Od jakiegoś czasu praca komputera jest dosyć mocno spowolniona ale nie jest to wina sprzętu, ponieważ na początku działał naprawdę sprawnie i bez problemów. Poniżej zamieszczam logi. Z góry dziękuję za pomoc.
GMER:
- Kod: Zaznacz wszystko
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-20 20:07:46
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HM100JC rev.YN100-08
Running: o1745644.exe; Driver: C:\DOCUME~1\user\USTAWI~1\Temp\pgtdrpob.sys
---- System - GMER 1.0.15 ----
SSDT sptd.sys ZwCreateKey [0xF746BEB0]
SSDT sptd.sys ZwEnumerateKey [0xF74A0018]
SSDT sptd.sys ZwEnumerateValueKey [0xF74A03A6]
SSDT sptd.sys ZwOpenKey [0xF746BE90]
SSDT sptd.sys ZwQueryKey [0xF74A047E]
SSDT sptd.sys ZwQueryValueKey [0xF74A02FE]
SSDT sptd.sys ZwSetValueKey [0xF74A0510]
INT 0x62 ? 845AACB8
INT 0x82 ? 845AACB8
INT 0x84 ? 841CBF00
INT 0x94 ? 841CBF00
INT 0xA4 ? 841CBF00
---- Kernel code sections - GMER 1.0.15 ----
.text sptd.sys F742F000 32 Bytes [98, 32, 6D, 80, 20, 37, 6D, ...]
.text sptd.sys F742F024 4 Bytes [74, 1F, 42, F7]
.text sptd.sys F742F02C 408 Bytes [32, 37, 5A, 80, 9C, AD, 52, ...]
.text sptd.sys F742F1C5 15 Bytes [70, 53, 80, A2, F7, 5C, 80, ...]
.text sptd.sys F742F1E4 4 Bytes [0A, CE, 2C, 4D] {OR CL, DH; SUB AL, 0x4d}
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xF74DBB0B]
? C:\WINDOWS\system32\drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
.text USBPORT.SYS!DllUnload F686A8AC 5 Bytes JMP 841CB410
---- User code sections - GMER 1.0.15 ----
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F743121E] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F743071C] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F7430EFE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F743071C] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7430900] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7430842] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74310DC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F7430EFE] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7444EFA] sptd.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[164] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3312] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3712] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 845A91E8
Device \Driver\usbohci \Device\USBPDO-0 8422D430
Device \Driver\usbohci \Device\USBPDO-1 8422D430
Device \Driver\usbehci \Device\USBPDO-2 8422A430
Device \Driver\Cdrom \Device\CdRom0 841F4430
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F738AB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F738AB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F738AB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F738AB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBT_Tcpip_{5F91AB24-4E98-4C22-9912-C16A81362E43} 84261430
Device \Driver\NetBT \Device\NetBt_Wins_Export 84261430
Device \Driver\NetBT \Device\NetbiosSmb 84261430
Device \Driver\usbohci \Device\USBFDO-0 8422D430
Device \Driver\usbohci \Device\USBFDO-1 8422D430
Device \Driver\NetBT \Device\NetBT_Tcpip_{7DEDE796-7847-4431-BDF5-FA632332C854} 84261430
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 84264430
Device \Driver\usbehci \Device\USBFDO-2 8422A430
Device \FileSystem\MRxSmb \Device\LanmanRedirector 84264430
Device \FileSystem\Cdfs \Cdfs 841FE430
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
---- EOF - GMER 1.0.15 ----
OTL:
- Kod: Zaznacz wszystko
OTL logfile created on: 2011-02-20 20:13:12 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\user\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
446,00 Mb Total Physical Memory | 70,00 Mb Available Physical Memory | 16,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 26,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 13,68 Gb Free Space | 46,69% Space Free | Partition Type: NTFS
Drive D: | 63,86 Gb Total Space | 58,81 Gb Free Space | 92,10% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011-02-20 20:09:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-02-20 19:38:54 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\Downloads\o1745644.exe
PRC - [2011-02-10 04:14:59 | 000,994,872 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-03-25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-08-28 22:12:32 | 000,057,344 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Program symulacyjny\apache-tomcat-5.5.27\bin\tomcat5.exe
PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-10-26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2006-09-13 11:25:00 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE
PRC - [2005-03-04 13:13:04 | 000,032,768 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe
PRC - [2005-02-23 18:13:10 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2004-08-16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2011-02-20 20:09:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\Downloads\OTL.exe
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010-03-25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2008-08-28 22:12:32 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Program symulacyjny\apache-tomcat-5.5.27\bin\tomcat5.exe -- (SkandiaSym)
SRV - [2004-12-27 17:12:16 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004-08-16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011-02-20 18:39:58 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{4E459871-AD5E-4588-9D67-EC52752259FA}\MpKslf7dc96fd.sys -- (MpKslf7dc96fd)
DRV - [2011-02-15 19:57:17 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-16 14:54:40 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-14 09:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008-06-16 10:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008-04-13 23:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2005-03-02 00:09:02 | 000,240,640 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005-02-25 19:45:32 | 000,013,312 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005-02-24 14:20:22 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-01-14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2004-10-08 10:51:08 | 001,270,540 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003-07-18 09:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1604221776-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.money.pl/gielda/
IE - HKU\S-1-5-21-790525478-1604221776-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: SignPlugin@pekao.pl:1.3.0.80
