Zawieszanie się gier, powolna praca komputera.

**Posty:** 253 · przez **Aragorn160** 27 Maj 2011, 22:28

Ostatnio zaczęły mi się zawieszać gry np. dzisiaj odpalając Mafie miałem taką zwieche, że tylko reset pozostawał bo nic innego się nie dało zrobić (ctrl + alt + del lub alt + F4 nic nie dawało). Przeglądarka Internet Explorer stała się bardzo powolna, strona startowa ładuje się pół minuty... Myślę, że to wina jakiegoś syfa na kompie lub też komputer daje znak, że najwyższy czas na formata. Zamieszczam logi:

OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2011-05-27 19:20:37 - Run 5 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Grzegorz\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,58% Memory free 3,85 Gb Paging File | 3,28 Gb Available in Paging File | 85,15% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 34,14 Gb Free Space | 34,95% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 42,27 Gb Free Space | 31,26% Space Free | Partition Type: NTFS Computer Name: GR2EG0RZ | User Name: Grzegorz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-05-27 19:14:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Moje dokumenty\Downloads\OTL.exe PRC - [2011-05-07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2011-04-18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011-04-14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011-03-28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011-03-28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2011-03-16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe PRC - [2011-03-16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe PRC - [2011-02-22 17:28:56 | 000,743,232 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2011-02-22 17:27:56 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2011-02-08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-03-06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-05-27 19:14:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzegorz\Moje dokumenty\Downloads\OTL.exe MOD - [2008-04-15 14:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011-04-19 15:44:23 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-03-28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011-03-21 13:12:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-02-22 17:27:56 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-02-22 17:26:08 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2011-02-08 19:30:00 | 004,067,472 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2007-03-06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-04-19 18:19:42 | 006,394,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2011-04-14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-02-22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011-02-10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-02-10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-01-07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010-12-24 23:16:42 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-12-24 23:16:41 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-11-12 14:40:12 | 000,273,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2010-06-22 00:07:39 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2010-02-24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-01-27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2005-10-09 05:26:40 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wyborcza.pl/0,0.html?p=110 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-1993962763-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-515967899-1993962763-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-1993962763-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011-05-22 10:00:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-05-09 20:37:59 | 000,000,000 | ---D | M] [2011-05-09 20:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Extensions [2011-05-19 07:05:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\5s4eqkam.default\extensions [2011-05-09 20:40:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\5s4eqkam.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-05-11 17:12:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-05-11 17:12:10 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de File not found (No name found) -- () (No name found) -- C:\DOCUMENTS AND SETTINGS\GRZEGORZ\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\5S4EQKAM.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\GRZEGORZ\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\5S4EQKAM.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2011-05-22 10:00:18 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4 [2010-12-25 17:57:03 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011-04-14 18:59:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-04-05 20:12:28 | 000,002,049 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKU\S-1-5-21-515967899-1993962763-682003330-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-1993962763-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab (SysInfo Class) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-23 12:48:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-05-27 17:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\MINECRAFT SERWER #4 [2011-05-23 18:57:26 | 000,000,000 | RH-D | C] -- C:\AHCache [2011-05-22 10:17:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2011-05-22 10:17:30 | 000,891,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL [2011-05-22 10:17:30 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2011-05-22 10:17:30 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [2011-05-22 10:17:29 | 009,721,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE [2011-05-22 10:17:29 | 001,489,512 