:50:43 | 002,500,399 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3 zwrotka - Juliusz Leo.mp3
[2010-05-06 16:00:36 | 001,425,390 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\CRACOVII CHWAŁA.mp3
[2010-05-06 14:08:11 | 001,539,117 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\zwała.jpg
[2010-05-06 00:42:51 | 000,048,495 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\POKER.JPG
[2010-05-05 23:04:34 | 045,216,806 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Ireneusz Krosny-Matura.avi
[2010-05-04 20:06:24 | 000,009,801 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\index.html
[2010-05-03 20:38:30 | 000,040,246 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\slajder.jpg
[2010-05-02 19:46:45 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Gadu-Gadu 10.lnk
[2010-05-02 13:15:52 | 000,095,814 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\demotywatory.JPG
[2010-04-23 16:24:34 | 008,553,302 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\qbaq 123.mp3
[2010-04-23 08:25:35 | 000,074,290 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3NOp.JPG
[2010-04-22 15:06:35 | 000,283,989 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\d-key.flp
[2010-04-20 20:36:47 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\JDownloader.lnk
[2010-04-20 12:17:22 | 000,002,419 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Microsoft Office Word 2003.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-05-20 11:29:20 | 000,115,688 | RHS- | C] () -- C:\k8jc.exe
[2010-05-20 10:22:26 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\avast! Antivirus.lnk
[2010-05-20 00:43:24 | 000,000,055 | RHS- | C] () -- C:\autorun.inf
[2010-05-19 10:15:45 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\photothumb.db
[2010-05-19 10:09:15 | 000,023,552 | -H-- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\photothumb.db
[2010-05-19 09:46:53 | 000,112,640 | RHS- | C] () -- C:\p9rs.exe
[2010-05-17 19:53:13 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\wypowiedzenie.doc
[2010-05-17 19:32:55 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Magda umowa....doc
[2010-05-16 23:21:47 | 001,948,012 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Obraz 032.jpg
[2010-05-16 19:38:36 | 005,086,213 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Infolinia.rar
[2010-05-09 22:53:51 | 001,634,304 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Wakacjone
[2010-05-09 21:00:38 | 000,003,174 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Hey beautiful.amr
[2010-05-09 15:14:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-05-09 15:14:20 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010-05-09 15:14:19 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-09 15:14:19 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-09 15:14:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-05-09 15:14:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-05-09 15:14:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-05-08 17:00:28 | 000,012,400 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\RAMA.JPG
[2010-05-08 16:52:45 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\TŁO.JPG
[2010-05-07 14:42:20 | 002,500,399 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3 zwrotka - Juliusz Leo.mp3
[2010-05-06 15:53:58 | 001,425,390 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\CRACOVII CHWAŁA.mp3
[2010-05-06 14:07:51 | 001,539,117 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\zwała.jpg
[2010-05-06 00:42:06 | 000,048,495 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\POKER.JPG
[2010-05-05 23:03:18 | 045,216,806 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Ireneusz Krosny-Matura.avi
[2010-05-03 20:38:30 | 000,040,246 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\slajder.jpg
[2010-05-02 20:10:17 | 000,001,016 | RHS- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.pol
[2010-05-02 19:46:45 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Gadu-Gadu 10.lnk
[2010-05-02 13:16:06 | 000,095,814 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\demotywatory.JPG
[2010-05-01 11:24:02 | 000,182,024 | ---- | C] () -- C:\WINDOWS\System32\nvdspeng.chm
[2010-05-01 11:24:02 | 000,055,103 | ---- | C] () -- C:\WINDOWS\System32\nvmobeng.chm
[2010-05-01 10:51:05 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010-04-29 22:08:30 | 000,009,801 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\index.html
[2010-04-26 11:53:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-23 16:19:36 | 008,553,302 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\qbaq 123.mp3
[2010-04-20 20:36:47 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\JDownloader.lnk
[2010-02-19 22:23:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-02-08 01:17:47 | 000,000,026 | ---- | C] () -- C:\WINDOWS\neosetup.INI
[2009-11-30 19:30:00 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2009-11-30 19:10:41 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-11-26 20:06:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-11-26 19:56:04 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-25 11:36:27 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-25 10:37:28 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009-11-25 10:37:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009-11-25 10:37:25 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2009-11-25 10:37:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009-11-25 10:37:19 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2009-11-25 10:36:07 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009-11-25 10:36:06 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\denoise.sys
