Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Rootkit/malvare-gen (nie można odnalezc okreslonego pliku) • programosy.pl
Aktualizacje na programosy.pl: PDF ShaperArgus MonitorAngry IP Scannerungoogled-chromiumQimageYT DownloaderChromiumKaspersky Rescue DiskVim  

  • Ogłoszenie:

Rootkit/malvare-gen (nie można odnalezc okreslonego pliku)

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Rootkit/malvare-gen (nie można odnalezc okreslonego pliku)

Postprzez slucik 30 Paź 2011, 14:01

reklama
Jakos sie stało ze komputer rodziców przez dłuższy czas nie posiadał zainstalowanego antyvirusa. Po zainstalowaniu Avast, wykrył dość znaczna ilosc wirusów/robakow typu rootkit/Malvare-gen. Oczywiście czesc z nich zostala od razu usunieta, ale częsc nie zostala usunieta i znajduje sie przy nich dopisek : Błąd Nie mozna odnalezc okreslonego pliku.
Objawy to : powolne uruchamianie systemu, od razu po wlaczeniu odpalaja sie 2 okna Moje dokumenty


Log GMER :

http://www.wklej.org/id/617027/

LOG OTL Extras

Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-10-30 12:49:53 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 363,27 Mb Available Physical Memory | 35,49% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,33% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 6,22 Gb Free Space | 31,86% Space Free | Partition Type: NTFS
Drive D: | 27,44 Gb Total Space | 6,84 Gb Free Space | 24,92% Space Free | Partition Type: NTFS
Drive E: | 27,55 Gb Total Space | 10,97 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Drive H: | 245,72 Mb Total Space | 241,77 Mb Free Space | 98,39% Space Free | Partition Type: FAT

Computer Name: MX8PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()

[HKEY_USERS\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"10113:TCP" = 10113:TCP:*:Enabled:BitComet 10113 TCP
"10113:UDP" = 10113:UDP:*:Enabled:BitComet 10113 UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Cs 1.6\hl.exe" = D:\Cs 1.6\hl.exe:*:Enabled:Half-Life Launcher
"D:\Cs 1.6\hlds.exe" = D:\Cs 1.6\hlds.exe:*:Enabled:HLDS Launcher
"D:\Cs 1.6\hltv.exe" = D:\Cs 1.6\hltv.exe:*:Enabled:HLTV Launcher
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny
"E:\CS 1.6\cstrike.exe" = E:\CS 1.6\cstrike.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\AudioConverter_Setup.exe" = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\AudioConverter_Setup.exe:*:Enabled:Audio Converter
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"E:\Age of Empires II - The Age of Kings PL\Age of Empires 2\empires2.EXE" = E:\Age of Empires II - The Age of Kings PL\Age of Empires 2\empires2.EXE:*:Enabled:Age of Empires II
"D:\Instalki\PDFConverterSetup.exe" = D:\Instalki\PDFConverterSetup.exe:*:Enabled:InstallCore™
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher
"E:\AC-BroherHood\ACBMP.exe" = E:\AC-BroherHood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"E:\Sacred Underworld\Sacred.exe" = E:\Sacred Underworld\Sacred.exe:*:Enabled:Sacred -- (studio II Software)
"E:\Sacred Underworld\gameserver.exe" = E:\Sacred Underworld\gameserver.exe:*:Enabled:Sacred Gameserver -- (Ascaron Entertainment GmbH)
"D:\COD2\CoD2MP_s.exe" = D:\COD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{0B9E0BD1-328D-415C-80A5-6B0028F0C104}" = Call of Duty(R) 2 Patch 1.2
"{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor
"{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{2ED60C17-4568-4CD5-830A-03C4688B09A1}" = Sagem Wi-Fi 11g USB adapter (driver)
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CD5832D-13D9-4751-8B22-3A7D3F4ACA42}" = Quake Live Mozilla Plugin
"{40034B11-149E-4310-AE89-BB575B02525B}" = LG Internet Kit
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88C68165-3C92-11D5-B95D-00E07D97B508}" = Evil Islands
"{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}" = Garena
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}" = Sagem Wi-Fi 11g USB adapter (utility)
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABC62001-AD9F-46DB-8668-9946154D6A07}" = AMD Athlon 64 Processor Driver
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinstalowuj LG PC Suite III
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp
"{FF8500E6-EA0D-11D7-8755-0080C8F92A32}" = ABIT uGuru
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALLPlayer_is1" = ALLPlayer V4.X
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"BearShare" = BearShare
"BitComet" = BitComet 0.82
"CCleaner" = CCleaner (remove only)
"Chicken Invaders 3_is1" = Chicken Invaders 3
"Gadu-Gadu 10" = Gadu-Gadu 10
"Garena" = Garena 2010
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Image Zone 4.2
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer cenzura! Program 7.0
"InstallShield_{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 pl)" = Mozilla Firefox 7.0.1 (x86 pl)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Pharaoh" = Faraon
"Picasa 3" = Picasa 3
"PROPLUS" = Microsoft Office Professional Plus 2007
"Sacred Underworld_is1" = Sacred Underworld
"ThiefDeinstallKey" = Thief:The Dark Project
"Total Video Converter 3.11_is1" = Total Video Converter 3.11
"Unlocker" = Unlocker 1.9.1
"Winamp" = Winamp (remove only)
"Windows Sidebar" = Windows Sidebar
"WinRAR archiver" = Archiwizator WinRAR
"Worms Armageddon - New Edition" = Worms Armageddon - New Edition
"xvid" = XviD MPEG-4 Video Codec