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe [2011-05-22 10:17:28 | 006,394,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [2011-05-22 10:17:28 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2011-05-22 10:17:26 | 002,180,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe [2011-05-22 10:17:26 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys [2011-05-22 10:17:20 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2011-05-22 10:17:19 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2011-05-22 10:17:19 | 000,285,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL [2011-05-22 10:17:18 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE [2011-05-22 10:17:13 | 001,284,712 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2011-05-22 10:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011-05-22 10:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Menu Start\Programy\Revo Uninstaller [2011-05-22 10:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2011 [2011-05-18 17:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA [2011-05-17 13:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki [2011-05-17 13:37:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\embedded [2011-05-17 13:25:36 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\eax.dll [2011-05-15 12:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Menu Start\Programy\Fraps [2011-05-14 15:38:44 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Documents and Settings\Grzegorz\Pulpit\lame_enc.dll [2011-05-11 17:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2011-05-11 17:12:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Menu Start\Programy\Unlocker [2011-05-11 16:47:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\canary mod [2011-05-10 12:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Moje dokumenty\JustCause [2011-05-10 12:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2011-05-09 20:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Moje dokumenty\Pobieranie [2011-05-09 20:38:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Mozilla [2011-05-09 20:38:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla [2011-05-07 16:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\TS3Client [2011-05-07 16:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client [2011-05-06 14:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Menu Start\Programy\RaidCall [2011-05-06 14:48:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\teamspeak2 [2011-05-06 14:48:13 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm [2011-05-04 17:27:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Moje dokumenty\Ulead VideoStudio [2011-05-04 17:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Menu Start\Programy\WinRAR [2011-05-04 17:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR [2011-05-03 17:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Moje dokumenty\Nowy folder [2011-05-03 16:21:17 | 000,000,000 | ---D | C] -- C:\iOrgSoft VideoConverter [2011-05-03 15:54:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\GetRightToGo [2011-05-02 15:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Amnesia - The Dark Descent [2011-05-01 22:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\frapss [2011-04-28 18:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzegorz\Pulpit\Jak rozpetalem druga wojne swiatowa (1970) [PL] [DVDRip] [x264-RmvBusterS] [2011-04-15 20:44:26 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [2010-11-03 12:33:35 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Documents and Settings\Grzegorz\Dane aplikacji\MinecraftSP.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-05-27 19:17:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-05-27 19:17:03 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-05-27 19:17:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-05-27 19:17:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-05-27 19:16:19 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\Grzegorz\ntuser.dat [2011-05-27 19:16:19 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Grzegorz\ntuser.ini [2011-05-27 19:12:16 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-05-27 13:22:14 | 116,227,377 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2011-05-25 17:23:31 | 002,109,708 | -H-- | M] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-05-24 12:10:14 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-05-23 19:03:28 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\piramidka.bmp [2011-05-23 17:52:26 | 000,005,366 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Dokument.rtf [2011-05-22 10:00:46 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk [2011-05-21 12:20:33 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\lol.bmp [2011-05-20 22:05:59 | 003,769,232 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\stay hurts.mp3 [2011-05-20 21:49:10 | 002,876,889 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\1623c77e0028518a4d7e1a77.mp3 [2011-05-20 18:51:59 | 000,263,618 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\impreza-tnt.JPG [2011-05-19 21:33:04 | 000,095,887 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Giant_planes_comparison.svg [2011-05-19 21:24:16 | 002,929,970 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Blue - I can.mp3 [2011-05-18 22:23:11 | 000,075,868 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\null.htm [2011-05-18 17:19:48 | 001,199,760 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-05-18 17:19:48 | 000,552,634 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-05-18 17:19:48 | 000,490,808 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-05-18 17:19:48 | 000,103,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-05-18 17:19:48 | 