[2009-11-25 10:29:30 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2009-11-25 10:29:30 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2009-11-25 10:10:13 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-05-19 00:35:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-05-19 00:35:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-05-19 00:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-05-19 00:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-05-19 00:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-05-19 00:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:C74D7A47
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:436DEE1E
< End of report >OTL Extras logfile created on: 2010-05-20 12:04:36 - Run 4
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Pobranie z Mozilla Firefox
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 549,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 2,22 Gb Free Space | 15,17% Space Free | Partition Type: NTFS
Drive D: | 59,87 Gb Total Space | 23,75 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1,89 Gb Total Space | 0,18 Gb Free Space | 9,28% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: QBAQ-1514A32D52
Current User Name: QBAQ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Disabled:Football Manager 2008 -- File not found
"D:\GRY\FM08\fm.exe" = D:\GRY\FM08\fm.exe:*:Disabled:Football Manager 2008 -- (Sports Interactive)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Disabled:Pro Evolution Soccer 2009 -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\PROGRAMY\Torrent\BitTorrent\bittorrent.exe" = D:\PROGRAMY\Torrent\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Disabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe" = D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"D:\PROGRAMY\Voip\VoipDiscount\voipdiscount.exe" = D:\PROGRAMY\Voip\VoipDiscount\voipdiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{70AB1576-7883-2313-C650-7A71270B1045}" = Nero 7 Ultra Edition
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6CB9620-444F-4B8B-B088-C2BD3FD0A587}_is1" = Counter-Strike 1.6 V42 No-Steam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"avast!" = avast! Antivirus
"Carom3D" = Carom3D
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"FL Studio 9" = FL Studio 9
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Football Manager 2008" = Football Manager 2008
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameDesire-Poker" = GameDesire-Poker
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"Incomedia WebSite X5 v8 - Smart" = Incomedia WebSite X5 v8 - Smart
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"ipla" = ipla 2.1.3
"IrfanView" = IrfanView (remove only)
"iZotope Ozone 4_is1" = iZotope Ozone 4
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Kwyshell MidpX Emulator Package" = Kwyshell MidpX Emulator Package 1.3.1
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MPPL 08" = MPPL 08
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"PoiZone" = PoiZone
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Sawer" = Sawer
"SopCast" = SopCast 3.2.8
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"VoipDiscount_is1" = VoipDiscount
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoneAlarm Pro" = ZoneAlarm Pro
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Antivirus Events ]
Error - 2010-04-05 12:31:28 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\PROGRAMY\Adobe Reader\Reader\browser\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 12:31:31 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Thunderbird\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:11 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:13 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\PROGRAMY\Adobe Reader\Reader\browser\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:15 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Thunderbird\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-06 06:28:29 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\inetcpl.cpl failed, 0000001E.
Error - 2010-04-06 14:30:53 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping
- server DOWN???, 00000002.
Error - 2010-04-08 04:12:29 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\PROGRAMY\Gadu-Gadu\Nowe Gadu-Gadu\imageformats\qjpeg4.dll failed, 0000001E.
Error - 2010-04-13 11:38:46 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://r12.filemashine.com/download25/7bfd8f806961_vl5qfxzl77o8if7v/12768/filemashine.com/MSTS-CD1.iso
failed, 00000084.
Error - 2010-04-13 11:40:07 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://r12.filemashine.com/download25/7bfd8f806961_5vovf8r6dt8o3rwb/12768/filemashine.com/MSTS-CD1.iso
failed, 00000084.
[ Application Events ]
Error - 2010-05-15 17:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-15 18:50:17 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 03:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 04:50:14 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 05:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 06:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 07:50:16 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 08:50:16 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 09:08:43 | Computer Name = QBAQ-1514A32D52 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wmplayer.exe, wersja 10.0.0.3802, moduł
powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00011a0a.