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-06-30 13:15:10 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-06-30 13:23:21 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-07-26 14:05:07 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-07-26 14:15:29 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-07-27 07:46:08 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-08-09 10:59:21 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-08-21 02:42:18 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-08-30 16:27:08 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 2000
Description =

Error - 2011-09-01 14:18:26 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 1000
Description =

Error - 2011-09-09 10:32:11 | Computer Name = MX8PC | Source = Microsoft Office 11 | ID = 2000
Description =

[ System Events ]
Error - 2011-10-29 12:08:07 | Computer Name = MX8PC | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi
SENS z argumentami „”  w celu uruchomienia serwera:  {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 2011-10-29 12:08:07 | Computer Name = MX8PC | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi
EventSystem z argumentami „”  w celu uruchomienia serwera:  {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-10-29 12:08:07 | Computer Name = MX8PC | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi
netman z argumentami „”  w celu uruchomienia serwera:  {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2011-10-29 12:08:07 | Computer Name = MX8PC | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%1055” podczas próby uruchomienia usługi
winmgmt z argumentami „”  w celu uruchomienia serwera:  {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 2011-10-29 12:08:23 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7009
Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się
z usługą Bufor wydruku.

Error - 2011-10-29 12:08:23 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Bufor wydruku z powodu następującego błędu:
   %%1053

Error - 2011-10-29 12:08:23 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-10-30 05:01:25 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-10-30 05:06:27 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2

Error - 2011-10-30 05:34:09 | Computer Name = MX8PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa bramy warstwy aplikacji z powodu
następującego błędu:   %%2


< End of report >


LOG OTL - otl
Kod: Zaznacz wszystko
OTL logfile created on: 2011-10-30 12:49:53 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 363,27 Mb Available Physical Memory | 35,49% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,33% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 6,22 Gb Free Space | 31,86% Space Free | Partition Type: NTFS
Drive D: | 27,44 Gb Total Space | 6,84 Gb Free Space | 24,92% Space Free | Partition Type: NTFS
Drive E: | 27,55 Gb Total Space | 10,97 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Drive H: | 245,72 Mb Total Space | 241,77 Mb Free Space | 98,39% Space Free | Partition Type: FAT