000,083,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-05-18 15:55:06 | 000,004,138 | ---- | M] () -- C:\Documents and Settings\Grzegorz\.recently-used.xbel [2011-05-16 21:35:37 | 004,977,970 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\2e37f027000f45134b77a164.mp3 [2011-05-16 16:10:31 | 001,308,662 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\lagi.bmp [2011-05-16 15:10:00 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-15 20:13:39 | 002,909,072 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\coming home.mid.mp3 [2011-05-15 20:06:01 | 002,904,056 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Hotel FM - Change.mp3 [2011-05-15 19:53:36 | 002,893,607 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Katie Wolf - What about my dream.mp3 [2011-05-15 09:56:19 | 002,747,277 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\running scared.mp3 [2011-05-14 22:59:11 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Google Chrome.lnk [2011-05-14 20:08:02 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\Counter Strike 1.6 Non Steam.lnk [2011-05-14 20:06:08 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2011-05-14 15:46:46 | 000,096,570 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Moje dokumenty\127.1.jpg [2011-05-11 22:01:51 | 003,843,166 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\rangers.mp3 [2011-05-10 13:53:32 | 000,348,523 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Tibia_dat.bak [2011-05-10 12:44:20 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Just Cause.lnk [2011-05-09 20:38:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2011-05-09 20:38:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-05-07 16:23:06 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2011-05-06 14:53:03 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\RaidCall.lnk [2011-05-06 14:48:13 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm [2011-05-03 16:08:12 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\vuze720.bmp [2011-05-03 15:38:30 | 019,718,933 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\prezenmtacjaa.avi.wmv [2011-05-03 13:26:30 | 000,500,736 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\prezentacja.MSWMM [2011-04-29 12:53:54 | 000,022,571 | ---- | M] () -- C:\Documents and Settings\Grzegorz\Pulpit\DarkChampion.mp3 [2011-04-27 21:30:45 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-05-23 19:03:27 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\piramidka.bmp [2011-05-23 18:55:57 | 003,717,344 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Paint.NET.3.5.8.Install.exe [2011-05-23 17:52:25 | 000,005,366 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Dokument.rtf [2011-05-22 10:00:46 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2011.lnk [2011-05-20 21:14:20 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\lol.bmp [2011-05-20 18:58:20 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\Grzegorz\ntuser.dat [2011-05-20 18:51:59 | 000,263,618 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\impreza-tnt.JPG [2011-05-19 21:33:03 | 000,095,887 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Giant_planes_comparison.svg [2011-05-19 21:13:13 | 003,769,232 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\stay hurts.mp3 [2011-05-18 22:23:15 | 000,075,868 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\null.htm [2011-05-18 15:55:06 | 000,004,138 | ---- | C] () -- C:\Documents and Settings\Grzegorz\.recently-used.xbel [2011-05-16 21:44:37 | 002,876,889 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\1623c77e0028518a4d7e1a77.mp3 [2011-05-16 16:10:31 | 001,308,662 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\lagi.bmp [2011-05-15 20:35:42 | 004,977,970 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\2e37f027000f45134b77a164.mp3 [2011-05-15 10:02:44 | 002,904,056 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Hotel FM - Change.mp3 [2011-05-15 10:01:02 | 002,909,072 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\coming home.mid.mp3 [2011-05-15 09:58:30 | 002,893,607 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Katie Wolf - What about my dream.mp3 [2011-05-15 09:55:15 | 002,929,970 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Blue - I can.mp3 [2011-05-15 09:54:01 | 002,747,277 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\running scared.mp3 [2011-05-14 20:08:02 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\Counter Strike 1.6 Non Steam.lnk [2011-05-14 20:06:08 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk [2011-05-14 15:46:43 | 000,096,570 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Moje dokumenty\127.1.jpg [2011-05-11 22:02:02 | 003,843,166 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\rangers.mp3 [2011-05-10 13:53:32 | 000,348,523 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Tibia_dat.bak [2011-05-10 12:44:20 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Just Cause.lnk [2011-05-09 20:38:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-05-09 20:38:01 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk [2011-05-09 20:38:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2011-05-07 16:23:06 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2011-05-06 14:53:02 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\RaidCall.lnk [2011-05-03 16:08:12 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\vuze720.bmp [2011-05-03 15:31:19 | 019,718,933 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\prezenmtacjaa.avi.wmv [2011-05-03 12:42:58 | 000,500,736 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\prezentacja.MSWMM [2011-04-29 12:56:09 | 000,022,571 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\DarkChampion.mp3 [2011-04-29 12:48:00 | 001,975,424 