Error - 2010-05-16 09:47:05 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 2010-05-20 04:53:10 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 04:53:12 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 04:53:16 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 04:53:31 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 05:00:43 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 05:05:14 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 05:05:16 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 05:08:03 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
Error - 2010-05-20 05:14:25 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu: %%1058
Error - 2010-05-20 05:14:28 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7034
Description = Usługa avast! Web Scanner niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
< End of report >
przez wojtas 16 Maj 2010, 12:48
[Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
:OTL
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Temp\herss.exe ()
O4 - HKCU..\Run: [dso32] C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Temp\dsoqq.exe ()
O4 - HKCU..\Run: [Steam] D:\GRY\CS\Steam.exe File not found
O20 - HKLM Winlogon: Shell - (%WINDIR%\system32\drivers\btwdins.exe) - C:\WINDOWS\System32\drivers\btwdins.exe File not found
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-6330451624-1477560941-457882538-9807\nissan.exe) - C:\RECYCLER\S-1-5-21-6330451624-1477560941-457882538-9807\nissan.exe File not found
O32 - AutoRun File - [2010-05-20 12:04:27 | 000,000,055 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-20 12:04:27 | 000,000,055 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-05-20 12:04:28 | 000,000,055 | RHS- | M] () - H:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{23288d4b-f3c8-11de-9711-4d6564696130}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{23288d4b-f3c8-11de-9711-4d6564696130}\Shell\open\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{444a2805-d91a-11de-8b11-806d6172696f}\Shell\AutoRun\command - "" = C:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2805-d91a-11de-8b11-806d6172696f}\Shell\open\Command - "" = C:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2806-d91a-11de-8b11-806d6172696f}\Shell\AutoRun\command - "" = D:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{444a2806-d91a-11de-8b11-806d6172696f}\Shell\open\Command - "" = D:\k8jc.exe -- [2009-12-06 13:38:56 | 000,115,688 | RHS- | M] ()
O33 - MountPoints2\{5e062353-e979-11de-96e5-4d6564696130}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{5e062353-e979-11de-96e5-4d6564696130}\Shell\open\command - "" = H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe -- [2009-11-01 15:51:24 | 000,076,800 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\AutoRun\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\explore\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
O33 - MountPoints2\{7332030b-ee33-11de-96f7-4d6564696130}\Shell\open\command - "" = H:\KLIZAVI/sapun.exe -- [2009-12-18 13:51:14 | 000,145,408 | RHS- | M] ()
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:C74D7A47
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:436DEE1E
:Files
C:\autorun.inf
C:\k8jc.exe
C:\p9rs.exe
C:\RECYCLER
D:\autorun.inf
D:\k8jc.exe
D:\p9rs.exe
D:\RECYCLER
H:\k8jc.exe
H:\autorun.inf
H:\KLIZAVI
H:\RECYCLER
C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions\DTToolbar@toolbarnet.com
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
:Commands
[emptytemp]
[emptyflash]
[clearallrestorepoints]
przeskanuj tuC:\WINDOWS\System32\ftp.exe
przez QBAQ20 16 Maj 2010, 13:36
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-20 13:42:11
Windows 5.1.2600 Dodatek Service Pack 3
Running: pphlldyd.exe; Driver: C:\DOCUME~1\QBAQ~1.QBA\USTAWI~1\Temp\kwxoykoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----OTL logfile created on: 2010-05-20 13:26:11 - Run 5
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Pobranie z Mozilla Firefox
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 573,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 5,42 Gb Free Space | 36,99% Space Free | Partition Type: NTFS
Drive D: | 59,87 Gb Total Space | 23,75 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1,89 Gb Total Space | 0,18 Gb Free Space | 9,31% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: QBAQ-1514A32D52
Current User Name: QBAQ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010-05-20 11:28:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Pobranie z Mozilla Firefox\OTL.exe
PRC - [2010-04-01 01:52:28 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- D:\PROGRAMY\STEROWNIKI NVIDIA\NTUNE\nTuneService.exe
PRC - [2009-11-06 14:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- D:\PROGRAMY\STEROWNIKI NVIDIA\NTUNE\nTuneCmd.exe
PRC - [2009-09-15 12:56:48 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-09-15 12:56:43 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-09-15 12:56:28 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-09-15 12:54:13 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-06-04 23:56:22 | 000,869,888 | ---- | M] () -- D:\PROGRAMY\AllPlayer\ALLPlayer\ALLPlayer\ALLUpdate.exe
PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-07-11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2007-05-10 13:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2007-04-21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2007-02-13 17:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
PRC - [2006-04-21 18:03:34 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005-04-19 19:06:16 | 000,935,688 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2005-04-19 19:05:26 | 001,210,112 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2005-04-06 17:03:28 | 000,110,592 | ---- | M] () -- D:\PROGRAMY\Sterownik do Bluetootha\BTNtService.exe
PRC - [2004-12-20 18:12:36 | 000,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010-05-20 11:28:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- D:\Pobranie z Mozilla Firefox\OTL.exe
