Winamp/media player sam się uruchamia

[tictac_1986]

Witam!

Mój problem wygląda następująco:

Podczas normalnej pracy na komputerze, sam uruchamia mi się WinAmp. Po usunięciu go z dysku włącza się Media Player.
Nie jest to problem przypisania jakiegoś klawisza pod odtwarzacz muzyki, gdyż potrafi się sam uruchomić mimo, że przy klawiaturze nic się nie robi. Faktem jest, że najczęściej włącza się podczas pisania, ale tak jak pisałem wyżej - mogę zostawić komputer włączony na kilka minut i po pewnym czasie WinAmp się uruchomi.

Kod: Zaznacz wszystko

Plik LOG z HiJackFree4.0
Zapisz skan na: 10:49:07, na 2010-07-09
Platforma: Windows XP Dodatek Service Pack 3 (Windows NT 5.1.2600)
MSIE: Internet Explorer v 8.0 Dodatek Service Pack 3 (8.0.6001.18702)

Uruchomione procesy:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Emsisoft HiJackFree\a2hijackfree.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Domyślny) = http://www.google.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc%
O4 - HKLM\..\Run: [WinGuard Pro]
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKLM\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O7 - Regedit - Włączone
O8 - Wpisy dodatkowego menu kontekstowego: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Wpisy dodatkowego menu kontekstowego: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra "Tools" menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBAR.ICO
O14 - IERESET.INF: START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
O14 - IERESET.INF: SEARCH_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
O14 - IERESET.INF: MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
O15 - Bezpieczna strefa: http://asia.msi.com.tw
O15 - Bezpieczna strefa: http://global.msi.com.tw
O15 - Bezpieczna strefa: http://www.msi.com.tw
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\System32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll
O21 - ShellServiceObjectDelayLoad: PostBootReminder -
O21 - ShellServiceObjectDelayLoad: CDBurn -
O21 - ShellServiceObjectDelayLoad: WebCheck -
O21 - ShellServiceObjectDelayLoad: SysTray -
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll
O23 - Usługa: Urządzenie alarmowe - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usługa bramy warstwy aplikacji - C:\WINDOWS\System32\alg.exe
O23 - Usługa: Zarządzanie aplikacjami - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usuga stanu ASP.NET - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
O23 - Usługa: Windows Audio - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: AVG Free WatchDog - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Usługa: Usługa inteligentnego transferu w tle - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Przeglądarka komputera - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usługa indeksowania - C:\WINDOWS\system32\cisvc.exe
O23 - Usługa: ClipBook - C:\WINDOWS\system32\clipsrv.exe
O23 - Usługa: .NET Runtime Optimization Service v2.0.50727_X86 - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Usługa: Aplikacja systemowa modelu COM+ - C:\WINDOWS\system32\dllhost.exe
O23 - Usługa: Usługi kryptograficzne - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Program uruchamiający proces serwera DCOM - C:\WINDOWS\system32\svchost
O23 - Usługa: Klient DHCP - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usługa administracyjna Menedżera dysków logicznych - C:\WINDOWS\System32\dmadmin.exe
O23 - Usługa: Menedżer dysków logicznych - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Klient DNS - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Automatyczna konfiguracja sieci przewodowej - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługa protokołu uwierzytelniania rozszerzonego (EAP) - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługa raportowania błędów - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Dziennik zdarzeń - C:\WINDOWS\system32\services.exe
O23 - Usługa: System zdarzeń COM+ - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Zgodność szybkiego przełączania użytkowników - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Windows Presentation Foundation Font Cache 3.0.0.0 - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
O23 - Usługa: getPlus(R) Helper - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Google Updater Service - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Usługa: Pomoc i obsługa techniczna - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: HID Input Service - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługa zarządzania kluczami i certyfikatami kondycji - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: HTTP SSL - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Windows CardSpace - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Usługa: Usługa COM nagrywania dysków CD IMAPI - C:\WINDOWS\system32\imapi.exe
O23 - Usługa: Java Quick Starter - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Usługa: Serwer - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Stacja robocza - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Pomoc TCP/IP NetBIOS - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: McAfee Security Scan Component Host Service - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Usługa: Posłaniec - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Microsoft Office Groove Audit Service - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Usługa: NetMeeting Remote Desktop Sharing - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Usługa: Distributed Transaction Coordinator - C:\WINDOWS\system32\msdtc.exe