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-02-06 16:43:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-02-06 15:34:13 | 000,000,000 | ---D | M]
[2010-11-09 15:03:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2011-02-19 16:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\qolfb8wu.default\extensions
[2010-11-12 15:10:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\qolfb8wu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-18 15:50:44 | 000,000,000 | ---D | M] (PEKAO S.A. Sign Plugin) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\qolfb8wu.default\extensions\SignPlugin@pekao.pl
[2011-02-19 16:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-11-24 07:49:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009-11-16 14:39:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-790525478-1604221776-1177238915-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-790525478-1604221776-1177238915-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-790525478-1604221776-1177238915-1004..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1604221776-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O16 - DPF: {611E065A-3391-4EE5-85C7-1F56719D0F58} https://csou.benefia.pl/csouhtmlcommon/components/FIATCOMMON2.CAB (FIATCOMMON2.logoff)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258381078218 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A41} https://www.pekaobiznes24.pl/sme/static/components/1,3,0,82/SignActivXPEKAO.cab (SignActivX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-16 13:22:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1b5c3296-01fa-11e0-825a-001636029767}\Shell\Option1\Command - "" = F:\HBCD\Wintools\Autorun.exe
O33 - MountPoints2\{3f3e6136-4c5e-11df-819b-001636029767}\Shell\AutoRun\command - "" = p3vwxx.exe
O33 - MountPoints2\{3f3e6136-4c5e-11df-819b-001636029767}\Shell\open\Command - "" = p3vwxx.exe
O33 - MountPoints2\{88d8a96a-2d76-11e0-825f-001636029767}\Shell - "" = AutoRun
O33 - MountPoints2\{88d8a96a-2d76-11e0-825f-001636029767}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe
O33 - MountPoints2\{8e5f0a5b-8800-11df-81d5-001636029767}\Shell - "" = AutoRun
O33 - MountPoints2\{8e5f0a5b-8800-11df-81d5-001636029767}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL vIUOqu.eXe
O33 - MountPoints2\{cd3e02b6-f9da-11de-813e-001636029767}\Shell\AutoRun\command - "" = F:\anoataly.exe
O33 - MountPoints2\{cd3e02b6-f9da-11de-813e-001636029767}\Shell\open\Command - "" = F:\anoataly.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011-02-17 17:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu 10
[2011-02-17 17:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-02-17 17:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2011-02-16 18:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\Nowy folder
[2011-02-15 20:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Przyspiesz Komputer
[2011-02-15 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer
[2011-02-06 21:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\Downloads
[2011-02-05 16:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programy\Google Chrome
[2011-02-04 20:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Odkurzacz
[2011-02-04 20:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2011-02-04 20:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2011-01-31 21:22:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Business Everywhere
[2011-01-31 21:20:25 | 000,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll
[2011-01-31 21:20:25 | 000,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys
[2011-01-31 21:20:25 | 000,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys
[2011-01-31 21:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\OrangeBS
[2011-01-31 21:18:14 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2011-01-31 21:18:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2011-01-31 21:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2011-01-31 21:15:17 | 000,103,936 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys
[2011-01-31 21:15:10 | 000,103,936 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbnmeaext.sys
[2011-01-31 21:15:06 | 000,103,936 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys
[2011-01-31 21:15:03 | 000,103,936 | R--- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys
[2011-01-31 21:14:57 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011-01-31 21:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\CardDetector
[2004-11-24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011-02-20 19:56:02 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-20 19:37:23 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{38FAE762-7F76-4B8A-8B53-76828BD2D90C}.job
[2011-02-20 19:35:00 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2011-02-20 19:28:01 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1604221776-1177238915-1004UA.job
[2011-02-20 19:17:46 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-20 18:29:47 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-20 18:20:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-02-20 18:20:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-02-20 18:20:49 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-19 22:11:47 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2011-02-19 16:28:02 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1604221776-1177238915-1004Core.job
[2011-02-19 13:44:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-02-17 17:39:57 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-02-17 17:39:53 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-02-16 18:22:26 | 000,265,563 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\20100705(005).jpg
[2011-02-15 19:57:17 | 000,428,088 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011-02-13 13:54:58 | 000,002,301 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Google Chrome.lnk
[2011-02-13 13:45:44 | 000,286,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-13 13:43:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-04 20:45:01 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2011-02-04 20:33:55 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\RegCleaner.lnk