MOD - [2008-04-14 23:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009-11-06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- D:\PROGRAMY\STEROWNIKI NVIDIA\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009-09-15 12:56:43 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-09-15 12:56:28 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-09-15 12:54:13 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-09-15 12:49:40 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2005-04-19 19:05:26 | 001,210,112 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2005-04-06 17:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- D:\PROGRAMY\Sterownik do Bluetootha\BTNtService.exe -- (BlueSoleil Hid Service)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-09-15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009-09-15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-09-15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-09-15 12:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-09-15 12:54:30 | 000,052,368 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-09-15 12:54:21 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-09-15 12:53:24 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-04-23 12:15:06 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-03-13 15:44:42 | 010,423,936 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007-01-04 14:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2007-01-04 14:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)
DRV - [2005-05-31 16:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005-05-31 10:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005-04-30 15:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005-04-30 15:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005-04-30 15:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005-04-19 19:05:14 | 000,279,880 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005-04-13 12:34:02 | 000,414,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005-04-13 12:32:42 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005-03-25 18:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004-12-16 17:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004-10-19 14:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 174.142.24.201:3128
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl=pl&source=iglk"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-04 06:46:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-02 20:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-03-28 17:57:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-04-22 09:01:01 | 000,000,000 | ---D | M]
[2009-11-25 10:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Extensions
[2010-05-20 13:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions
[2010-03-07 21:11:51 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009-12-03 15:25:15 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Mozilla\Firefox\Profiles\5obc5jm4.default\searchplugins\daemon-search.xml
[2010-05-20 11:44:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-03-31 10:57:14 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-02-19 17:13:05 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-19 17:13:05 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-19 17:13:05 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-19 17:13:05 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-19 17:13:05 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-19 17:13:05 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2002-12-31 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKCU\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - D:\GRY\Emu JAVA\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\PROGRAMY\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] D:\PROGRAMY\quick time\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [ALLUpdate] D:\PROGRAMY\AllPlayer\ALLPlayer\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\BlueSoleil.lnk = D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Link to &MidpX - D:\GRY\Emu JAVA\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-24 18:10:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-05-20 13:04:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-05-20 11:53:24 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010-05-20 10:22:26 | 000,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-05-20 10:22:25 | 000,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-05-20 10:22:24 | 000,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-05-20 10:22:22 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-05-20 10:22:22 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010-05-20 10:22:22 | 000,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-05-20 10:22:22 | 000,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-05-20 10:22:22 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-05-20 10:21:56 | 001,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-05-20 10:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-05-09 15:14:25 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010-05-09 15:14:25 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010-05-09 15:14:25 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010-05-09 15:14:25 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010-05-09 15:14:20 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010-05-09 15:14:19 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010-05-09 15:14:19 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010-05-09 15:14:18 | 000,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010-05-09 15:14:18 | 000,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010-05-09 15:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-05-02 20:37:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\GameDesire
[2010-05-02 20:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\GanymedeNet
[2010-05-02 20:09:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010-05-02 19:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Dane aplikacji\Gadu-Gadu 10
[2010-05-02 19:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Gadu-Gadu 10
[2010-05-01 11:24:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\nvidia icons