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Pulpit\ChmpSlct_BlindPick.mp3 [2011-04-05 20:18:14 | 000,012,208 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2011-04-04 14:02:46 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2011-04-03 21:39:42 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2011-03-26 18:31:39 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2011-03-19 13:51:52 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2011-02-08 14:05:22 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\TheHunterSettings_live.cfg [2011-01-18 23:50:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-01-18 23:50:35 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-01-11 15:19:12 | 000,738,032 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-01-10 19:56:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-12-31 23:14:53 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-29 11:01:20 | 000,120,253 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2010-12-28 20:46:17 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2010-12-27 16:13:53 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-12-27 16:13:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-12-27 11:28:51 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2010-12-25 17:51:31 | 000,093,698 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Uninstal.exe [2010-12-24 23:16:42 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-12-24 23:16:41 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-12-23 17:11:50 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-12-23 17:11:50 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Dane aplikacji\PnkBstrK.sys [2010-12-23 17:11:22 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-12-23 17:11:21 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2010-12-23 17:11:21 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010-12-23 16:28:11 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2010-12-23 16:24:35 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-12-23 16:16:40 | 000,235,352 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-12-23 16:16:39 | 000,235,352 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-12-23 16:16:39 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-12-23 13:38:45 | 001,199,760 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-12-23 13:38:44 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-12-23 13:37:35 | 001,415,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-23 13:00:12 | 000,026,536 | ---- | C] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-12-23 12:59:13 | 002,109,708 | -H-- | C] () -- C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-12-23 12:50:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-12-23 12:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2010-12-23 12:48:03 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-12-23 12:47:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-12-23 12:46:20 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-12-23 12:46:10 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2010-12-23 12:46:10 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2010-12-23 12:45:16 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2010-12-23 12:45:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2010-07-31 01:47:00 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-01-27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2008-10-22 06:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2008-04-15 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,552,634 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,490,808 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-15 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2008-04-15 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-15 14:00:00 | 000,103,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2008-04-15 14:00:00 | 000,083,266 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-15 14:00:00 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2008-04-15 14:00:00 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2008-04-15 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2008-04-15 14:00:00 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2008-04-15 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-15 14:00:00 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2008-04-15 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2008-04-15 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-15 14:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-15 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2008-04-15 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2008-04-15 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2008-04-15 14:00:00 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2008-04-15 14:00:00 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2008-04-15 14:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2008-04-15 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2008-04-15 14:00:00 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2008-04-15 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-15 14:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2008-04-15 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2008-04-15 14:00:00 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2008-04-15 14:00:00 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2008-04-15 14:00:00 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2008-04-15 14:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2008-04-15 14:00:00 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2008-04-15 14:00:00 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2008-04-15 14:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2008-04-15 14:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2008-04-15 14:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2008-04-15 14:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2008-04-15 14:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2008-04-15 14:00:00 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2008-04-15 14:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008-04-15 14:00:00 | 000,000,512 | ---- | C] () -- C:\WINDOWS\win.ini [2008-04-15 14:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2008-04-15 14:00:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2006-05-05 12:57:37 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2004-10-27 00:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2002-09-18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2002-03-17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000088.DLL [2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-07-07 04:00:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2011-01-04 16:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2011-05-22 10:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG10 [2010-12-24 19:22:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-01-04 17:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2011-01-12 16:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-01-12 16:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-12-23 20:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-02-07 23:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Hunter [2011-05-09 19:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2011-05-22 09:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-05-24 22:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-05-27 17:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2011-01-03 20:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ReviverSoft [2011-01-12 15:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2011-01-19 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2011-05-15 11:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-01-11 16:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2011-01-04 15:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-05-05 21:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2011-04-19 15:43:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2011-05-27 18:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\.minecraft [2011-01-04 17:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Ashampoo [2010-12-24 19:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\AVG10 [2011-05-25 16:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Azureus [2011-05-05 16:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\BESTplayer [2011-02-26 15:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\BlackBean [2011-02-26 15:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Braid [2011-01-12 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\DAEMON Tools [2011-01-04 17:08:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\DAEMON Tools Lite [2011-01-12 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\DAEMON Tools Pro [2011-04-05 20:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\facemoods.com [2011-04-08 19:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\FreeFLVConverter [2011-03-07 21:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Gadu-Gadu 10 [2011-05-03 16:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\GetRightToGo [2011-05-14 15:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\gtk-2.0 [2011-04-06 15:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Image Zone Express [2011-05-14 15:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\ipla [2011-01-21 19:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\LolClient [2011-01-03 20:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\OpenCandy [2011-01-08 11:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\OpenFM [2011-01-22 18:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\RaidCall [2011-04-13 16:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Raptr [2011-01-28 22:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\RDRM [2011-04-24 22:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\runic games [2011-03-23 19:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Stellarium [2011-03-16 17:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Tibia [2011-05-07 16:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\TS3Client [2011-01-11 16:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\TuneUp Software [2011-01-04 15:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Ubisoft [2011-01-16 16:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\Ulead Systems [2011-04-20 22:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\uTorrent [2011-02-11 22:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\ZombieDriver [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report >

OTL EXTRAS:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-05-27 19:20:37 - Run 5 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Grzegorz\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,58% Memory free 3,85 Gb Paging File | 3,28 Gb Available in Paging File | 85,15% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 34,14 Gb Free Space | 34,95% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 42,27 Gb Free Space | 31,26% Space Free | Partition Type: NTFS Computer Name: GR2EG0RZ | User Name: Grzegorz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "56801:TCP" = 56801:TCP:*:Enabled:Pando Media Booster "56801:UDP" = 56801:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "56801:TCP" = 56801:TCP:*:Enabled:Pando Media Booster "56801:UDP" = 56801:UDP:*:Enabled:Pando Media Booster "8381:TCP" = 8381:TCP:*:Enabled:League of Legends Launcher "8381:UDP" = 8381:UDP:*:Enabled:League of Legends Launcher "6916:TCP" = 