[2011-02-04 16:27:45 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-31 21:22:48 | 000,001,922 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Business Everywhere.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011-02-17 17:39:56 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-02-17 17:39:51 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-02-17 17:34:55 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-02-16 18:15:31 | 000,265,563 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\20100705(005).jpg
[2011-02-15 20:14:32 | 000,163,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-02-15 19:57:15 | 000,428,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011-02-05 16:25:58 | 000,002,301 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Google Chrome.lnk
[2011-02-05 16:23:48 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1604221776-1177238915-1004UA.job
[2011-02-05 16:23:46 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1604221776-1177238915-1004Core.job
[2011-02-04 21:07:46 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-02-04 20:45:01 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2011-02-04 20:33:54 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\RegCleaner.lnk
[2011-01-31 21:22:48 | 000,001,922 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Business Everywhere.lnk
[2010-08-14 10:39:01 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-06-29 16:30:59 | 000,072,240 | ---- | C] () -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-04 11:34:46 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-18 15:29:52 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009-11-18 15:29:52 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009-11-16 14:31:33 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009-11-16 14:31:30 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009-11-16 14:27:56 | 000,083,997 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2009-11-16 14:27:43 | 000,100,839 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2009-11-16 14:12:06 | 001,116,738 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-16 14:12:05 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-11-16 14:11:33 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-11-16 13:48:22 | 007,469,984 | -H-- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-16 13:28:47 | 000,072,632 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-16 13:27:56 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\user\Dane aplikacji\desktop.ini
[2009-11-16 13:22:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009-11-16 13:19:31 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009-11-16 13:19:31 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009-11-16 13:18:16 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009-11-16 13:18:15 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008-12-19 15:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 17:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 17:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 17:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 17:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 16:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-12-11 11:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-04-15 13:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008-04-15 13:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-04-15 13:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008-04-15 13:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-04-15 13:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-04-15 13:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008-04-15 13:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-04-15 13:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008-04-15 13:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-04-15 13:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008-04-15 13:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008-04-15 13:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-04-15 13:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008-04-15 13:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-04-15 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-04-15 13:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-04-15 13:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-04-15 13:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008-04-15 13:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008-04-15 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008-04-15 13:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008-04-15 13:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008-04-15 13:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008-04-15 13:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008-04-15 13:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008-04-15 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-04-15 13:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008-04-15 13:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008-04-15 13:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008-04-15 13:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008-04-15 13:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008-04-15 13:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2008-04-15 13:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2008-04-15 13:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008-04-15 13:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2008-04-15 13:00:00 | 000,000,582 | ---- | C] () -- C:\WINDOWS\win.ini
[2008-04-15 13:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2008-04-15 13:00:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004-12-20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004-12-20 11:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004-10-03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[color=#E56717]========== LOP Check ==========[/color]
[2009-11-16 15:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2011-02-17 17:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-11-16 15:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Ashampoo
[2011-02-17 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu 10
[2009-11-16 16:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\OpenOffice.org
[2011-02-20 18:29:47 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011-02-20 19:37:23 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{38FAE762-7F76-4B8A-8B53-76828BD2D90C}.job