[2010-05-01 11:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010-05-01 11:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\SystemRequirementsLab
[2010-04-29 22:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\images
[2010-04-26 11:53:33 | 004,358,144 | ---- | C] (GSC Game World) -- C:\WINDOWS\uncsetup.exe
[2009-11-25 10:36:05 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009-11-25 10:36:05 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009-11-25 10:36:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009-11-25 10:36:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-05-20 13:24:48 | 000,075,448 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\gm.JPG
[2010-05-20 13:11:59 | 000,178,399 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-05-20 13:11:12 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-20 13:11:07 | 000,000,891 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-05-20 13:10:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-20 13:10:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-20 13:10:23 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-20 13:09:40 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\NTUSER.DAT
[2010-05-20 13:09:40 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.ini
[2010-05-20 13:09:32 | 006,916,158 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-05-20 12:47:16 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-20 12:22:03 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-20 11:01:04 | 000,001,016 | RHS- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.pol
[2010-05-20 10:23:55 | 000,044,544 | ---- | M] () -- C:\WINDOWS\System32\ftp.exe
[2010-05-20 10:22:26 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\avast! Antivirus.lnk
[2010-05-20 10:22:22 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-05-19 12:57:26 | 000,023,552 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\photothumb.db
[2010-05-19 10:17:20 | 000,029,696 | -H-- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\photothumb.db
[2010-05-19 09:44:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-05-18 13:12:26 | 000,000,997 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-17 19:58:30 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\wypowiedzenie.doc
[2010-05-17 19:57:41 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Magda umowa....doc
[2010-05-17 13:50:31 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-16 23:22:09 | 001,948,012 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Obraz 032.jpg
[2010-05-16 19:39:16 | 005,086,213 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Infolinia.rar
[2010-05-15 08:05:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-09 22:55:45 | 001,634,304 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Wakacjone
[2010-05-09 19:51:02 | 000,003,174 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Hey beautiful.amr
[2010-05-09 18:09:55 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-09 15:35:30 | 000,055,440 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-08 17:05:41 | 000,012,400 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\RAMA.JPG
[2010-05-08 16:52:45 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\TŁO.JPG
[2010-05-07 14:50:43 | 002,500,399 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3 zwrotka - Juliusz Leo.mp3
[2010-05-06 16:00:36 | 001,425,390 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\CRACOVII CHWAŁA.mp3
[2010-05-06 14:08:11 | 001,539,117 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\zwała.jpg
[2010-05-05 23:04:34 | 045,216,806 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Ireneusz Krosny-Matura.avi
[2010-05-04 20:06:24 | 000,009,801 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\index.html
[2010-05-03 20:38:30 | 000,040,246 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\slajder.jpg
[2010-05-02 19:46:45 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Gadu-Gadu 10.lnk
[2010-05-02 13:15:52 | 000,095,814 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\demotywatory.JPG
[2010-04-23 16:24:34 | 008,553,302 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\qbaq 123.mp3
[2010-04-23 08:25:35 | 000,074,290 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3NOp.JPG
[2010-04-22 15:06:35 | 000,283,989 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\d-key.flp
[2010-04-20 20:36:47 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\JDownloader.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-05-20 13:24:47 | 000,075,448 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\gm.JPG
[2010-05-20 10:22:26 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\avast! Antivirus.lnk
[2010-05-19 10:15:45 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\photothumb.db
[2010-05-19 10:09:15 | 000,023,552 | -H-- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\photothumb.db
[2010-05-17 19:53:13 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\wypowiedzenie.doc
[2010-05-17 19:32:55 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Magda umowa....doc
[2010-05-16 23:21:47 | 001,948,012 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Obraz 032.jpg
[2010-05-16 19:38:36 | 005,086,213 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Infolinia.rar
[2010-05-09 22:53:51 | 001,634,304 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\Wakacjone
[2010-05-09 21:00:38 | 000,003,174 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Hey beautiful.amr
[2010-05-09 15:14:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-05-09 15:14:20 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010-05-09 15:14:19 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-09 15:14:19 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-09 15:14:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-05-09 15:14:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-05-09 15:14:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-05-08 17:00:28 | 000,012,400 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\RAMA.JPG
[2010-05-08 16:52:45 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\TŁO.JPG