Computer Name: MX8PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-10-27 21:54:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2011-10-07 21:07:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-09-06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-09-06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009-06-27 16:16:26 | 001,266,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-03-18 23:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2007-01-16 12:42:20 | 000,950,272 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
PRC - [2006-10-25 06:37:54 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2005-03-24 14:20:30 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005-01-11 15:21:26 | 001,695,830 | ---- | M] (ABIT Computer Corporation) -- C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
PRC - [2004-08-13 16:42:36 | 000,229,376 | ---- | M] (ABIT Computer Corp.) -- C:\Program Files\ABIT\ABIT uGuru\uGuru_Event_Receiver.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011-10-29 19:39:26 | 001,603,072 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102901\algo.dll
MOD - [2011-10-29 19:21:15 | 000,239,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102901\aswRep.dll
MOD - [2011-10-07 21:07:56 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010-07-29 17:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Total Video Converter\TVCShellExt.dll
MOD - [2009-02-03 03:15:28 | 003,771,296 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2007-03-18 23:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
MOD - [2007-03-18 23:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2007-01-16 12:52:18 | 000,212,992 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\dot1x_dll.dll
MOD - [2007-01-16 12:52:18 | 000,045,056 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\ZDWlan.dll
MOD - [2006-10-25 06:37:54 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
MOD - [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005-10-20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005-10-20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] --  -- (NMSAccess)
SRV - File not found [On_Demand | Stopped] --  -- (ALG)
SRV - [2011-09-06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007-08-09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-09-06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-09-06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-09-06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-09-06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-09-06 21:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-09-06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-09-06 21:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-06-24 16:21:28 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-08-30 09:00:03 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-08-30 09:00:03 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-11-12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-09-29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009-09-29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009-09-29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009-07-05 01:19:05 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-11-19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008-11-19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008-11-19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007-10-23 16:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007-01-29 16:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2007-01-23 00:26:30 | 000,017,264 | ---- | M] (FSPro Labs) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HFXP2.SYS -- (HFXP2)
DRV - [2007-01-16 12:52:20 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2007-01-10 09:14:34 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2006-06-14 12:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2005-10-13 14:46:08 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005-03-25 08:04:40 | 002,314,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-02-24 10:04:58 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-02-24 10:04:56 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-02-11 11:11:32 | 000,016,640 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvcchflt.sys -- (nvcchflt)
DRV - [2005-02-11 11:11:02 | 000,089,856 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004-08-04 12:56:40 | 000,010,752 | ---- | M] (ABIT Computer Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\uGuru.sys -- (uGuru)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{7D476054-4FB1-4271-8867-231D2C37EC65}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161
IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found
IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/firefox?client=firefox-a&rls=org.mozilla:pl:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ce18769b-c7fa-42d2-860d-17c4662c70ad}:3.3.3.2
FF - prefs.js..extensions.enabledItems: gb@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.3.3.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-09 10:50:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-10-07 21:07:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-29 08:44:11 | 000,000,000 | ---D | M]