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
Extras:
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2011-02-20 20:13:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\user\Moje dokumenty\Downloads
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
446,00 Mb Total Physical Memory | 70,00 Mb Available Physical Memory | 16,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 26,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 13,68 Gb Free Space | 46,69% Space Free | Partition Type: NTFS
Drive D: | 63,86 Gb Total Space | 58,81 Gb Free Space | 92,10% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-790525478-1604221776-1177238915-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IrfanView\i_view32.exe" = C:\Program Files\IrfanView\i_view32.exe:*:Enabled:IrfanView -- (Irfan Skiljan)
"C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeBS\BEWInternet-PL\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E433A99-9280-4E66-8A48-E8BCD8A8DCED}" = Type1515 TWAIN Driver Ver.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{75C88878-05C8-4A58-9206-B184624D64A2}_is1" = Kalkulator v.2.1.0
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Program instalacyjny klienta Atheros
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish
"{B685B803-BA80-4DCF-AA61-DA149479D8F7}" = Type161 TWAIN Driver Ver.4
"{BEWINTERNET-PL}.UninstallSuite" = Odinstaluj Business Everywhere
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Axa_is1" = Plan Inwestycyjny AXA - program symulacyjny 1.0
"CardDetectorZTEMF636" = Card Detector for ZTE MF636
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Gadu-Gadu 10" = Gadu-Gadu 10
"ie8" = Windows Internet Explorer 8
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"IrfanView" = IrfanView (remove only)
"Kalkulator Generali_is1" = 1.0.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Odkurzacz 12.5_is1" = Odkurzacz 12.5
"PK-PCSU_is1" = Przyspiesz Komputer
"Przelew.com 2008_is1" = Przelew.com 2008
"Royale_is1" = Royale
"SiS VGA Driver" = SiS VGA Utilities
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SnadBoy's Revelation v2" = SnadBoy's Revelation v2
"The KMPlayer" = The KMPlayer (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"woj. lubelskie 2009" = woj. lubelskie 2009
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XviD_is1" = XviD MPEG-4 Video Codec
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-790525478-1604221776-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2010-06-11 03:38:03 | Computer Name = ACER | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office PowerPoint.
Error - 2010-06-16 11:59:12 | Computer Name = ACER | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application excel.exe, version 12.0.6535.5002, stamp 4bd2a7f1,
faulting module excel.exe, version 12.0.6535.5002, stamp 4bd2a7f1, debug? 0, fault
address 0x00068297.
Error - 2010-06-23 03:38:01 | Computer Name = ACER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6519.0, P3 timeout, P4 1.1.5902.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.
Error - 2010-06-23 03:51:06 | Computer Name = ACER | Source = Google Update | ID = 20
Description =
Error - 2010-06-29 02:51:07 | Computer Name = ACER | Source = Google Update | ID = 20
Description =
Error - 2010-06-29 11:29:10 | Computer Name = ACER | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 2010-06-29 11:30:01 | Computer Name = ACER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2147550906, P2 unspecified, P3 scanfile,
P4 2.1.6519.0, P5 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 2010-07-07 04:42:31 | Computer Name = ACER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 2.1.6805.0,
P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P8 NIL, P9 NIL, P10 NIL.
Error - 2010-07-07 04:42:32 | Computer Name = ACER | Source = MSSecurityEssentials | ID = 5000
Description =
[ OSession Events ]
Error - 2010-03-01 12:00:19 | Computer Name = ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26141
seconds with 3240 seconds of active time. This session ended with a crash.
Error - 2010-05-06 10:21:33 | Computer Name = ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 7187
seconds with 2940 seconds of active time. This session ended with a crash.
Error - 2010-06-16 11:58:55 | Computer Name = ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 14113
seconds with 600 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2011-01-31 16:20:22 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%800 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-01-31 16:20:22 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%801 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-02-04 09:48:20 | Computer Name = ACER | Source = Windows Update Agent | ID = 16
Description = Nie można nawiązać połączenia: System Windows nie może połączyć się
z usługą aktualizacji automatycznych i dlatego nie można pobrać i zainstalować
aktualizacji zgodnie z ustalonym harmonogramem. System Windows będzie kontynuował
próby ustanowienia połączenia.
Error - 2011-02-04 09:57:09 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
ZARZĄDZANIE NT\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0
Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 2011-02-04 09:57:12 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%800 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-02-04 09:57:12 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%801 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-02-04 09:57:12 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%800 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-02-04 09:57:12 | Computer Name = ACER | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.95.1522.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.6402.0&avdelta=1.95.1522.0&asdelta=1.95.1522.0&prod=BCF43643-A118-4432-AEDE-D861FCBCFCDE
Signature
Type: %%801 Update Type: %%803 User: ZARZĄDZANIE NT\USŁUGA SIECIOWA Current Engine
Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072ee7 Error description:
The server name or address could not be resolved
Error - 2011-02-08 13:14:50 | Computer Name = ACER | Source = Service Control Manager | ID = 7011
Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji
z usługi Netman.
Error - 2011-02-15 15:28:26 | Computer Name = ACER | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.
< End of report >