O23 - Usługa: Instalator Windows - C:\WINDOWS\system32\msiexec.exe
O23 - Usługa: Agent ochrony dostępu do sieci - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: DDE sieci - C:\WINDOWS\system32\netdde.exe
O23 - Usługa: DSDM DDE sieci - C:\WINDOWS\system32\netdde.exe
O23 - Usługa: Logowanie do sieci - C:\WINDOWS\system32\lsass.exe
O23 - Usługa: Połączenia sieciowe - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługa udostępniania portów Net.Tcp - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Usługa: Rozpoznawanie lokalizacji w sieci (NLA) - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: NMSAccessU - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Usługa: Usługa NT LM Security Support Provider - C:\WINDOWS\system32\lsass.exe
O23 - Usługa: Magazyn wymienny - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: NVIDIA Display Driver Service - C:\WINDOWS\system32\nvsvc32.exe
O23 - Usługa: Microsoft Office Diagnostics Service - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Usługa: Office Source Engine - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Usługa: Plug and Play - C:\WINDOWS\system32\services.exe
O23 - Usługa: Usługi IPSEC - C:\WINDOWS\system32\lsass.exe
O23 - Usługa: Magazyn chroniony - C:\WINDOWS\system32\lsass.exe
O23 - Usługa: Menedżer autopołączenia dostępu zdalnego - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Menedżer połączeń usługi Dostęp zdalny - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Menedżer sesji pomocy pulpitu zdalnego - C:\WINDOWS\system32\sessmgr.exe
O23 - Usługa: Routing i dostęp zdalny - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Rejestr zdalny - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Lokalizator usługi zdalnego wywołania procedury (RPC) - C:\WINDOWS\system32\locator.exe
O23 - Usługa: Zdalne wywoływanie procedur (RPC) - C:\WINDOWS\system32\svchost
O23 - Usługa: QoS RSVP - C:\WINDOWS\system32\rsvp.exe
O23 - Usługa: Menedżer kont zabezpieczeń - C:\WINDOWS\system32\lsass.exe
O23 - Usługa: Karta inteligentna - C:\WINDOWS\System32\SCardSvr.exe
O23 - Usługa: Harmonogram zadań - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Logowanie pomocnicze - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Zawiadomienie o zdarzeniu systemowym - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Zapora systemu Windows/Udostępnianie połączenia internetowego - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Wykrywanie sprzętu powłoki - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Bufor wydruku - C:\WINDOWS\system32\spoolsv.exe
O23 - Usługa: Usługa przywracania systemu - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usługa odnajdywania SSDP - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Windows Image Acquisition (WIA) - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: MS Software Shadow Copy Provider - C:\WINDOWS\system32\dllhost.exe
O23 - Usługa: Dzienniki wydajności i alerty - C:\WINDOWS\system32\smlogsvc.exe
O23 - Usługa: Telefonia - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługi terminalowe - C:\WINDOWS\System32\svchost
O23 - Usługa: Kompozycje - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Telnet - C:\WINDOWS\system32\tlntsvr.exe
O23 - Usługa: Klient śledzenia łączy rozproszonych - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Ulead Burning Helper - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Usługa: Windows User Mode Driver Framework - C:\WINDOWS\system32\wdfmgr.exe
O23 - Usługa: Host uniwersalnego urządzenia Plug and Play - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Zasilacz awaryjny (UPS) - C:\WINDOWS\System32\ups.exe
O23 - Usługa: Kopiowanie woluminów w tle - C:\WINDOWS\System32\vssvc.exe
O23 - Usługa: Usługa Czas systemu Windows - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: WebClient - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Instrumentacja zarządzania Windows - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Usługa numeru seryjnego multimediów przenośnych - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Rozszerzenia sterownika Instrumentacji zarządzania Windows - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Karta wydajności WMI - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Usługa: Centrum zabezpieczeń - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Aktualizacje automatyczne - C:\WINDOWS\system32\svchost.exe
O23 - Usługa: Konfiguracja zerowej sieci bezprzewodowej - C:\WINDOWS\System32\svchost.exe
O23 - Usługa: Usługa dostarczania sieci - C:\WINDOWS\System32\svchost.exe

Mam nadzieję, że dobrze zrobiłem ten Log, nigdy się w to nie bawiłem i nie bardzo wiem jak działa.

Uprzejmie proszę o pomoc i opisanie co mam zrobić i gdzie :-) żebym czegoś nie schrzanił...

Pozdrawiam,

Tomek.

[wojtas]

Proszę zastosować się do obowiązkowych zasad w dziale bezpieczeństwo wstaw odpowiednie logi...