[2010-07-31 19:57:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2011-10-09 12:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\extensions
[2011-07-08 11:03:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\extensions\engine@conduit.com
[2010-09-28 19:16:35 | 000,000,000 | ---D | M] (GameBox) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\extensions\gb@toolbar
[2011-05-25 15:16:04 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\searchplugins\conduit.xml
[2011-01-27 20:28:37 | 000,002,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\searchplugins\search.xml
[2011-10-30 10:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-10-09 10:50:16 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010-07-31 19:29:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-10-07 21:07:57 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-07 21:07:53 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-03-27 18:38:10 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-10-07 21:07:53 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-07 21:07:53 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-07 21:07:53 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-07 21:07:53 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-07 21:07:53 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.202\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U14 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2010-08-04 19:45:11 | 000,000,884 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 78.46.17.80 l2authd.lineage2.com
O1 - Hosts: 78.46.17.80 l2patcher.lineage2.com
O1 - Hosts: 216.107.250.194 nProtect.lineage2.com
O1 - Hosts: 78.46.17.80 nProtect.lineage2.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found.
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O3 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe (ABIT Computer Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GuruClock] C:\Program Files\ABIT\ABIT uGuru\GuruClock.exe (ABIT Computer Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-18..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-20..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [dso32] C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\dsoqq.exe File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [King_ar] C:\WINDOWS\system32\arking.exe File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [TransBar] C:\WINDOWS\TransBar.exe (AKSoftware)
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [wsctf.exe] wsctf.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links using BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Download all videos using BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Download link using &BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1E76ABA-DF9F-4AF4-B990-A6B1AE02A3CB}: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\BricoPack Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-31 19:28:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1a916ace-a7df-11df-9534-0060b33e9936}\Shell - "" = AutoRun
O33 - MountPoints2\{1a916ace-a7df-11df-9534-0060b33e9936}\Shell\AutoRun\command - "" = H:\USBAutoRun.exe
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- [2006-10-25 06:32:36 | 000,036,864 | RHS- | M] ()
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\explore\Command - "" = H:\EXPLORER.EXE
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\open\Command - "" = H:\EXPLORER.EXE
O33 - MountPoints2\{c0d63b0a-a18b-11e0-97e5-0060b33e9936}\Shell\AutoRun\command - "" = H:\09lf.exe -- [2010-06-23 12:40:14 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\{c0d63b0a-a18b-11e0-97e5-0060b33e9936}\Shell\open\Command - "" = H:\09lf.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-10-30 11:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Unlocker
[2011-10-30 11:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011-10-30 10:45:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-10-30 10:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Youtube-wrzuta
[2011-10-30 10:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\meldunki tygodniowe
[2011-10-30 10:01:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Recent
[2011-10-22 08:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP Product Assistant
[2011-10-22 08:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\HpUpdate
[2011-10-22 08:08:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2011-10-18 20:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\small photos
[2011-10-16 10:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2011-10-10 20:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011-10-09 10:51:33 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-10-09 10:51:33 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-10-09 10:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2011-10-09 10:51:31 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-10-09 10:51:31 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-10-09 10:51:30 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-10-09 10:51:30 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-10-09 10:51:30 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-10-09 10:51:30 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-10-09 10:50:07 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-10-09 10:50:06 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-10-09 10:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-10-09 10:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2004-07-09 03:08:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004-07-09 03:08:34 | 002,242,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004-07-09 02:03:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[8 C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Administrator\Pulpit\*.tmp files -> C:\Documents and Settings\Administrator\Pulpit\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-10-30 11:56:01 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1364589140-1801674531-500UA.job
[2011-10-30 11:56:01 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1364589140-1801674531-500Core.job
[2011-10-30 10:32:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-10-30 10:06:54 | 000,500,802 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-10-30 10:06:54 | 000,441,654 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-10-30 10:06:54 | 000,088,500 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-10-30 10:06:54 | 000,070,770 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-10-27 20:51:01 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-10-19 19:43:54 | 003,308,642 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\DSCF5383.JPG
[2011-10-19 19:42:50 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\DSCF5383.JPG
[2011-10-14 18:22:22 | 000,000,122 | ---- | M] () -- C:\WINDOWS\WA.INI
[2011-10-09 10:51:33 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-10-09 10:51:30 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-10-05 19:53:52 | 000,002,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Google Chrome.lnk
[8 C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Administrator\Moje dokumenty\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Administrator\Pulpit\*.tmp files -> C:\Documents and Settings\Administrator\Pulpit\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-10-19 19:42:53 | 003,308,642 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\DSCF5383.JPG
[2011-10-19 19:42:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\DSCF5383.JPG
[2011-10-14 18:22:22 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2011-10-09 10:51:33 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2011-09-04 11:15:17 | 000,103,511 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011-09-04 11:15:17 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011-08-29 09:59:23 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc
[2011-08-06 12:34:10 | 000,000,169 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2011-06-28 14:56:48 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011-06-24 19:25:40 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-06-16 20:07:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2011-06-02 20:02:53 | 000,050,994 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\room_v3.dat
[2011-05-04 20:33:47 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\room.dat
[2011-04-10 13:42:39 | 001,559,606 | ---- | C] () -- C:\WINDOWS\WANEUninstaller.exe
[2011-04-02 06:57:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011-03-28 20:59:20 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2011-03-27 18:38:30 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011-03-27 12:27:36 | 000,120,253 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2011-03-27 12:27:36 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2011-03-27 12:22:31 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2011-03-26 08:18:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-02-18 20:51:44 | 000,000,311 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010-11-11 21:51:39 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010-11-06 10:37:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-09-10 17:33:09 | 000,000,163 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010-09-10 17:32:56 | 000,001,302 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ss.ini
[2010-08-30 09:00:03 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-08-30 09:00:03 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-08-04 12:56:49 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-01 16:03:25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010-08-01 16:00:23 | 000,120,253 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010-08-01 15:52:52 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-08-01 15:52:48 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010-08-01 15:52:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-07-31 21:22:48 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-07-31 21:22:35 | 000,394,560 | ---- | C] () -- C:\WINDOWS\NOTEPAD.EXE
[2010-07-31 21:21:48 | 000,286,904 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-31 20:29:09 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
[2010-07-31 20:25:47 | 000,023,612 | ---- | C] () -- C:\WINDOWS\System32\FlashMenu.sys
[2010-07-31 20:25:47 | 000,005,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\HWDRV.SYS
[2010-07-31 20:25:47 | 000,005,018 | ---- | C] () -- C:\WINDOWS\System32\drivers\HWIOCTL.SYS
[2010-07-31 20:25:47 | 000,004,047 | ---- | C] () -- C:\WINDOWS\System32\drivers\MEMCTL.SYS
[2010-07-31 20:25:47 | 000,003,548 | ---- | C] () -- C:\WINDOWS\System32\WINFLASH.SYS
[2010-07-31 20:25:47 | 000,003,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINFLASH.SYS
[2010-07-31 20:25:47 | 000,002,721 | ---- | C] () -- C:\WINDOWS\System32\drivers\AMINTSYS.SYS
[2010-07-31 19:57:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-07-31 19:36:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-07-31 19:32:51 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-07-31 19:29:56 | 000,000,047 | ---- | C] () -- C:\WINDOWS\TransBar.ini
[2010-07-31 19:28:50 | 000,652,287 | ---- | C] () -- C:\WINDOWS\Nowe_konto.exe
[2010-07-31 19:26:46 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-07-05 17:59:43 | 000,000,861 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009-06-21 23:40:23 | 000,394,560 | ---- | C] () -- C:\WINDOWS\System32\notepad.exe
[2008-04-15 00:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-01-08 18:53:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-01-08 18:53:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008-01-08 18:53:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-01-08 18:53:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008-01-08 18:53:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-01-08 18:53:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-01-08 18:53:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008-01-08 18:53:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-01-08 18:53:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-03-20 16:16:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ASDR.exe
[2006-12-31 10:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-11-18 00:41:58 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\MODIFYPE.EXE
[2006-05-05 11:57:37 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2004-10-11 10:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2004-07-22 09:51:34 | 003,432,656 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004-07-19 21:58:36 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004-07-19 21:53:26 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004-07-09 13:17:16 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2004-07-09 08:13:48 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004-07-09 08:13:46 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2001-10-26 19:15:16 | 000,500,802 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 19:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 19:15:16 | 000,088,500 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 19:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-18 00:30:24 | 000,441,654 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-18 00:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-18 00:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-18 00:30:22 | 000,070,770 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-18 00:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 01:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 01:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-07 02:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-27 20:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BabylonToolbar
[2011-06-28 14:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Canneverbe Limited
[2011-02-18 17:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite
[2010-07-31 19:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Foxit
[2011-06-07 17:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10
[2010-11-11 21:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\id Software
[2011-10-09 16:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Image Zone Express
[2011-02-21 18:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\LG Electronics
[2011-02-17 13:37:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM
[2011-05-13 14:03:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PriceGong
[2011-04-02 18:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PunkBuster
[2011-10-29 11:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SolidDocuments
[2011-06-30 17:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thinstall
[2011-01-29 13:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Toolbar4
[2011-07-06 16:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TS3Client
[2011-04-16 23:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
[2011-02-21 18:53:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011-05-02 16:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\22222
[2010-11-17 20:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-10-09 10:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2010-08-30 16:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BearShare
[2011-06-28 14:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2011-02-18 16:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-09-10 17:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeRIP
[2010-07-31 19:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-11-11 21:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\id Software
[2011-01-17 19:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2011-02-17 15:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-08-06 12:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SolidDocuments
[2011-07-09 15:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-08-30 16:41:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{37490DE3-F7B0-4FFB-ACAD-E9674CA2AD24}
[2010-07-31 19:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\Foxit