6916:TCP:*:Enabled:League of Legends Launcher "6916:UDP" = 6916:UDP:*:Enabled:League of Legends Launcher "6975:TCP" = 6975:TCP:*:Enabled:League of Legends Launcher "6975:UDP" = 6975:UDP:*:Enabled:League of Legends Launcher "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "8382:TCP" = 8382:TCP:*:Enabled:League of Legends Launcher "8382:UDP" = 8382:UDP:*:Enabled:League of Legends Launcher "6942:TCP" = 6942:TCP:*:Enabled:League of Legends Launcher "6942:UDP" = 6942:UDP:*:Enabled:League of Legends Launcher "6925:TCP" = 6925:TCP:*:Enabled:League of Legends Launcher "6925:UDP" = 6925:UDP:*:Enabled:League of Legends Launcher "8383:TCP" = 8383:TCP:*:Enabled:League of Legends Launcher "8383:UDP" = 8383:UDP:*:Enabled:League of Legends Launcher "8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby "8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby "8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client "8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client "6926:TCP" = 6926:TCP:*:Enabled:League of Legends Launcher "6926:UDP" = 6926:UDP:*:Enabled:League of Legends Launcher [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Gadu-Gadu 10\gg.exe" = D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "D:\Program Files\Gameforge4D\AirRivals_PL\Launcher.atm" = D:\Program Files\Gameforge4D\AirRivals_PL\Launcher.atm:Enabled:GameExe2 "D:\Program Files\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe" = D:\Program Files\Gameforge4D\AirRivals_PL\Res-Voip\SCVoIP.exe:Enabled:GameVoIP "D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft) "D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft) "D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe" = D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "D:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe" = D:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts) "D:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe" = D:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application -- (Electronic Arts) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\theHunter\launcher\launcher.exe" = D:\Program Files\theHunter\launcher\launcher.exe:*:Enabled:theHunter Launcher -- () "D:\Program Files\Sierra\FEAR\FEAR.exe" = D:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR -- (Monolith Productions, Inc.) "D:\Program Files\Metin2\metin2.bin" = D:\Program Files\Metin2\metin2.bin:*:Enabled:metin2 -- () "D:\Program Files\Metin2\metin2client.bin" = D:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client -- () "I:\fscommand\CKSocketServer.exe" = I:\fscommand\CKSocketServer.exe:*:Enabled:Socket Server "D:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe" = D:\Program Files\Steam\SteamApps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- () "D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Program Files\Steam\SteamApps\common\alien swarm\srcds.exe" = D:\Program Files\Steam\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- () "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.) "C:\Program Files\Raptr\raptr.exe" = C:\Program Files\Raptr\raptr.exe:*:Enabled:Raptr Client -- () "C:\Program Files\Raptr\raptr_im.exe" = C:\Program Files\Raptr\raptr_im.exe:*:Enabled:Raptr IM -- () "D:\AeriaGames\WolfTeam\Wolfteam.bin" = D:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.) "D:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe" = D:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X -- () "D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe" = D:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator -- (Microsoft Corporation) "C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation) "D:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe" = D:\Program Files\Steam\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- () "D:\Riot Games\League of Legends\lol.launcher.exe" = D:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- () "C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\Valve\hl.exe" = D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{048B9E68-5A05-4549-B62B-3501059577F8}" = Thief - Deadly Shadows "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2147FAC7-7D35-4A2E-BEE4-BC0DAE54C0E5}" = SBK®X Superbike World Championship "{230E8DDC-FB78-4F9F-8461-22ED20DBC3BA}" = AVG 2011 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24 "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3C0F8411-A350-4B57-BA19-7C7B036037E2}" = Just Cause "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation "{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{656422DA-E1F7-4331-9EBE-BBF6E88580A9}" = Penumbra - Przebudzenie "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6C5F4CF4-6EFA-4B4E-95E7-3A6D5DF0C0C8}" = SBK®X Superbike World Championship "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{6E298B0A-558C-4138-0096-740677B382CD}" = WP Powrót Króla tm "{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7097B6F1-00D1-4C32-8376-98D0AC47A469}_is1" = Gimnazjum 2011 wersja 1.5 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL) "{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A1DD0268-4069-4D39-B6D2-E00DB50CA9C4}" = League of Legends "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5DD7359-5EB4-4D35-BBAF-E6A88269790B}" = League of Legends "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC1E4C93-C1E7-11D6-9D10-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.0_03 "{AC76BA86-7AD7-1033-7B44-A70700000002}" = Adobe Reader 7.0.7 "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BABA6734-23CF-42AC-9E4C-EA2C7C80AA4E}" = AVG 2011 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "18 Wheels of Steel Across America" = 18 Wheels of Steel Across America "18 Wheels of Steel Haulin" = 18 Wheels of Steel Haulin "7-Zip" = 7-Zip 9.20 "8461-7759-5462-8226" = Vuze "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced "Audacity_is1" = Audacity 1.2.6 "AVG" = AVG 2011 "Collective Thief: DS Texture Pack by John P. 1.03" = Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3 "Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "Gothic" = Gothic "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer cenzura! Program 7.0 "ie8" = Windows Internet Explorer 8 "InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo "ipla" = ipla 2.2.1 "Java Web Start" = Java Web Start "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Little Fighter 2" = Little Fighter 2 version 2.0 "LogMeIn Hamachi" = LogMeIn Hamachi "Mafia_is1" = Mafia "Metin2_is1" = Metin2 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Minecraft 1.2.0_02" = Minecraft 1.2.0_02 "Moje Gimnazjum 2011 Profil Matematyczno-Przyrodniczy1.0" = Moje Gimnazjum 2011 Profil Matematyczno-Przyrodniczy "Mozilla Firefox 4.0.1 (x86 pl)" = Mozilla Firefox 4.0.1 (x86 pl) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Oblivion mod manager_is1" = Oblivion mod manager 1.1.12 "OpenAL" = OpenAL "Plan It Green_is1" = Plan It Green "PunkBusterSvc" = PunkBuster Services "RaidCall" = RaidCall "Revo Uninstaller" = Revo Uninstaller 1.92 "Steam App 220" = Half-Life 2 "Steam App 320" = Half-Life 2: Deathmatch "Steam App 380" = Half-Life 2: Episode One "Steam App 400" = Portal "Steam App 420" = Half-Life 2: Episode Two "Steam App 440" = Team Fortress 2 "Steam App 500" = Left 4 Dead "Steam App 635" = Alien Swarm Dedicated Server "Stellarium_is1" = Stellarium 0.10.6.1 "Tasker_is1" = Tasker version 3.13 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Testy maturalne 2011" = Testy maturalne 2011 1.0 "theHunter" = theHunter (remove only) "Tibia_is1" = Tibia "Tunatic" = Tunatic "TuneUp Utilities" = TuneUp Utilities "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinGimp-2.0_is1" = GIMP 2.6.11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = WinRAR 4.00 (32-bitowy) "WMFDist11" = Windows Media Format 11 runtime "WolfTeam" = WolfTeam "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-515967899-1993962763-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-05-21 08:57:40 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-22 03:48:36 | Computer Name = GR2EG0RZ | Source = MsiInstaller | ID = 11311 Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 — Błąd 1311. SA_Error1311: StandardAction(0xC007051F): Nie znaleziono pliku źródłowego(archiwum): C:\Documents and Settings\All Users\Dane aplikacji\MFAData\pack\basex.cab. Sprawdź, czy plik istnieje i czy masz do niego dostęp. Error - 2011-05-22 03:48:44 | Computer Name = GR2EG0RZ | Source = MsiInstaller | ID = 11311 Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2011 — Błąd 1311. SA_Error1311: StandardAction(0xC007051F): Nie znaleziono pliku źródłowego(archiwum): C:\Documents and Settings\All Users\Dane aplikacji\MFAData\pack\AntiRkx.cab. Sprawdź, czy plik istnieje i czy masz do niego dostęp. Error - 2011-05-22 10:27:48 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-22 10:59:55 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-22 13:43:20 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-24 08:25:20 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-25 02:51:35 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-25 11:23:11 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. Error - 2011-05-25 15:34:48 | Computer Name = GR2EG0RZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd game.exe, wersja 1.0.0.0, moduł powodujący błąd ls3df.dll, wersja 0.0.0.0, adres błędu 0x0005ac2e. [ System Events ] Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:56 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:57 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-05-27 13:18:57 | Computer Name = GR2EG0RZ | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 < End of report >

Gmer:

Kod: Zaznacz wszystko: GMER 1.0.15.15627 - http://www.gmer.net Rootkit scan 2011-05-27 21:29:59 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD2500JS-00NCB1 rev.10.02E02 Running: dy40rul7.exe; Driver: C:\DOCUME~1\Grzegorz\USTAWI~1\Temp\fxriqpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xF77F0738] SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xF77F07DC] SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xF77F0878] SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xF77F0914] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB73843A0, 0x585A45, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xB38AA300, 0x3ACC8, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xB7E80300, 0x1B7E, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2376] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1152] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1788] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1824] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. ) AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. ) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x22 0xDC 0x13 0x01 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA3 0x18 0x8B 0xD9 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x22 0xDC 0x13 0x01 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA3 0x18 0x8B 0xD9 ... ---- EOF - GMER 1.0.15 ----

**Posty:** 18165 · przez **wojtas** 29 Maj 2011, 10:50

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1993962763-682003330-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
[2011-04-15 20:44:26 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
[2011-01-03 20:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzegorz\Dane aplikacji\OpenCandy

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Wykonaj czynności końcowe :
*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu

Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)

>>> Java™ 6