[tictac_1986]

Oj, przepraszam...już się poprawiam:

OTL:

Kod: Zaznacz wszystko

OTL logfile created on: 2010-07-09 22:49:28 - Run 1
OTL by OldTimer - Version 3.2.8.1     Folder = C:\Documents and Settings\Tomuś\Pulpit\Pobrane
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 493,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 3,61 Gb Free Space | 24,65% Space Free | Partition Type: NTFS
Drive D: | 134,39 Gb Total Space | 95,90 Gb Free Space | 71,36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TRACER
Current User Name: Tomuś
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-07-09 22:47:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomuś\Pulpit\Pobrane\OTL.exe
PRC - [2010-06-28 12:11:55 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-02 19:13:47 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-06-02 19:13:45 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-06-02 19:13:44 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-06-02 19:13:40 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-06-02 19:13:38 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-03-16 15:40:24 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-07-13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008-08-26 06:13:05 | 000,536,576 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008-04-14 19:21:28 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004-06-09 15:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-07-09 22:47:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomuś\Pulpit\Pobrane\OTL.exe
MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010-03-16 15:40:24 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-07-13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- I:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010-06-02 19:13:46 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-06-02 19:13:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-03-16 15:39:50 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-11-12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-09-26 00:18:58 | 000,005,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\GPCIDrv.sys -- (GPCIDrv)
DRV - [2009-09-26 00:18:45 | 000,017,962 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2009-03-27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2008-04-13 20:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-01-24 03:25:21 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006-10-22 06:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-07-01 23:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-04-06 08:20:44 | 004,258,816 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-22 15:12:34 | 000,166,656 | ---- | M] (Compro Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880)
DRV - [2006-03-22 15:07:50 | 000,009,472 | ---- | M] (Compro Technology, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cxavsaud.sys -- (CXAVSAUD)
DRV - [2006-03-22 15:07:50 | 000,009,344 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR)
DRV - [2006-03-22 15:07:44 | 000,100,480 | ---- | M] (Compro Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE)
DRV - [2005-12-23 22:54:06 | 000,210,304 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\m5288.sys -- (m5288)
DRV - [2005-12-22 12:24:52 | 000,137,884 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005-12-22 12:24:52 | 000,010,864 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005-12-22 12:24:50 | 000,080,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005-03-22 14:36:40 | 000,028,672 | R--- | M] (ULi Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ULILAN51.SYS -- (ULI5261XP)
DRV - [2005-02-26 16:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b)
DRV - [2004-08-11 10:27:52 | 000,027,232 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2001-08-17 23:51:54 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-436374069-796845957-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-06-03 09:31:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-28 12:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-30 11:30:37 | 000,000,000 | ---D | M]