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
slucik
~user
 
Posty: 1
Dołączenie: 30 Paź 2011, 11:47


Góra

Rootkit/malvare-gen (nie można odnalezc okreslonego pliku)

Postprzez wojtas 30 Paź 2011, 16:31

DRV - [2010-08-30 09:00:03 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-08-30 09:00:03 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)


czy na pewno odinstalowałeś wszystkie programy emulujące bo te wpisy ^^ są od nich i zakłócają pracę Gmera

odinstaluj : BearShare

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161
IE - HKU\S-1-5-21-299502267-1364589140-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161
FF - prefs.js..extensions.enabledItems: gb@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
[2011-07-08 11:03:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\extensions\engine@conduit.com
[2010-09-28 19:16:35 | 000,000,000 | ---D | M] (GameBox) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\extensions\gb@toolbar
[2011-05-25 15:16:04 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\searchplugins\conduit.xml
[2011-01-27 20:28:37 | 000,002,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iwnn1idt.default\searchplugins\search.xml
[2011-03-27 18:38:10 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a8f187f10000000000000060b33e9936&tlver=1.4.19.19&affID=17161
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O3 - HKU\S-1-5-21-299502267-1364589140-1801674531-500\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [dso32] C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\dsoqq.exe File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [EXPLORER.EXE] C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [wsctf.exe] wsctf.exe File not found
O4 - HKU\S-1-5-21-299502267-1364589140-1801674531-500..\Run: [King_ar] C:\WINDOWS\system32\arking.exe File not found
O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- [2006-10-25 06:32:36 | 000,036,864 | RHS- | M] ()
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\explore\Command - "" = H:\EXPLORER.EXE
O33 - MountPoints2\{860f82e4-10de-11e0-962d-0060b33e9936}\Shell\open\Command - "" = H:\EXPLORER.EXE
O33 - MountPoints2\{c0d63b0a-a18b-11e0-97e5-0060b33e9936}\Shell\AutoRun\command - "" = H:\09lf.exe -- [2010-06-23 12:40:14 | 000,117,248 | RHS- | M] ()
O33 - MountPoints2\{c0d63b0a-a18b-11e0-97e5-0060b33e9936}\Shell\open\Command - "" = H:\09lf.exe
[2011-03-27 20:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\BabylonToolbar
[2011-01-29 13:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Toolbar4

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"UserInit"=-
"Userinit"="C:\WINDOWS\system32\userinit.exe,"

:Commands
[emptytemp]
[emptyflash]



Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).

Przy podpiętym urządzeniu przenośnym (pendrive, telefon - to co jest podłączane do komputera) , uruchom USBFIX z opcji Listing i pokaż raport na forum.

daj log z Ad Remover ( opcja Skan )
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 11 gości

Powered by phpBB © Group
Forum Programosy.pl