[2010-05-07 14:42:20 | 002,500,399 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\3 zwrotka - Juliusz Leo.mp3
[2010-05-06 15:53:58 | 001,425,390 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\CRACOVII CHWAŁA.mp3
[2010-05-06 14:07:51 | 001,539,117 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\zwała.jpg
[2010-05-05 23:03:18 | 045,216,806 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Ireneusz Krosny-Matura.avi
[2010-05-03 20:38:30 | 000,040,246 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\slajder.jpg
[2010-05-02 20:10:17 | 000,001,016 | RHS- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\ntuser.pol
[2010-05-02 19:46:45 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\Gadu-Gadu 10.lnk
[2010-05-02 13:16:06 | 000,095,814 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Moje dokumenty\demotywatory.JPG
[2010-05-01 11:24:02 | 000,182,024 | ---- | C] () -- C:\WINDOWS\System32\nvdspeng.chm
[2010-05-01 11:24:02 | 000,055,103 | ---- | C] () -- C:\WINDOWS\System32\nvmobeng.chm
[2010-05-01 10:51:05 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010-04-29 22:08:30 | 000,009,801 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\index.html
[2010-04-26 11:53:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-23 16:19:36 | 008,553,302 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\qbaq 123.mp3
[2010-04-20 20:36:47 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\QBAQ.QBAQ-1514A32D52\Pulpit\JDownloader.lnk
[2010-02-19 22:23:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-02-08 01:17:47 | 000,000,026 | ---- | C] () -- C:\WINDOWS\neosetup.INI
[2009-11-30 19:30:00 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2009-11-30 19:10:41 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-11-26 20:06:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-11-25 11:36:27 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-11-25 10:37:28 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009-11-25 10:37:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009-11-25 10:37:25 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2009-11-25 10:37:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009-11-25 10:37:19 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2009-11-25 10:36:07 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009-11-25 10:36:06 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\denoise.sys
[2009-11-25 10:29:30 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2009-11-25 10:29:30 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2009-11-25 10:10:13 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-05-19 00:35:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-05-19 00:35:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-05-19 00:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-05-19 00:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-05-19 00:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-05-19 00:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
< End of report >
OTL Extras logfile created on: 2010-05-20 13:26:11 - Run 5
OTL by OldTimer - Version 3.2.4.1 Folder = D:\Pobranie z Mozilla Firefox
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 573,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 5,42 Gb Free Space | 36,99% Space Free | Partition Type: NTFS
Drive D: | 59,87 Gb Total Space | 23,75 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 1,89 Gb Total Space | 0,18 Gb Free Space | 9,31% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: QBAQ-1514A32D52
Current User Name: QBAQ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\PROGRAMY\Microsoft Office 2003™\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Disabled:Football Manager 2008 -- File not found
"D:\GRY\FM08\fm.exe" = D:\GRY\FM08\fm.exe:*:Disabled:Football Manager 2008 -- (Sports Interactive)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Disabled:Pro Evolution Soccer 2009 -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\PROGRAMY\Torrent\BitTorrent\bittorrent.exe" = D:\PROGRAMY\Torrent\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Disabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe" = D:\PROGRAMY\Sterownik do Bluetootha\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"D:\PROGRAMY\Voip\VoipDiscount\voipdiscount.exe" = D:\PROGRAMY\Voip\VoipDiscount\voipdiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{70AB1576-7883-2313-C650-7A71270B1045}" = Nero 7 Ultra Edition
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6CB9620-444F-4B8B-B088-C2BD3FD0A587}_is1" = Counter-Strike 1.6 V42 No-Steam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.2 - Polish
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"avast!" = avast! Antivirus
"Carom3D" = Carom3D
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"FL Studio 9" = FL Studio 9
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Football Manager 2008" = Football Manager 2008
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameDesire-Poker" = GameDesire-Poker
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"Incomedia WebSite X5 v8 - Smart" = Incomedia WebSite X5 v8 - Smart
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"ipla" = ipla 2.1.3
"IrfanView" = IrfanView (remove only)
"iZotope Ozone 4_is1" = iZotope Ozone 4
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Kwyshell MidpX Emulator Package" = Kwyshell MidpX Emulator Package 1.3.1
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MPPL 08" = MPPL 08
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"PoiZone" = PoiZone
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Sawer" = Sawer
"SopCast" = SopCast 3.2.8
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"VoipDiscount_is1" = VoipDiscount
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoneAlarm Pro" = ZoneAlarm Pro
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Antivirus Events ]
Error - 2010-04-05 12:31:31 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Thunderbird\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:11 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:13 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\PROGRAMY\Adobe Reader\Reader\browser\nppdf32.dll failed, 0000001E.