[2009-09-25 22:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Extensions
[2010-07-09 08:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\extensions
[2010-03-18 23:48:20 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010-06-29 22:30:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-11 12:33:14 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010-03-18 23:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\extensions\noia2_option@kk.noia
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Tomuś\Dane aplikacji\Mozilla\Firefox\Profiles\jij5z6ui.default\searchplugins\BearShareWebSearch.xml
[2010-07-09 08:46:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-15 11:57:28 | 000,980,480 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPPIRATE.dll
[2010-03-17 13:42:15 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010-03-17 13:42:15 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-17 13:42:15 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-17 13:42:15 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-17 13:42:15 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-17 13:42:15 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE %;USB\VID_0AC8&PID_0302.Dev File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [WinGuard Pro]  File not found
O4 - HKU\S-1-5-21-436374069-796845957-839522115-1003..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKU\S-1-5-21-436374069-796845957-839522115-1003\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-796845957-839522115-1003\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-796845957-839522115-1003\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.6.83
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-09-25 22:12:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-07-09 22:42:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tomuś\Recent
[2010-07-09 10:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft HiJackFree
[2010-07-09 10:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-07-09 10:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomuś\Dane aplikacji\OpenFM
[2010-07-07 22:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010-07-07 22:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-07-07 22:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Symantec
[2010-07-07 22:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[2010-07-07 21:45:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Winamp
[2010-07-07 21:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-07-06 19:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2010-07-06 19:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\Pykam.pl
[2010-06-16 23:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomuś\Pulpit\Ślub
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-07-09 22:47:31 | 061,808,162 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-07-09 22:42:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-09 22:42:41 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-09 22:42:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-09 22:42:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-09 12:06:20 | 004,980,736 | ---- | M] () -- C:\Documents and Settings\Tomuś\ntuser.dat
[2010-07-09 12:06:20 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Tomuś\ntuser.ini
[2010-07-09 11:06:31 | 000,034,349 | ---- | M] () -- C:\WINDOWS\System32\QuickTime.qtp
[2010-07-09 10:46:31 | 000,000,100 | ---- | M] () -- C:\index.ini
[2010-07-09 00:22:21 | 004,808,892 | -H-- | M] () -- C:\Documents and Settings\Tomuś\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-08 22:40:32 | 000,011,231 | ---- | M] () -- C:\Documents and Settings\Tomuś\Pulpit\Godziny Porto Fino - lipiec.xlsx
[2010-07-08 19:18:58 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-07 23:11:49 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Tomuś\Pulpit\Microsoft Office Word 2007.lnk
[2010-07-07 21:53:34 | 000,028,512 | ---- | M] () -- C:\Documents and Settings\Tomuś\Moje dokumenty\cc_20100707_215330.reg
[2010-07-07 17:42:41 | 000,029,954 | ---- | M] () -- C:\Documents and Settings\Tomuś\Moje dokumenty\cc_20100707_174238.reg
[2010-07-06 13:34:30 | 000,019,712 | ---- | M] () -- C:\Documents and Settings\Tomuś\Pulpit\Wydatki 2010.xlsx
[2010-06-30 21:04:25 | 000,088,870 | ---- | M] () -- C:\Documents and Settings\Tomuś\Pulpit\Grafik - lipiec 2010.xlsx
[2010-06-25 09:14:17 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\Tomuś\Pulpit\Microsoft Office Excel 2007.lnk
[2010-06-22 22:57:45 | 001,083,314 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-22 22:57:45 | 000,494,654 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-22 22:57:45 | 000,450,658 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-22 22:57:45 | 000,093,658 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-22 22:57:45 | 000,074,464 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-15 22:21:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt
[2010-06-09 22:55:00 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-09 10:46:31 | 000,000,100 | ---- | C] () -- C:\index.ini
[2010-07-07 21:53:31 | 000,028,512 | ---- | C] () -- C:\Documents and Settings\Tomuś\Moje dokumenty\cc_20100707_215330.reg
[2010-07-07 17:42:39 | 000,029,954 | ---- | C] () -- C:\Documents and Settings\Tomuś\Moje dokumenty\cc_20100707_174238.reg
[2010-07-04 09:50:24 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\Tomuś\ntuser.dat
[2010-06-30 21:04:25 | 000,088,870 | ---- | C] () -- C:\Documents and Settings\Tomuś\Pulpit\Grafik - lipiec 2010.xlsx
[2010-06-30 21:03:35 | 000,011,231 | ---- | C] () -- C:\Documents and Settings\Tomuś\Pulpit\Godziny Porto Fino - lipiec.xlsx
[2009-11-15 22:23:08 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-09-30 20:54:30 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\spd__l3.dll
[2009-09-30 20:54:29 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\DscPnt1.dll
[2009-09-30 20:54:29 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\DscPnt0.dll
[2009-09-30 20:54:29 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\DscPnt.dll
[2009-09-26 00:05:36 | 000,005,112 | ---- | C] () -- C:\WINDOWS\GPCIDrv.sys
[2009-09-25 23:31:54 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-09-25 23:28:47 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-09-25 23:27:46 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-09-25 22:38:34 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2009-09-25 22:36:34 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2009-09-25 22:36:34 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2009-09-25 22:36:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2009-09-25 22:36:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2009-09-25 22:23:55 | 000,017,962 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2008-02-01 08:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2006-10-22 06:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-22 06:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-22 06:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-22 06:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-22 06:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-22 06:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-22 06:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-07-07 21:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2009-10-18 08:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Avery
[2009-11-24 14:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-09-25 23:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-03-28 08:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-01-09 17:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-07-09 10:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-11-12 22:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\BearShareTb
[2009-09-30 10:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Bullzip
[2010-04-25 10:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Canneverbe Limited
[2009-10-02 09:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-02-28 19:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Design Science
[2010-03-28 08:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Gadu-Gadu 10
[2010-05-14 20:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\GanymedeNet
[2010-04-14 23:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\ipla
[2009-09-25 23:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Nowe Gadu-Gadu
[2010-07-09 10:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\OpenFM
[2009-09-30 15:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\PDFEditorSDK
[2009-12-15 21:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\Samsung
[2009-10-03 13:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomuś\Dane aplikacji\SmarThru4

[color=#E56717]========== Purity Check ==========[/color]


< End of report >

Extras:

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2010-07-09 22:49:28 - Run 1
OTL by OldTimer - Version 3.2.8.1     Folder = C:\Documents and Settings\Tomuś\Pulpit\Pobrane
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 493,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 3,61 Gb Free Space | 24,65% Space Free | Partition Type: NTFS
Drive D: | 134,39 Gb Total Space | 95,90 Gb Free Space | 71,36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TRACER
Current User Name: Tomuś
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-436374069-796845957-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\GIGABYTE\VGA Utility Manager\G-VGA.exe" = C:\Program Files\GIGABYTE\VGA Utility Manager\G-VGA.exe:*:Enabled:Menu -- ()
"C:\Program Files\GIGABYTE\VGA Utility Manager\gvupdate.exe" = C:\Program Files\GIGABYTE\VGA Utility Manager\gvupdate.exe:*:Enabled:gvupdate -- (GIGABYTE)
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\WINDOWS\system32\SUPDSvc.exe" = C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service -- (Samsung Electronics CO., LTD.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1FE5F8DF-755D-4E39-848A-154776182015}" = ComproPVR 2
"{21DAFB84-2421-488F-B17D-102FF53396AA}" = ComproDVD 2
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{5AE93605-35FA-40A7-B573-BA0D611E009C}" = Samsung PC Studio
"{5F739F79-450F-458C-BB8A-05AFA8A81E7E}" = GIGABYTE VGA Utility Manager
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F5EA215-9654-49cf-BAA1-ABDAB0D52C1A}" = Black Gold Teletext Pro
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0415-0000-0000000FF1CE}" = Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{9EA404D2-5A5E-4A44-94E3-B8B148F7BCBC}" = ComproFM 2
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D72601C5-3960-4093-8DC0-6A4C44553A56}" = VideoMate X-Series Driver
"{D95F0670-EBA8-46B2-8ABE-9DDA2BC3DC7E}" = Philips SPC315NC Webcam
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDC53DC6-137A-4541-BFA2-A9BAE4A7FE99}" = ULi Chipset Driver
"6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"AVG9Uninstall" = AVG Free 9.0
"BearShare" = BearShare
"bearsharetb" = MediaBar
"BySoft FreeRAM" = BySoft FreeRAM 4.0
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"DSMT6" = MathType 6
"Emsisoft HiJackFree_is1" = Emsisoft HiJackFree 4.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gadu-Gadu 10" = Gadu-Gadu 10
"ie8" = Windows Internet Explorer 8
"ipla" = ipla 2.1.1
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Basic)
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"Picasa 3" = Picasa 3
"QuickTime" = QuickTime
"RealAlt_is1" = Real Alternative 2.0.0
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung SCX-4200 Series" = Samsung SCX-4200 Series
"SkanerOnline" = Skaner on-line mks_vir
"ST6UNST #1" = MaXimus DVD Version 1.2
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2009-12-30 05:56:51 | Computer Name = TRACER | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.1.3622, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-01-11 18:47:36 | Computer Name = TRACER | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd allplayer.exe, wersja 4.1.6.5, moduł powodujący
błąd allplayer.exe, wersja 4.1.6.5, adres błędu 0x00006e75.

[ System Events ]
Error - 2010-07-07 02:55:14 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-07 07:15:12 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-07 11:44:00 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-07 15:47:08 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-07 16:23:09 | Computer Name = TRACER | Source = Service Control Manager | ID = 7031
Description = Usługa AVG Free WatchDog niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2010-07-07 16:50:35 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-08 02:14:49 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-08 13:18:42 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-09 02:35:27 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2

Error - 2010-07-09 16:42:46 | Computer Name = TRACER | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi SSPORT z powodu następującego błędu:   %%2


< End of report >

Gmer:

Kod: Zaznacz wszystko

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-09 22:48:44
Windows 5.1.2600 Dodatek Service Pack 3
Running: ji52rtyd.exe; Driver: C:\DOCUME~1\TOMU~1\USTAWI~1\Temp\uftdipog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Fastfat \Fat     fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \Driver\Tcpip \Device\Ip     avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Tcpip \Device\Tcp    avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Tcpip \Device\Udp    avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice  \Driver\Tcpip \Device\RawIp  avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

Dodano Dzisiaj, 22:45:
Serdecznie Was proszę...czy ktoś może mi pomóc?

Dodano Dzisiaj, 10:39:
Serdeczne dzięki za pomoc.
Okazało się, że to klawiatura nadawała się "na złom".

Dobrze wiedzieć, że odesłać do regulaminu miał kto, ale żeby jakoś pomóc w rozwiązaniu problemu, to już ciężej...