Error - 2010-04-05 17:46:15 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Mozilla Thunderbird\plugins\nppdf32.dll failed, 0000001E.
Error - 2010-04-06 06:28:29 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\inetcpl.cpl failed, 0000001E.
Error - 2010-04-06 14:30:53 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: Aavm: FetchGlobalCounters cannot open mapping
- server DOWN???, 00000002.
Error - 2010-04-08 04:12:29 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\PROGRAMY\Gadu-Gadu\Nowe Gadu-Gadu\imageformats\qjpeg4.dll failed, 0000001E.
Error - 2010-04-13 11:38:46 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://r12.filemashine.com/download25/7bfd8f806961_vl5qfxzl77o8if7v/12768/filemashine.com/MSTS-CD1.iso
failed, 00000084.
Error - 2010-04-13 11:40:07 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://r12.filemashine.com/download25/7bfd8f806961_5vovf8r6dt8o3rwb/12768/filemashine.com/MSTS-CD1.iso
failed, 00000084.
Error - 2010-05-20 07:28:01 | Computer Name = QBAQ-1514A32D52 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\System32\inetcpl.cpl failed, 0000001E.
[ Application Events ]
Error - 2010-05-16 08:50:16 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 09:08:43 | Computer Name = QBAQ-1514A32D52 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd wmplayer.exe, wersja 10.0.0.3802, moduł
powodujący błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x00011a0a.
Error - 2010-05-16 09:47:05 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 10:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 11:50:14 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 12:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 13:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 14:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 15:50:15 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
Error - 2010-05-16 16:50:16 | Computer Name = QBAQ-1514A32D52 | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 2010-05-20 07:03:55 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7034
Description = Usługa Performance Service niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2010-05-20 07:03:55 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7034
Description = Usługa avast! Antivirus niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2010-05-20 07:03:55 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7034
Description = Usługa TrueVector Internet Monitor niespodziewanie zakończyła pracę.
Wystąpiło to razy: 1.
Error - 2010-05-20 07:03:56 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
Error - 2010-05-20 07:04:43 | Computer Name = QBAQ-1514A32D52 | Source = SRService | ID = 104
Description = Proces inicjalizacji Przywracania systemu nie powiódł się.
Error - 2010-05-20 07:04:43 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7023
Description = Usługa Usługa przywracania systemu zakończyła działanie; wystąpił
następujący błąd: %%2
Error - 2010-05-20 07:10:37 | Computer Name = QBAQ-1514A32D52 | Source = SRService | ID = 104
Description = Proces inicjalizacji Przywracania systemu nie powiódł się.
Error - 2010-05-20 07:12:12 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu: %%1058
Error - 2010-05-20 07:12:12 | Computer Name = QBAQ-1514A32D52 | Source = Service Control Manager | ID = 7023
Description = Usługa Usługa przywracania systemu zakończyła działanie; wystąpił
następujący błąd: %%2
Error - 2010-05-20 07:28:01 | Computer Name = QBAQ-1514A32D52 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.
< End of report >Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 21 gości